What are your security, privacy, and technology content creator recommendations?

I know this is the Techlore forum, but I figured we could have a topic to dump our favorite security, privacy, and tech creators and crowdsource other sources we like to reference. These aren’t the only channels I’ll watch, but these are some of my favorites and more trusted.

Security and Privacy Channels

All of these guys are similar to Techlore in being calm, researched, and at least seeming to be objective by their tone and how they’re organized. I think that if you like Techlore, you may like these other channels.

All Things Secured - Almost boring in his approach because he does a good job of targeting the more likely threat models, which are scams and identity theft. Also solidly in the camp of approachable tech solutions for non-tech people.
Sumsub
Sun Knudsen
Side of Burritos - Extra points because his videos just end when he says the last thing he has to say. Literally go watch one and marvel and the chaddiness of his lack of outro.

Technology Channels

I would not be recommending consumer tech channels, these are more like the tech channels for configs and Linux and such.

The Linux Experiment - The MKBHD of Linux.
Brodie Robertson
LearnLinuxTV - A former IT director who will teach you how Linux works in a cool way.
Lawrence Systems
DistroTube

Who do you recommend?

2 Likes

I just found Sumsub this week. Really enjoying it so far.

If I May Add

Privacy And Security Channels

  1. The New Oil
  2. Naomi Brockwell: NBTV
  3. Mental Outlaw
  4. The Hated One

Technology Channels

  1. Seytonic
4 Likes

This is a nice list you got here, i also agree too. Favorite is probably the new oil, mental outlaw, and naomi.

3 Likes

Naomi Brockwell is one I need to watch more. The few videos I’ve seen of hers I thought were good.

3 Likes

As a lot of people have said, NBTV (Naomi Brockwell) is a great one to watch.

1 Like

I like Luke Smith: https://lukesmith.xyz/

He isn’t outright a “privacy” guy, but it is something he talks about regularly.

2 Likes

What to read & what to watch?

Not all websites are available in English but I recommend using https://deepl.org for translating :wink:

read (in general)

https://www.cnil.fr/en/gdpr-developers-guide a gdpr guide for developers provided by the french data protection authority in english
https://gdprhub.eu gdpr website
BfDI - Data protection is child protection - digital flyer english website (data protection is child protection)
https://kuketz-blog.de german it-security blog
https://madetomeasure.online/

https://degooglisons-internet.org/ french project
https://dayssincelastfacebookscandal.com/ self explaining
https://www.messenger-matrix.de/messenger-matrix-en.html overview how much privacy you’ll when using a messenger
https://digitalcourage.de german data privacy organization
https://data-kids.de privacy for kids
https://www.youngdata.de/ privacy for teens
https://jugendhackt.de
https://www.datenschutz-wiki.de privacy wiki (german)
https://ccc.de
www.digital-reset.de german

watch (channels)

https://media.ccc.de videos of ccc congresses (incl. translations)
https://media.defcon.org/ defcon (usa) videos
Select instance - Invidious Wolfgangs Channel (english) - Tech videos
Select instance - Invidious Nixie does Linux (english) - Tech
Select instance - Invidious Awesome Open Source (english)
Select instance - Invidious Learn Linux TV (english)
Select instance - Invidious Luke Smith (english)
Select instance - Invidious Computerphile (english)
(of course also the new oil, hated one and the other names which are often promoted in this forum)

watch (single videos)

