A dedicated place to share all of our wins! Welcome to our 49th week of privacy & security wins
Now, this only works if you all want it to work. That means:
Donât be shy! Even the smallest win is something you can share. The more of you who contribute the better it is for everyone
Be positive. Remember weâre all in different places of our journey. Someone enabling 2FA on their first account can be just as excited as someone who figured out how to install Qubes on their new system. Give each other some love!
Join The Weekly Stream
Each 2025-03-21T21:00:00Z@Henry will be streaming on YouTube to share your wins on the Techlore channels. Donât miss the stream, itâs a great way to live-engage with others and see your comments be featured
The Swiss government wants to kill end-2-end-encryption. As a Proton customer, I feel I should have a plan encase that law passes. I do have a document with all the ways I can take back a bit more privacy. The Swiss news has encouraged me to revisit and update my file.
Tuta, Addy, and MullvadVPN are my frontrunners for a Proton replacement. If I need to leave Proton, I may as well use services with anonymous payment methods. Iâve been looking into how to buy Monero. Turns out itâs dead easy with Cake Wallet.
I also plan on moving to Linux soonish and have been looking into what apps I can use. Been on Android for many years so Iâm out of the loop on different OSs. App selection looks promising if Proton is taken out the equation.
Made sure KeepassDX and Proton Pass have the same information. I used to use Keepass as my PW and decided to keep it up to date while testing PP. Been using PP for months so I guess the testing phase is over - I like it.
I have an older tablet with Orbot running fulltime. I enabled the âKindnessâ option which allows my device to act as a Snowflake proxy. This allows Tor users to use my connection when Tor is blocked in their country. If Iâm reading this correctly, 10 people have taken advantage in the last two days.
Edit: Switched from Collobra Office to CryptPad. Mostly, for the spreadsheets. Not really a privacy win but is far less of a PITA to use. Reminds me of Google Sheets.
Just transferred my mobile number to JMP.chat and started using Cheogram for texting. Main draw was the ability to receive texts on multiple devices and reply from my computer, but thereâs the additional benefit of no longer sending data through a major mobile carrier.
Additional Info
JMP.chat basically provides a real phone number that lets you send texts/calls via the XMPP protocol. You can use it across devices with any compatible XMPP client, but works best on Android with Cheogram. Best clients I found for desktop are Gajim, Dino, and Monal
Main benefits so far:
Unified communication - one number onto multiple devices
Cost - $4.99/m for unlimited text and additional lines are $2.49
Flexibility - Can easily manage multiple phone numbers
Downsides:
Complex to setup (but was surprisingly smooth where it mattered)
Lose unlimited calls - who calls me anyway? Anyone important is through Signal.
Lack of RCS - I wasnât getting it with GrapheneOS anyway, but I know Iâll probably be missing it once it becomes more available, although features of RCS is still in the works
Separate text for reactions - âUser Loved the messageâ. Brings me back to the olden-days of android/apple messages. Kind of annoying, but wasnât any different when using GrapheneOS texting anyway.
Contacts become phone numbers - Cheogram does a good job showing contacts, but everyone is numbers when using other clients, especially in group texts. You can add them to contacts in XMPP, but then youâll have to manage two address books (phone + XMPP) and each client incorporates it differently. Easiest way I found is on Cheogram, even when the user comes up because theyâre in your contacts, go to contact details > add contact > (confirm add contact) to add them as a contact to XMPP for other clients. Gajim has a weird thing where in the workspace list, theyâre numbers, but once you select them, in the messaging window, their name comes up. Dino doesnât have that issue, although lack of dark-mode on Windows can be a deal-breaker (they have dark-mode for Linux via GTK theme)
Overall, Iâm pleased with the transition. Wonât recommend it to everyone, but itâs a viable option.
Small win/improvement, on my ârecreation onlyâ (no-SIM) android device I did some cleanup. Went from about 50 apps to about 40. Some of them did the same thing, like having multiple Youtube front-ends, but I only use one of the them consistently (FreeTube). And due to most of these removals being games, I can happily say that the percentage of F-Droid based apps is now as high as around 90%. Even though I only played those games firewalled using RethinkDNS anyway, I know they were hammering on the firewall when I used them if my wifi was still turned on. So this is also just a way to âde-clutterâ it completely and be more mimalistic.
Was reading through their FAQ a couple of days ago and noticed we have to get a Jabber ID. Did you host your own or use a third party?
Iâm currently on voip.ms so Iâm aware of the pros and cons of voip.
Note for JMP users: We have partnered with JMP.chat to grant people using a Snikket instance with their JMP phone number hosting at no extra charge! Your Snikket instance will be covered by your usual JMP monthly subscription. Please contact JMP to take advantage of this offer.
