@wolnoscwkieszeni @Andres4NY Thank you so much for sharing your perspective! You’re absolutely right—I should avoid generalizations, especially when discussing something as nuanced as security. The debate between mobile systems and traditional computers is full of important nuances, and it really depends on the context, threat model, and specific use case.

GrapheneOS is indeed a standout in the mobile security space, and I deeply respect the work that’s gone into making it a privacy-focused, hardened version of Android. That said, mobile devices inherently come with unique challenges. For example, modern smartphones are packed with sensors—GPS, accelerometers, microphones, cameras, and cellular modems—that create a broad attack surface. While GrapheneOS does an excellent job mitigating software-level risks, it can’t fully control the hardware or low-level drivers, which can still introduce vulnerabilities. Even something as seemingly innocuous as a SIM card can become an attack vector, often operating outside the OS’s visibility.

On the other hand, traditional computers—especially those running security-oriented Linux distributions—offer more flexibility in reducing that attack surface. For instance, you can build a highly secure workstation by combining 'Qubes OS' (with its powerful compartmentalization) and an open-source bootloader like 'Coreboot' to replace proprietary firmware. This setup allows you to physically disable or remove unnecessary sensors and components, something that’s far harder to do on a mobile device. Distributions like 'Tails' (for amnesic, privacy-focused use) or 'Qubes OS' (for isolation) demonstrate just how secure a Linux-based system can be when tailored for high-risk environments.

One of the biggest advantages of traditional computers is transparency: open hardware and drivers (while still not perfect) are generally more accessible and auditable than the closed ecosystems of most mobile devices. If you don’t need GPS, a microphone, or a cellular modem, you can simply omit them from your build. Try doing that with a smartphone!

Of course, security is never one-size-fits-all. Without a shared framework or threat model, it’s tough to declare one system definitively "more secure" than another. Different scenarios demand different solutions. For my part, I avoid using mobile phones for sensitive data entirely, simply because the risks associated with mobile networks and hardware-level vulnerabilities feel too significant. (I’m also fortunate enough not to rely on smartphones, so I’ll admit my perspective might be a bit biased—though I’m always open to learning more!)

Speaking of learning: Do you know of a reliable way to test GrapheneOS in a virtual machine? I’d love to get a hands-on impression of its capabilities and limitations—it’s always great to explore these tools firsthand!

Thanks again for the insightful discussion—I’m always eager to dive deeper into these topics!