Select instance - Invidious I’m worried about humanity’s future.
Select instance - Invidious deepfake nixon video
Select instance - Invidious reclaim control and freedoom (digital minimalism)
Select instance - Invidious zooms biggest mistake explained
Select instance - Invidious your phone is always listening
Select instance - Invidious only available in german but switch on subtitles (important subject on selling hard drives)
Select instance - Invidious why privacy matters

list of organizations / communities

https://epic.org/ us organization (unfortunatley no advice on open source & stuff)
https://eff.org
https://noyb.eu austrian privacy organization (the guy who sued facebook and got two laws under his name ;_) )
http://www.privacyinternational.org/ uk
https://libresolutions.network/ canada
https://www.privacyguides.org/ uk
https://disroot.org dutch
https://datengui.de/ german
https://switching.software/ switching software
Nubo nubo collective (i guess from belgium)
https://diggies.org swiss organization
https://www.laquadrature.net/ french organization
https://digitalcourage.de german organization
https://framasoft.org french organization
Framasoft full list of services
https://www.topio.info/ german
https://pgpainless.org/
https://fsfe.org free software foundation europe
https://feddit.de/c/kuketzblog feddit kuketzblog community
https://snopyta.org/ finland

list of hosters

https://chatons.org french hosting collective
https://framasoft.org french organization
https://yunohost.org/ yunohost
https://www.hostsharing.net/german
https://servercow.de
https://mailcow.de german email service
https://free.collocall.de/ big blue button
https://codeberg.org german gitea hoster
https://senfcall.de big blue button (german)
https://snopyta.org/ hoster from finland
https://hetzner.de budget server hoster
https://netcup.de budget server hoster

companies

https://www.nitrokey.com/ german
https://threema.ch/ swiss
https://fairphone.org dutch
https://tutanota.com/ german
https://mailbox.org german
https://posteo.de german
https://fairkom.eu austrian
https://www.tuxedocomputers.com/ german
https://workadventu.re french

roms

/e/ https://e.foundation/ spanish
LineageOS (but you still have work to do to absolutley free it from google)

service lists

Trouver par service | CHATONS chatons
https://cryptpad.fr
https://deepl.org
https://peertube.org
https://mobilizion.org
https://bookwyrm.social

events

Geek Beacon (usa)
Chaos Computer Club c3 / Chaos Camp (germany)
May Contain Hackers (the netherlands)

https://bigbrotherawards.de/ always also viewable online (free) - negative award (with english translation for the companies that don’t respect your privacy)
https://privacyweek.at austrian privacy week
Bits & Bäume (germany)https://www.hackerevents.org/
Defcon (usa)
https://freedomnotfear.org/ (germany/belgium)

=================
What I don’t recommend using

Windows10
Apple (all products)
Ecosia
DuckDuckGo
Telegram
Wire
Discord
Youtube
Google Products in General
ChromeOS
Google Chrome
Brave Browser
Safari Browser
Github (at least with no account)
1Password
MullvardVPN
Paypal
Yubikey
WebEx
Facebook / Instragram / WhatsApp
Protonmail
Zoom
TikTok
simple Text Messages
Audacity
Outlook
Office365

this list is not complete

2 Likes

Why do you not recommend;

Brave Browser

  • it has a lot of connections you can’t control. Right at the start it connects to variations.brave.com
  • when you start the browser for the first time a BraveServiceKey is generated which is transmitted to Brave servers for requests. This domain is used for experiments on a subset of Brave users. It’s unclear if this can be deactivated or if you are even part of the test group.
  • sends a lot of telemetry data which needs to be deactivated manually
  • add ons can only be installed with connecting to Google (Chrome)
  • Allows the reloading of Google and Facebook scripts. The user has to disbale it manually.
  • it starts connections to dictionaries and also sends your OS infos to 3rd party or affiliates

see:

[{"domains":["eaff.com","stg.eaff.com"],"headers":{"X-Brave-Partner":"eaff"},"cookieNames":[],"expiration":31536000000},{"domains":["sandbox.uphold.com","api-sandbox.uphold.com","uphold.com","api.uphold.com"],"headers":{"X-Brave-Partner":"uphold"},"cookieNames":[],"expiration":31536000000},{"domains":["www.grammarly.com","grammarly.com","static.grammarly.com","gnar.grammarly.com"], "headers":{"X-Brave-Partner":"grammarly"},"cookieNames":[],"expiration":31536000000}]

checked at Brave: Datensendeverhalten Desktop-Version – Browser-Check Teil1 ⋆ Kuketz IT-Security Blog (use translator of your choice).

