> Maintaining one's data as private requires that it is protected as a baseline.

So you're conflating privacy with security, as I expected. These are separate matters, although I agree that privacy can't exist without security. And security can be achieved by different means, e.g., by choosing what to run. You can't force your threat model and security approach on everyone and claim that everybody who disagrees with you is insecure let alone has no privacy without good evidence.

> The security of a device should not be dependent on what you choose to run on it.

Why not? What's wrong with it? This is more or less how most desktops work.

> You should trust and be able to verify that the platform on which you are running the software prevents something malicious from accessing data which doesn't belong to it or otherwise violates the rules set by the platform (OS).

This is a big ask, and I doubt that many OSes can provide you such guarantee reliably. I would only trust Qubes OS with that, since it relies on strong, hardware-assisted virtualization and not purely on code correctness (my daily driver on desktop). I guess, regular CVEs confirm my opinion. On Qubes, the VM escape doesn't really happen.

> Thinking that you are secure because you only run "trusted" software on an insecure platform is cope.

This is exactly how security in a typical Linux server works, isn't? This is also similar to security through compartmentalization, when you isolate untrusted software from trusted environments.

I would even go as far as suggesting you to follow my approach at least partially, since installing and using any untrusted app on you GrapheneOS can destroy your privacy as long as the app has the internet access and can send tracking information about you to anyone.