Your Weekly Privacy & Security Wins 🏆 (Week 44 - Feb 28 2025)

A dedicated place to share all of our wins! Welcome to our 44th week of privacy & security wins

Now, this only works if you all want it to work. That means:

• Don’t be shy! Even the smallest win is something you can share. The more of you who contribute the better it is for everyone
• Be positive. Remember we’re all in different places of our journey. Someone enabling 2FA on their first account can be just as excited as someone who figured out how to install Qubes on their new system. Give each other some love!

Join The Weekly Stream
Each 2025-02-28T22:00:00Z @Henry will be streaming on YouTube & PeerTube to share your wins on the Techlore channels. Don’t miss the stream, it’s a great way to live-engage with others and see your comments be featured

YouTube:

PeerTube:
https://neat.tube/w/n8Ppp1b23eNjJaRBysrc7G

I think I convinced a person who had all their online accounts hacked recently to start using a password manager.

I explained why having different, long, and random passwords for each account was important. That was pretty easy as he was still in the process of recovering access to his accounts. And I explained that having different, long and random passwords was basically impossible without a password manager.

It was a little surprising to me that they hadn’t even heard of password managers.

@OldGuy I can very much relate to this. And it’s what i’m trying to figure out how to do next: it’s people who experience the worst-case scenario are those who would benefit from having one. But even after something like this, it takes a creative approach to sell it.

A personal win is making use of Virtual machines for:

1. Testing out various linux distros
2. compartmentalising certain activities
3. Trying out software I’m not sure I should trust yet

The win’s I want to share this week

1. Convinced my family to switch to Proton.
2. Gmail or device provided email app to Fair Mail!
3. Device Provided Gallery app to Aves Gallery.
4. Switched from Google to Ecosia. And I already used StartPage.
5. Learning how to use Obsidian and lunatask. (Henry, thank you for sharing lunatask.)

I have set up an encrypted secure folder on my unencrypted server.

It’s a virtual hard-disk, exposed through qemu-nbd as a block device, and unlocked automatically using PAM when my PC boots (the password is stored on the encrypted drive of my PC)

It’s actually crazy that I can mount an SFTP filesystem and have my server automatically decrypt a partition with the password I provided

A couple of indirect wins:

1. Learned/learning a lot about tech and privacy tech in general that also relates to policy, licenses, etc. because of the Mozilla/Firefox fiasco. Lesson here is to not be inflexible with any tool you use and one should always know alternatives to each so you can move to better options away from enshittifying ones.
2. Learning new things from all the great privacy and security articles forum members share that helps you keep up with your tech knowledge base and industry know-how.

Broader point is this: the more you read, learn, and understand - the better your decision making will be that will only benefit you and others close to you. Atleast when it comes to privacy and privacy tech at large.

Follow up from last week:

I decided to move from US-based services to EU-based services for a few reasons. This was mainly because of the US’ track record with mass surveillance and backdoors; and since I have written (and will continue to write) articles and blog posts critical of the Trump administration, I also don’t want to be under US juristiction or contribute to the US economy at all.

Furthermore, I want people to feel they can trust my public self-hosted services; which, in many cases, they might not if they were still hosted in the US by a US company.

Of course, I don’t have a great memory, so I may have had slightly different reasons when I made the decision.

OVHcloud is a French web hosting provider with datacentres in France, Germany, Poland, Canada, and possibly more.

Combell, meanwhile, is a Belgian ISP that I am using as a domain registrar, managed DNS provider, and email hosting service. I probably could have done a bit better, but it was the best value, and I can’t move to another registrar for a while anyway.

And now this week:

In the wake of the UK’s recent attacks on privacy, I am doing damage control for friends and family who were previously using Apple’s ADP, as well as writing contingency plans in case I lose services such as Signal.

I told one friend about Invidious (there’s one instance that still works), and I think I might be able to get him to switch away from Edge soon.

I am also considering dual-booting OpenBSD (the most secure OS) alongside my usual Arch setup.