In addition braves seach engine brave search states the following:

This data – if you allow us to collect it – is anonymous and only analyzed in aggregate. It will never identify you or your machine. The data tells us if Brave Search is useful enough to use again and, in turn, gives us a signal that we are approaching a viable alternative to other search engines.

Brave does not ask if you want to be part of the telemetry. Brave advertises itself as privacy-friendly out-of-the-box. It says nowhere that you have to actively object to tracking. This is safewashing.

Additionally Brave Search is hosted at Amazon Webservers (hello GAFAM).

Protonmail
Protonmail had released user data to authorities a year or two ago. In addition, Switzerland has been loosening its strict data protection laws for a long time. Switzerland is not part of the EU and is not subject to the GDPR.

MullvardVPN
You are sending your entire data traffic via this provider. Whether a VPN provider actually does not log or analyzes a user’s data traffic cannot be evaluated from someone outside Mullvard. I therefore do not recommend ANY vpns which are commercial or uncommercial. You have to compeltley trust the service, so it’s better you set it up yourself (if you can do it).

People need to understand that because Proton AG is a legally registered company they have to abide by laws or else they are an illegal company. In the case where they have revealed user data to the courts, it is because they have received a valid legal request. They regularly fight these, but sometimes they exhaust all resources and have to comply.

As you say, Switzerland is not in the EU (which can be a good thing) but it is subject to GDPR as they have their own version of it. For example, during Brexit the UK kept the GDPR and renamed it, The UK GDPR and made minor changes. Switzerland is similar, they have their own version of it. You don’t have to be in the EU to be subject to the GDPR, it just won’t be the EU GDPR.

Plus, in the cases where Proton AG revealed user data it shows that they keep their promise of privacy. Also, you do know that Tutanota had a request to monitor a users mailbox, right?

First of all it is Mullvad not ‘Mullvard’. Secondly, they have been repeatedly audited by trusted auditing companies, are extremely transparent, are in a safe location (Sweden - which is in the 14 eyes but, Mullvad does a great job explaining what laws apply to them) and are well trusted within the privacy community.

There is also no personal information required to use Mullvad, if you use an anonymous payment method (cash, gift card or crypto) you will be practically untraceable. Plus, their apps are open-source and I will say again, audited regularly.

This seems all pretty accurate to me. Although, most telemetry can be turned off. I also think you may be able to install extensions from places other than Google but I think you really shouldn’t add any as this will make you more unique.

I know that switzerland has their own law, but it’s not the GDPR. You can follow up Kubikpixels news regarding how good the swiss version of the GDPR actually is…(pretty bad).
the UK has also made changes to the data protection act that allow more surveillance again. Switzerland must comply with the gdpr for europeans, but switzerland itself does not operate under the GDPR.

Also, you do know that Tutanota had a request to monitor a users mailbox, right?

I never recommended Tutanota either.

are in a safe location (Sweden - which is in the 14 eyes but, Mullvad does a great job explaining what laws apply to them) and are well trusted within the privacy community.

The location says nothing about wheter or not the company actually complies to it or not. Even German and French companies are not 100% secure or compliant just because their located in Germany or France. Most of them are also acting against the GDPR. Deutsche Bahn and TGV for example.

There is also no personal information required to use Mullvad, if you use an anonymous payment method (cash, gift card or crypto) you will be practically untraceable. Plus, their apps are open-source and I will say again, audited regularly.

You give them your personal information while using their service. The browsing history, the profiles you’re visiting, maybe your personal links. That’s a lot of trust.

Although, most telemetry can be turned off. I also think you may be able to install extensions from places other than Google but I think you really shouldn’t add any as this will make you more unique.

Most, not all and it’s completly unclear if someone is in the test group or not.

But I don’t want to justify myself or start discussions why I use something and why not.
I have a strong feeling that I’m being lectured here with weird ads and I can’t tell if it’s a troll attempt or real. I signed up here to share experiences, that’s what I do. If someone don’t want to hear them, no one has to read them. I’m not particularly interested in long discussions. I don’t have time for that.

