[WhyRhy](https://discuss.privacyguides.net/u/WhyRhy)
(Rhy )
1 I just wanted to ask for people’s opinions on both privacy and security relating specifically to mobile devices and the use of Apps v Browser.
As I take a further deep-dive and enhancing my own privacy and security, I do sometimes wonder whether it’s better to have fewer apps and login via a browser. Mainly due to data persistence, device caching and so on. I guess this is part of a physical threat model if the device got into the hands of bad actors.
I am thinking about banking, e-mails, AI/LLMs and so on. This may not be possible for all services, such as those that have automated device uploads, although you could make this a manual process. For example, Ente. I think I read somewhere that you cannot toggle on/off the thumbnail cache. You have to manually delete the cache! I understand why you have a cache here for smaller images, but for users who have a higher privacy threshold, this should have the ability to not load images until toggled on. I don’t think this is just Ente, it just surprised me given their marketing around privacy etc. I’ve seen @vishnukvmd comment in several places around the cryptography, audits and so on - which is great, but very little about physical security.
For me, Apps are designed for convenience. And what do we sacrifice convenience for?: PRIVACY. Every. Single. Time. Whilst there are some insanely great developments in the world of privacy and security products - something I applaud loudly - there is a huge focus on e2ee zero knowledge. Also great! But I can’t help but feel there could be more done with these privacy-focussed apps relating to physical threat models. Taking the Ente example, above, if my device was in the hands of a bad actor, my device memory would include the cached thumbnails of images that have previously been loaded. Is it possible to prevent this, even if by a toggle that allows the user to not automatically load thumbnail images?
I think using a browser, wherever possible, may be better for privacy and physical threat models to avoid data lingering and discovery on a download.
2 Likes
Probably via source code modification and compilation, although whether you are willing to take matters into your own hands is another question entirely.
1 Like
If you use a strong password (passphrase) for your phone you shouldn’t be concerned about your data being compromised. I practice minimalism to avoid clutter so I try to avoid installing apps in general and definitely don’t install any proprietary apps other than a couple MFA apps for work that are installed in a different profile. I use the browser instead and it’s not much of a hassle other than needing to log in each time.
2 Likes
That depends on your threat model.
[Sorge](https://discuss.privacyguides.net/u/Sorge)
(Sorge)
5
Tux 7 Browsers provide much less access to the system overall. I refuse to install commercial apps. If something cannot be done in a browser, I will do without it.