On top of that, I have realised that Combell is kinda terrible (I couldn’t update my WHOIS and now ICANN have suspended my domain), so I’m planning to switch to Infomaniak as soon as the 60 day no-transfer period is up.

Shoutout to Avez Gallery! I love their design choices. Has a great metadata remover function too!

A win for me this week:

I’ve managed to get my last remaining friends and family on WhatsApp to ditch the app entirely and move over to Signal.
It took a lot of convincing, but everyone I talk to exclusively uses Signal now.

That’s a fantastic win! What are your secrets? (how did you do that)

Thanks!
I used some tips from NBTV video. That helped a lot. I also changed my WhatsApp profile picture to this (I got the idea from Reddit):

MessageMeOnSignal (2)1000×1000 46.9 KB

It became a conversation starter for a couple of family members when they saw my profile picture change. I then explained to them what Signal is and why it is so much better than WhatsApp for their privacy. They soon switched afterwards

Fantastic! Good for you!

I ditched my ISP router and am now using an OpenWrt One router.

signal-2025-03-03-1758002048×1536 309 KB

signal-2025-03-03-1757582048×1536 495 KB

ISPs in Australia collect information about your local network and allow technicians to remote into your network. This router runs open source firmware, which doesn’t’ allow this sort of thing, definitely a privacy & security win!

Made some progress this week in getting myself out of the Apple ecoystem by migrating to a few non-Apple services:

• Apple Notes → Standard Notes
• Apple Photos → Ente
• Apple Calendar → Proton Calendar

I didn’t realize how many features come with the free tier of Standard Notes!

Ente’s watched folder feature seems like a great fit for managing photos I take with my camera. It also gives me peace of mind knowing that I have a local backup.

Both Ente and Standard Notes offer self-hosting options, so that’s something I might explore later this year. I’ve taken a lot of photos over the years, so self-hosting Ente seems like a nice way to avoid the cost of the 1TB+ plans.

In contrast to all the bad stuff coming from Russia, there’s some P&S goodies! They have FINALLY rolled out the system for freezing your credit in a couple of clicks, and i just did that! Finally some good news in MONTHS. Hopefully this rampant credit and identity theft scamming that is going on will quickly subside. Gotta make sure all my family and friends are aware of this and get their credit frozen too asap.

This week not that much, but getting gradually to my plan of digital sovereignty:

1. Canceling and replacing as many US based services as possible with EU based alternatives. Dont’t want to get cut off from anything if Trump goes full bonkers. Might not be a top point for most but these days it’s my greatest concern. There are some stragglers left but not much.

Maybe not necessarily a win, but I switched my Tuta to Proton since we agreed with my friend to use Proton Duo, now we have the entire proton suite at our disposal and pay for it yearly.

I’ve actually migrated my domain there, Though being a former tuta user means I have to keep my tuta account for any old emails perhaps since tuta wont obviously allow importing those emails (they dont have IMAP/SMTP support after all). Might even take advantage of the 1tb of proton drive we have at our disposal, currently the 1tb drive is split 50/50 (so each has 500GB) but it’s nice that we can allocate at our disposal where necessary. Will try to also take advantage of calendar. Proton VPN I’ve been doing that for a while so yeah.

It seems that I realized that my friend uses authy instead of a alternative that is more secure and private which in this case is ente auth. The pain in the butt is how uncooperative Authy is for allowing users to migrate so I’ll be in the process of switching him to Ente when he gets at my house. But I guess in practice he did turn on 2FA on his proton account so that’s a win in my book but yeah will make sure they use ente auth for 2FA.

Edit: Moved my calendars easily, Events were not supported ad expected so I’ll still need to be kept a backup, other than that the events I needed have been imported.

Second, I completely misunderstood when it comes to Bluesky domains I thought you needed to self host, Turns out it’s never been easier:
My bluesky is now under my domain, a super small win imo
[Link: @gorujokun.cy on Bluesky]