What about Gaza?

I just expose my local machine to the internet, unsecured

Definitely yeah! If you’re just a regular person living in a fairly democratic country and you’re thinking about physically clogging your usb ports to avoid someone breaking in your room and tampering your device while you’re exploring Barcelona, or if you consider removing camera and microphone from your pixel phone that you use every day, you’re probably taking it too far.

OTOH I’m still having trouble getting people away from Meta apps and I think it’s absolutely crazy how little thought people put into the amount of data that Meta collects.

TBH even in many dictatorships you’re mostly fine just using a VPN and fake accounts if you have government critical opinions. But that’s just my personal experience. Goes without saying if you have a decent follower count or are some kind of journalist you should be very paranoid.

Anyway, the point is, it’s probably good to feel slightly paranoid because most people aren’t paranoid enough, but most of us are also not Edward Snowden or Saudi journalists, so there should be a balance between practicality and privacy.

You can’t really sideload at least not in a way that it makes your phone safe like it’s possible with GrapheneOS.

Imo iPhones are an alright lazy choice. It’s a little bit more private than vanilla android and you get E2EE, PGP encryption support and some extras like their VPN like thingy that masks your traffic. Also apps are sandboxed so they can’t track you as easily. It’s not like this will stop anyone who’s really after you but even regular law enforcement will have a hard time getting your data unless you unlock your phone for them, I know this from experience.

That being said, you will still need to trust Apple to stay the way they are currently, plus they’re not gonna go out of their way to protect you, they’ll obey the law because they’re corpos.

For really sensitive stuff I’d still keep something like a pixel with GrapheneOS without play services and without ever logging into any personal accounts. Might make sense to physically remove the camera and microphone too if you’re really worried.

I think you’re looking for overseerr/jellyseerr which does exactly that. Radarr/sonarr also have recommendations but it’s not as sophisticated

Kycnot.me is your friend. Go to a public WiFi (ideally use a VPN), get some Monero, buy a phone plan without KYC.

Kinda makes sense that honey pots show up here, idk there was another post the other day about some anonymous file sharing thing and it also seemed either a honeypot or just an amateur project which is okay in many cases but not when it’s about cryptography.