Which is more secure, desktop or mobile?

I use QubesOS on my desktop and GrapheneOS on my mobile. I’m always looking for ways to increase security and privacy in my environment. So I have a few questions. There are probably many people who share the same idea as me. I would like to help such people.

1.Which is more secure, desktop or mobile in the first place? Qubes is sandboxed using Xen and Grapheneos using Android technology.

  1. Is TorBrowser the best browser? I also heard that Chrominum is better than Firefox. (Bromite is the best on mobile) Is it safer than TorBrowser when Chrominum is set to Tor connection with Proxy setting? TorBrowser is based on Firefox ESR.

  2. Is Signal the best messaging app? However, Signal is not anonymous because it requires a phone number. So what is the best app that allows you to chat while remaining anonymous? Keybase? If you make a phone number with an SMS authentication app such as TextUp and use Signal with that phone number, is it anonymous and safest?

(From here, mobile talks will increase)

  1. Is it safe to use an app called Orbot if I want to connect each app via Tor? Won’t you use Orbot to break the security of your sandbox?

  2. Is an application called Shelter that can clone the application useful, but is it safe? It’s open source, but unsupported for years. I also want to use another app made by this developer, one that puts the screen in night mode, but please mention it here.

  3. Is it safer to use Signal to message my phone number than NextCloud or Standard Notes to save files, take notes or sync?

  4. If you want to edit Word and Excel files, is LibreOfiice for desktop and Collabora Office for mobile the safest and most convenient?

  5. Is Thunderbird + Engimaill + Torbirdy the best email software for desktop, and K-9 Mail + OpemKeyChan for mobile?

  6. Is KeePassXC good for desktop and KeePassDX for mobile as for 2-step verification application? Or is it better to use andOTP?

desktop because it’s have more apps and can control it more than mobile


Yes tor best one then comes firefox then ungoogled chromium or brave — no because tor browser made for tor browsing so they tweaked settings to hide you and normal browser just does not have those settings so you have do it (and you must use firefox to be same as other tor browsers and match same settings)


It’s best one. they encrypt everything and as you said the only problem that it’s uses phone number and another thing that it’s on mobile only i need it on mobile to use it’s PC version so im waiting them to open email signups until that you can use tox — using sms services it will for sure impact your privacy and security but not that much in my point of view so if you really want to use signal yes this would help (you need to trust them of course with your signal phone number so use good service)


yes, if i am right it’s made by same team from tor so yes its safe in fact it what makes you open tor in your phone like one that open before you open browser in PC so yes

more info ? also i heard Shelter isolate apps not clone them (im confused, HELP)


as i said they encrypts everything but for me i would like to not store everything in one place but do not get me wrong its fine tho to message yourself thing is i love to not store data in one place


did not use Collabora Office but libreoffice is good on my linux so yes


Yes (although i do not use them but all other users say its good)


Yes (although i use bitwarden but all other users say its good)

A very general answer:
If all of these additional hardware chips of smartphones (e.g., Bluetooth, WiFi, GPS) aren’t in your PC, you can say that the attack surface of your PC is smaller. Thus, you could say that it is “more secure.” However, in reality both systems likely rely on proprietary hardware and firmware, or the firmware is outdated/vulnerable. So the level of security depends on your threat model and use cases, as always.

There are already several discussions on this topic. No, there is no “best browser.” This relies on your use case.

There are already several discussions on this topic. No, there is no “best messenger.” This relies on your use case. There is no messenger that allows 100% anonymity, because anonymity does not only rely on technology but also on behavior. All messengers come with pros and cons.

Considering that is it a “release candidate” and often becomes outdated, nobody knows.

andOTP is for generating one-time passwords (used for 2FA). KeePass is for password management (and optionally for generating one-time passwords). So they cover other use cases.


Tips:

  1. Use the search function of the forum to find answers. Many of your questions are already discussed/answered in other threads.
  2. Keep in mind that there is no “most secure”, “safest” or “most anonymous” something. You can only rate this if you define threat models and use cases.
2 Likes

I’m reminded of this 2017 post, “Secure computing for journalists,” by cryptographer, Matthew Green:

I’m going to devote this post to providing the world’s simplest explanation of why, in the threat model of your typical journalist, your desktop machine isn’t very safe. And specifically, why you’re safer using a modern mobile device — and particularly, an iOS device — than just about any other platform.

Let me first preface by saying this is just my privacy enthusiast opinion. I dont work in the tech industry, nor do i code. Also the general answer would be “it depends on your threat model”

1 - Probably desktop, in the form of the various BSD distros out there. The reason is BSD is primarily developed with security in mind.
2. Probably TorBrowser cannot be best because it breaks functionality of a lot of mainstream websites. Could be Fennec or Bromite but not definitely Tor.
3. Depends on your threat model.
4 and 5. I dont know.
6. Standard Notes is for notes, and more optimized for actual note taking rather than Signal.
7. Safer. You could probably make malware for Libre as well, theoretically speaking. It may be safest to use Notepad or any hex editor to edit a .doc or .xls file but it wont be sane.
8. If you use Evolution over Whonix or Tails, it could be better than that.
9. You can use KeePass and its variant for 2FA but it may be safer to use a separate offline device for 2FA auth like andOTP.