Generally agreed, I would actually try using as many services with their progressive web apps.

The main reason I think they may need google services is the banking app. Mine will refuse to launch without google services installed.

You sound like the ideal candidate for a refurbished Pixel 7 / 8 from amazon.

Test its hardware thoroughly on the stock os in case you need to return it.

Install GrapheneOS using the Web installer.

Install Droid-ify into your main profile from the f-droid web page. It looks much better than the official f-droid client and actually has a working auto-update

Create a work profile. I use an app called Shelter as the work profile admin app. This allows you to auto freeze your big-tech apps to help with battery life / privacy. Install google services from the built-in GrapheneOS app store.

Enjoy.

I’ve been using Linode (now owned by Akamai) for a couple years now and have enjoyed their pricing / service.

You are correct, a VPN connection does not bridge to another profile. You can install a VPN in said work profile. The always-on VPN settings in grapheneos have the work icon to indicate what VPN is in your work profile.

That’s most likely the problem. In my experience, nearly all tor exit nodes are flagged as such and captchas are nearly impossible to “pass” when using such an exit node. I would try using a free VPN to test. Try protonvpn without an account and see if you can get past the captcha.

Are you using a VPN? It might be that changing your exit IP might help. I’ve noticed captchas get harder to pass if your on a VPN that has a lot of traffic trying to pass captchas. Probably DDoS protection.

IKR?? I feel personally targeted by this… And I’m OK with it.

Thanks! Flatpak-KCM is perfect as I’m thinking I’ll move to fedora KDE in a couple days when f40 drops. I’m hoping that the Wayland experience on NVIDIA GPUs will be smoother there than on GNOME.

To add on to this, if you are using flatpak apps and want granular permission control, check out flatseal. Fedora (IMO) has one of the best flatpak integrations out of the box. Other “sandboxing” or containerized app deployments are snaps (made by Canonical), and appimage (I’m not entirely sure this qualifies as an app container).

From my experience, flatpaks is currently leading in adoption when compared to the other two.

^^ Source: trust me bro

GrapheneOS also has this cool feature called Scramble PIN Layout to try and protect against guessing the pin from fingerprints on the screen.

I stand corrected, its been quite a few years since I needed to use the ADB backup so I guess back then it was more complete.

Found a good detailed explanation here.

Shame that it seems to be getting phased out for cloud backup solutions. Makes sense that google would want to control more of your data and make you pay for it.

As installing a custom ROM typically involves using ADB anyways, I would suggest that you back up your device normally (copy files over to a folder on your computer), and then use the built-in backup function in ADB to make a secondary complete backup.

Also, depending on your threat model, you might not want to move any files from your old installation to your new one. Its possible that the old files, applications, and linked accounts could compromise your new installation privacy / security. I also generally enjoy starting with a clean slate after a new OS install.