Andromxda

They're really overpriced though. Flashing GrapheneOS is really easy thanks to their Web-based installer, and there are countless tutorials on YouTube.

Pixels are great, but definitely make sure to install GrapheneOS to increase your privacy and security

Or, if you want an older phone, try a Pixel 3, 4 or 5

These are outdated and don't get security updates anymore, and thus shouldn't be used anymore. The Pixel 6a is supported until 2028, the Pixel 8 even gets 7 years of security updates (until 2030), the Pixel 8a and 9 are supported until 2031.

/e/OS (also known as Murena) is also a good ROM for privacy

/e/OS is unfortunately highly insecure and shouldn't be compared to GrapheneOS or recommended. Graphene is really the better choice here.

can suggest a Bootloader Unlock: Wall of Shame

Unfortunately it only mentions unlocking. Re-locking the bootloader is just as important, and strictly necessary for Android Verified Boot to work.

Google services shouldn't even be needed for the apps OP listed above. Instagram works just fine without Google services, just like Discord, Telegram and Steam. I don't know about GitHub, but there are FOSS alternatives for it on F-Droid. Spotify (xManager) also works just fine.

You can unlock the bootloader on OnePlus devices, but you can't re-lock it afterwards, permanently leaving your device in an insecure state. This is a really bad idea, and definitely shouldn't be recommended.

The S10 came out in 2019 and hasn't been supported by the manufacturer for a long time, it's not a good idea either.

And lastly, LineageOS itself is pretty insecure. It is much weaker than stock Android or even iOS. You can read more about this here: https://madaidans-insecurities.github.io/android.html#lineageos
or here: https://eylenburg.github.io/android_comparison.htm

It also has much worse app compatibility than GrapheneOS, because it doesn't use the official Google Play services binary (which GrapheneOS puts in a sandbox to restrict its access), except you install it as a system application, which kinda defeats the whole purpose of using a custom ROM in the first place. GrapheneOS is the easiest, best and most secure choice for degoogling.

A Google Pixel with GrapheneOS is the best thing on the market for privacy and security.

GrapheneOS is a privacy and security-focused operating system, which is based on Android and retains full compatibility with Android apps. There are no Google services by default, but you can install Sandboxed Google Play services, which have much less access to your device, because they are running in the normal Android application sandbox, just like any other app you install, and can be removed at any time. GrapheneOS offers many other cool features, such as a network permission toggle, which lets you revoke internet access from any app (like e.g. the Google Camera app).

I'm glad you already know about F-Droid, because there are so many amazing apps there. After looking at your home screen and the apps you currently use, here are some quick recommendations from me:

• Before you start using F-Droid, add the IzzyOnDroid repoisitory, as it contains even more awesome apps that can't be found in the official repo
• Switch to a better F-Droid client, such as Droid-ify
• Revolution is the best IRC client I could find on F-Droid, it looks a little older (doesn't use the newest version of Material Design), but still works very well
• LibreTorrent is an amazing torrent client
• AntennaPod is IMO the best podcast app on Android
• The official Wikipedia app is available on F-Droid: https://f-droid.org/en/packages/org.wikipedia
• Element X is a new, rewritten version of the Element client (it's officially made by the Element team, and you can even try it out on iOS right now)
• Clock You is a good and modern looking clock/timer/stopwatch/alarm app
• There are a few Telegram apps on F-Droid. I have found Nekogram X to be the best. If you prefer the experience of the stock Telegram app, you can get Telegram-FOSS from F-Droid.
• For Signal, you can either use Signal-FOSS (requires a third-party repo), or an improved fork of the app called Molly (you can either get it from Accrescent, which is available in the GrapheneOS App Store), or by adding their custom F-Droid repo. Molly is officially recommended by the GrapheneOS project over the normal Signal app.
• The official GitHub app works just fine, but you can also try FOSS alternatives from F-Droid such as FastHub-Libre, or OctoDroid.

The other apps you mentioned in your post are not available on F-Droid, but I also have a few recommendations there:

• xManager for Spotify (it's a modded, patched version that removes ads)
• Aliucord for Discord (it removes some of the telemetry and tracking)
• Instagram and Steam can easily be downloaded from the Google Play Store. You can use Aurora Store, to download apps from Google Play without creating a Google Account.
• If you only need Steam for the authenticator, there is a way to get the verification codes in a FOSS TOTP authenticator like Aegis, without having to install the Steam app: https://help.ente.io/auth/migration-guides/steam/
• You can either use FFUpdate to download the Brave Browser, or use Obtainium to pull the APK from GitHub

Also check out Lawnchair launcher, since I at least find the stock launcher kinda lacking in features and UI/UX.

Feel free to ask me any further questions, either in this thread or via Lemmy DM

It's not a 100% guarantee, they can easily bypass your DNS by either just connecting to another DNS sever over plain, unencrypted DNS (UDP on 53), or use something more sophisticated like DNS-over-TLS or DNS-over-HTTPS.

You can reroute unencrypted DNS requests to your Pi-Hole using a firewall like OPNSense, but things get more complicated with DoT and DoH

You need to use powershell to de-deploy those packages.

Oh I did, I spent hours looking up different pwsh commands and package names to clean it all up

Which one do you mean? Winget which is their newest attempt at creating a package manager that isn't an absolute piece of garbage, or their crappy CLI for managing MSIX/APPX modules? Because I remember using the latter to try and remove Cortana back when I first tried Windows 10. Fast forward, I removed all the garbage I didn't need, applied a Windows update, restarted my PC and it was all reinstalled. I wiped that SSD the same day and went back to Linux. This was the last time I used Windows on any of my personal devices.

Hmm, I wonder if there could be an exploit where Recall is covertly turned on, so it can be used to exfiltrate data. Not a good idea to basically have a surveillance rootkit sitting passively on your system, with no ability to remove it, just waiting to get abused by attackers. But using this proprietary garbage OS nowadays isn't a good idea in general and there is a much better alternative.

It's a third-party project, not an opt-in feature of Bluesky.