Comment by ignoramous
10 days ago
> limit the number of apps ... lower attack surface ... If paranoid
While true in general, super apps that do too many things and used by billions (WhatsApp, Chrome, TikTok, Instagram, CleanMaster etc) are big enough of an attack surface already.
Defenses (compile-time / runtime memory safety & control flow integrity, media coders/decoders, sandboxes, for example) are getting better & so exploits are getting expensive.
> use a different device to access suspicios apps/sites with nothing on it
While using different devices is good enough, it requires the end user to maintain strict isolation (and sometimes may require appropriate features from the OS). Using burners is an extreme version of this practice.
>super apps that do too many things and used by billions (WhatsApp, Chrome, TikTok, Instagram, CleanMaster etc)
One of these are not like the others...
Burners seem extreme, but old used hardware still seems the best and only way you can sort of prove isolation on your own.
You can't trust software not to be buggy and both, hardware, and software not to be purposely compromised because "think of the children" (that the EFs proved to be BS).