Moved to Zen ( mostly , while still have to use edge )
my friend moved to Zen as well ( big Win for me cuz i preach a lot of stuff but they never show interest so finally got a response from their end )
downloaded extensions on Zen like âi dont care about cookiesâ , âpop up blockerâ And FlagFox which is SUPERB ( do check it out )
Helped my sibling in his new phone setup , by not loggin in gmail and downloading app through Aurora [ yet to do UAD on that ]
Finally able to figure out a long time issue i was facing which is that i used Rethink to block internet connections of Apps like calculator , camera etc But then i realised that if i connect my device to Proton VPN those apps gets internet access for that time period , so I just start using Opera VPN ( which is my last resort as i deleted it 2 years ago after the chineese scam incidents ) since i need Vpn for some rare occasions only
[ I am still open to listen if there is a better thing i can do ]
Though its been a month or so since i switched to Futo Keyboard , i was facing issues cuz it doesnât support my native language , but fortunately they have given a way to work around and import language dictionaries
Uninstalled Apps on my Old laptop to get a little bit of performance improvement in it
Not a Privacy Win But i start using Laptop Stand for better posture .
For 1: I would rather prefer you move to Brave browser since you have to Edge (Chromium based) browser anyway.
For 2: I recommend trying to it again with your friend for Brave.
For 3: Recommended extensions are uBlock Origin for what you want to do. Itâs a great all round add on for a better web browsing experience that does a lot more than ad blocking like tracker and pop up blocking too. It also replaces âI donât care about cookiesâ.
For 5: If you are using a VPN, please only use the ones recommended by Techlore. If youâre on Android and only want VPN access through your browser, trying using Firefox and installing the ProtonVPN extension on it and using it that way.
My privacy win should have been me installing Proton Pass app after hearing so much positive feedback from Techlore about it and I also setting up 2FA on all of my accounts with Ente Auth.
However Iâm a bit confused now - since the password for my Ente Auth is saved in the vault on Proton Pass, and Proton Pass is locked with a master password and a code from the authentication app, which is Ente Auth in my case, wouldnât it mean that hacking/breaching my one master password would essentially lead to breaking all of my security measures since one holds the key to opening the other and vice versa.
Ps need some guidance here
I had a similar issue at one point where I got confused as to what to do. Avoid locking yourself out of your Ente Auth account for when in an emergency of losing all your 2FA installed devices. Make sure you can manually remember the password for the Ente Auth account. If this currently isnât the case, you might want to change the password to a memorized password.
Iâm sure Henry will have his opinion and feedback for you but hereâs mine:
Do not lock yourself in. You have a few options:
Use the same strong master password for your password manager for Ente Auth too.
Make two strong different passwords - one for Proton Pass and the other for Ente Auth.
Use Proton Pass as your 2FA app too and simplify. This way, youâll only have to remember 1 strong password you made that you do not use it for anything else and that you will always remember.
The key is to make a strong and unique password for Proton Pass as your password manager that you do not use anywhere else for anything. Do not make one yourself, use a FOSS tool like this
The reason I recommend not making one yourself but having a tool create one that you can practice memorizing is because one is inevitably going to make a password thatâs too close to them or identifiable. So, if an attacker knows enough about you, they may have a higher likelihood of succeeding in a brute force attack on your account. The weakest point of security is human, for the most part always.
I think it is fine to store the Ente Auth password in Proton Pass, but make sure that the master passphrase for Proton is strong, unique and has been randomly generated by a passphrase generator. The website @anon52464727 linked is a solid option.
However, I would also encourage you (and everyone) to create an emergency sheet, where you write down your Proton passphrase and at least one of these options: Protonâs TOTP seed or 2FA recovery codes, or Ente Auth password. Alternatively, you could only write down the Proton recovery phrase, that bypasses both the password and 2FA, so you can use it to get back into your account.
If youâre trying to save money, great. But there is a âprivateâ way to use Netflix. You can buy digital gift cards you can gift yourself and then make an account with that code directly and always use Proton VPN (preferably itâs always on anyway) when watching Netflix.
All Netflix here gets is a users viewing activity but itâs not identifiable with you or your identity or real name in anyway since you can make accounts with aliases.
But if youâve moved to sailing the high seas for your entertainment needs for more freedom, then forget what I said.
But I thought this warranted mentioning just so you know.
Yeah, I get what youâre saying, and honestly, I think I canceled my subscription 'cause I was looking for something that gives you most shows and movies for freeâgotta save some cash, yâknow? It just doesnât make sense to drop like $10 a month just for a bunch of international stuff and 3,000 shows made by Netflix.
The real issue? Itâs packed with unnecessary porn, nudity, and all that with zero reason behind it.
Welcome to our 49th week of privacy & security wins 
]