You have to understand, their law is similar to the GDPR but has a different name. Swiss law is way better compared to the US, for example, laws will never be perfect.

Also, laws change. They cannot determine if a company is trustworthy or not. If a company is based in a country that has good laws surrounding privacy then that helps from a legal perspective, but it does not change whether the company can be trusted. Although, it can influence whether they can be.

There was not many changes except for clarifications and less vague terms. If you have any evidence that says otherwise please link it.

Are you sure about that…

You do realise you have just told people to avoid the main well-trusted, privacy-focused email providers?

As I have said above, laws change. But, being located in a country with good laws helps when deciding to trust a company.

Services like Mullvad will be miles ahead with your privacy compared to your ISP.

You are not being lectured, I am simply giving the facts and if you disagree with them please let me know as if facts are wrong then that can lead to mis-information. You are more than welcome to share your experiences as that is what this forum is for but, people will want to ask questions on why you have those opinions as people are genuinely interested and it can help them make decisions. Which is why, I want to make sure that the facts are correct. Also, none of this is ads or trolls these are just my takes on everything. I am strongly against Ads as I hate them, that is what led me to dis-trust privacytools.io (topic)

Finally, if you feel anything is wrong please let me know as the last thing I want to do is spread facts that are untrue.

Just another thing I wanted to add in,

I ask questions about why you choose (or don’t choose) certain things because I am actually interested and want to use those answers to help me make informed decisions.

Don’t sweat it. @strawberry here is just another fearmonger sent by the good folks at linux subreddits and clearly doesn’t have any understanding of what he is talking about.

FYI Signal is hosted at Amazon Webservers too. Many of your favorite Linux repos are hosted over at Google/Amazon Cloud Services.

1 Like

Mental outlaw is the literal face of Reddit hivemind. Luke Smith is just Mental outlaw on steroids. Both spread more misinfo than Trump at election campaigns.

See my reply here-

@Qubesfan,

  1. First of all, I had a reddit account to see what it was like. Hated it. So many people arguing over pointless things and never taking anyones opinions into account. I still have an account but never use it, it is just not a fun place to be. I also never joined any Linux subreddits, the only subreddits I joined were: Proton, SimpleLogin, Filen.io, Legal Advice, Mullvad VPN, Bitwarden and a few more.

  2. Tried multiple distro’s of Linux, kinda liked some of them but I still can’t (+ don’t want to) move over/use any of them.

  3. The whole point of my posts with @strawberry were;

    1. I am genuinely interested in peoples opinions and the reasoning behind them. As it can help me make more informed decisions.

    2. This is a disscussion forum and to have disscussions you have to ‘disscuss’ the contents of the post/topic.

Just to make clear, if I in any way offended/annoyed you @strawberry I apologise. It was not my intent to annoy or offend you, as I have said, I am genuinely interested in your opinions and your reasoning behind them - not because I think they are wrong - but because I love to hear everyones opinions as they can help greatly when I make a decision, one of the things I want to know is what the reasoning behind peoples opinions are so that I can decide whether or not to use them as part of my decision-making. As I have said before, if you think any of my statements are false please let me know as I hate mis-information as it can cause a lot of trouble.

Personally, I would say I have a semi-good understanding of what I am talking about. I try my best to research thoroughly before putting statements out but, we are all human and make mistakes. Which is why I have said, many times, if you think anything I say is wrong please let me know as I would be more than happy to change it.


Side note (@Qubesfan) : maybe don’t assume that people are ‘fearmongers sent by the good folks at linux subreddits’


Another note:
I mis-understood who @Qubesfan was talking to :sweat_smile:

1 Like

Figure of speech.

I said strawberry was shit talking about Proton and he has no understanding of the situation. When did you @Why8337 come to the equation? Is this Twitter?

I am so sorry! I read that completely wrong and thought you were talking to @strawberry about me :rofl: