If you’re on their device, assume it’s a giant surveillance device. If you’re forced to do company work on your device, stick it in a VM.

You should probably do it on computer rather then on mobile. That’s why work applications are designed for computer and not your phone.

I wouldn’t say it’s square one, it currently exists and is usable right now at least. So the laws haven’t won yet. It definitely can be more prevalent though.

Nvm that may be a GrapheneOS only thing, idk

That’s an attack on e2ee, not on any specific provider. CSAM is just one of the ways they use to criminalize encryption.

You can erase the eSim. You can also turn it off, but I’m not sure to what extent is it disabled.

It doesn’t have full hardware access, it’s sandboxed.

It’s e2ee, that’s just for them to legally cover their ass. They have zero knowledge of what’s uploaded.

Something like Proton Cloud, or a self hosted Nextcloud instance. If it’s encrypted, it’s nobody’s business.

You’re paying to reserve some space in their cloud to store your encrypted bits. If you exchange money for that space, then you’re entitled for it to be encrypted and private.

uMatrix is abandoned

I’m surprised no one has forked it yet, or at least none that I know of

It blocks JavaScript altogether. NoScript is more fine tuned to allow the minimal amount of js to function.