I find this move concerning, and wish that the Founder had looked for a new CEO that shared his values rather than a Private Equity and Mergers Expert.
Furthermore, the change to the GRIT motto is worrying. Trust is useless without Transparency when it comes to code and security.
As the database is encrypted in your device, you dont really need to self host. A keepass database in the Google cloud is not really problematic, although you should still choose a more private cloud provider.
make sure to use post-quantum encryption algs
Which algs would that be? ed25519 okay? Is that even an encryption alg? I’m not too hot with encryption.
Syncthing is probably a simple fix.
Assuming you have a degoogle’d phone. The syncthing-fork devs announced that they aren’t going to certify for Google Play when that’s made a requirement in a few months
Ugh, I forgot about this. Aren’t you still going to be able to install apps from third-party marketplaces? I thought the plan was just that the phone was going to hassle you and require multiple hoops.
I think other apps will require ADB to install
And you can use a keyfile separate from the database for even more security. If the database is backed up on Google Drive and the keyfile is saved on a USB or in a (non-Google) email somewhere for the rare times you add a new device, your passwords should be safe even from keyloggers or Google themselves.