Your Weekly Privacy & Security Wins šŸ† (Week 55-56 - May 16 2025)

A dedicated place to share all of our wins! :trophy: Welcome to our 55-56th week of privacy & security wins :slight_smile:

Now, this only works if you all want it to work. That means:

  • Don’t be shy! Even the smallest win is something you can share. The more of you who contribute the better it is for everyone :slight_smile:
  • Be positive. Remember we’re all in different places of our journey. Someone enabling 2FA on their first account can be just as excited as someone who figured out how to install Qubes on their new system. Give each other some love!

I’ll be going live for last week’s wins Invalid date

4 Likes

After many years of freeriding FOSS and watching content creators without ads (through private front-ends), I have finally gone ahead and made a little spreadsheet of open source software and content creators I want to micro-donate to, so that I can slowly get used to paying for the software I appreciate and use, and directly support the content creators I frequently watch. For the longest time I felt intimidated by the concept of donating money on my own terms and having to decide how much I should donate, but after a Louis Rossmann video showing me how little ad money the creator actually gets from me (even if I were to watch every single ad without skipping for years), I discovered that there is nothing wrong with micro-donating. I was also concerned with handing over sensitive purchase data to Paypal (which is really popular among FOSS donation), but I’m still working on that, gonna try alternative non-credit/debit methods where possible. (EU citizens like me who don’t use credit cards at all feel like they are downgrading convenience too with credit/debit based services). Will still look into upgrading my skills in using cakewallet for donating crypto to privacy content creators and Internet Archive (I’m a total noob, as of now, but it’s a process)

Since making that spreadsheet I’ve already micro-donated to:

  • Krita Foundation (really easy, they support IDEAL payment)
  • Framasoft, the creators of Peertube (they support direct bank(/wire? Idk English that well) transfer)
10 Likes

As someone who’s getting my friend into this kind of business every month
Congrats, we would love to see more of this.

1 Like

A very light week for me.
Every couple of months I install Futo keyboard to check it’s progress.
Futo has improved enough for me to ditch Heliboard and switch.

  1. Gesture typing seems to be as good as on Gboard.
  2. Long pressing on A X C V offers the same functionality as a physical keyboard.
  3. The ā€œAction barā€ now has it’s own toggle so it can be hidden while the ā€œSuggestionā€ bar is visible. Before, both were tied together which took up a lot of screen space.
  4. The built-in voice typing it’s pretty bad. Installing the largest model didn’t help. I continue to use the separate Futo Voice app which I find to be very accurate with the largest model.

As for the laptop, nothing improved for privacy or security. That’s how these things go - periods of change and then one can relax and get other things done. I’ve been working on neglected projects such as more detailed backups and organizing my photos. My previous platform was a tablet and doing big projects was a pain.

5 Likes

First off with technical wins

Update on the compartmentalization journey

I’ve decided to start from scratch and factory reset most of my devices and have now adjusted my setups according to the advantages of each OS instead of trying to replicate the same setups through different OSes

Fedora and Android is for personal use with FOSS as a priority

I treat as a my PC as a retro gaming console that just happens to use ephemeral Brave and Mullvad Browser for background content consumption

On Android its mainly for lazy content consumption and have decided to not login unless its a FOSS app I trust (the only exception to this being WhatsApp) If I need to use a proprietary app that Im not logging to, Aurora Store within Private Space does the job for me in a pinch. Hoping some time down the line I can get on GrapheneOS but I don’t feel bad where I am at right now on Stock Android to be honest

macOS and iOS FOSS is less of a priority and security is the main goal

I consider macOS the communication and productivity hub:

  • Brave is used with Profiles for different logins
  • Desktop clients for messaging done on macOS exclusively because I trust its security model out of all other desktops
  • I will use a service that provides the iOS app in the mac appstore ( for example Ente Auth)

iOS is sort an extension of my macOS setup for proprietary services I have no choice but to use on the go require logins. The only draw back is you can’t delete history when using safari with parental controls on. Annoying limitation.

This is all been very helpful for digital minimalism because when I see a certain environment I know what Im supposed to be doing rather than getting distracted of the imperfections of each OS for the ā€œperfect privacyā€ setup

Now on to the social wins

I’ve come to realize something ā€œyour threat model, your prerogativeā€

I used to take the controversial ā€˜hot takes’ we see in deeper parts of the community as the panacea of privacy recommendations (ex: ā€œFirefox on Android is insecureā€) but I take more holistic approach you are valid if you want uBlock Origin with Firefox on your phone. the tracker blocking is unmatched. Even when these are technically correct we need keep in mind that even the researchers are still debating these amongst themselves. Privacy is situational and contextual. So I will always ask is this relevant to me instead of buying into the sensationalism

I don’t know how I missed this when it released but I highly recommend checking out the techlore threat modeling video if you havent already it is severely underrated and I think it provides good baseline for following along with a table chart. I’m not sure how this needs to be done but the conversation around threat modeling has to improve but because its so unique and hyperspecific its really difficult to make it cookie cutter. Even 2 people within the same threat model could have vastly different approaches

Beginning to normalize privacy

My best friend and I have an inside joke about password managers because I keep begging her to use one. I’ve got her on to the proton suite but she is using more so as a fall back in case Google and Apple no longer suits her needs. But the crazy part is she wont even use their password solutions either so it drives me nuts

I was using Bitwarden extension creating an account and it used an autofill to make a new password and I took it as a moment to flex on her cause she had to continually reset passwords every once in a while. She sent me a picture of a password management notebook she saw at a bookstore And said she’d consider getting it, which is based not going to lie and is better than nothing but my concern there is her losing that thing. I think if you can add rizz or humor around your privacy journey people will be more inclined to pay attention even if they don’t take those steps themselves.

This last win is more a food for thought within a story feel free to skip

I was filming a music video in public yesterday and due to the costume I was wearing I attracted attention at some point people started asking questions. I mention that I have contentious relationship social platforms to a group of people my age (in my 20’s) . They said they totally understood and It felt reassuring that average people understood and that I wasn’t just the odd one out.
Later that night however I was seeking advice from an older wiser musician. And they told me the words I hated to hear but the everyone else was telling me. Social media is a requirement for networking. What I witnessed earlier that day tells me Gen Z is slowly getting worn out from the BS even if they are still on these platforms themselves. I’m still evaluating how to approach this especially with compartmentalization in mind but I gotta say I’m hopeful that the future isn’t chronically online

8 Likes

Hi there,

I have been watching privacy wins for sometime now, so I though I would join in and share my story. I have already come a long way but there still much to cover. I have already done ā€˜easier’ things like adding 2FA to every account (authy initially but ente now) and using password managers but right now I am tackling larger issues like moving my entire 13+ years of email from gmail to proton (or specifically changing my email id to using aliases), moving photos from google photos to self hosted solutions and more.

2FA is currently being moved from Authy to Ente and Yubikeys are already used in the most sensitive accounts. Browsers, OSs are already on a secure foundation.

Started using RSS more and more and removing email newsletters as much as I can. Still on the lookout for a good cross platform RSS reader (if you have any recommendations, please let me know)

These larger moves are gonna take a lot of time but I have already closed accounts on a few services that I dont use and changed emails to aliases on some others. One step at a time.

And for those who cares, I also wrote a post here: https://discuss.techlore.tech/t/how-to-preserve-privacy-on-windows-while-keeping-it-usable/13835. There is a lot of good info in this one. I hope it helps.

PS: For RSS recommendations above, if you have a good recommendation for Readwise’s Reader alternative that is also cross platform, even better! Reader is fantastic but I would also like to checkout any FOSS alternatives of it (if any).

7 Likes

Last week, I installed Fedora 42 on my 2015 MacBook Pro, and the experience has been smooth so far.

This week, I started using Rethink DNS, but I ran into an issue with KDE Connect when Rethink DNS was active (click to see the post). Thankfully, following a suggestion from @Ale, I managed to resolve the problem.

In an effort to minimize my digital footprint, I deleted my Discord and Snapchat accounts and minimized my use of Google Maps by switching to Magic Earth.

I also made the switch from Visual Studio Code to VSCodium, as VSCodium explicitly disables telemetry and tracking. By using VSCodium, I can be assured that no usage data or tracking information is sent back to Microsoft or any other third parties, giving me more control over my privacy.

Follow up to the above (edited 3 days later):
Most of them in my contacts use Google Maps and I had to frequently open Google Maps to share. To avoid this, I have created a simple website to convert Magic Earth links to Google Maps, even further reducing my use of Google Maps. Also using Geo Share to convert Google Maps link to Magic Earth.

Link to the website: Magic Earth to Google Maps Converter

5 Likes

My win of the week is purely circumstantial (because I live in the EU) and is based on this post on Mastodon: Kevin Beaumont: "If you’re in the EU and you opted out of Meta tra…" - Cyberplace

I followed the instructions and received this:

I recommend any Meta user in the EU to do it too.

8 Likes

that’s huge, I got my friend to opt out too.
All together though I would just recommend people to ditch Facebook where possible completely so.

2 Likes

First time I’m participating directly in this thread, and not just in the stream!

I was considering buying the Switch 2 for quite a while. I’ve got lots of awesome childhood memories with the N64, and after the PS1234 and some PC gaming, I thought I might give Nintendo a try again. It was when I saw their pricing strategy that I made a huge u-turn.

Considering that I often found the vibe of modern versions of the games I loved when I was a kid to be ā€œmehā€ and often much more hectic than I enjoy, I leave the Switch 2 to the billionaires who can afford it!

So I decided to give the Retroid Pocket 5, one of those retro gaming handhelds, a try! This wasn’t purely a privacy choice, but when I think about it, it’s got some huge pros!

  • Android-based, so I expect to be able to use a lot of the existing tools to enhance privacy, like Aurora and ProtonVPN.
  • It can run custom OS, also Linux-based ones like Batocera, and even Android/Linux dual boot configurations are possible.
  • I’m not stuck with one greedy corporate capitalist brand, I can play all the games I own and love, whether it’s really old Atari stuff, whatever I played on my old Amiga 500, SEGA Master System, GameBoy, SNES, N64, PS1 and whatever. Pure freedom!
  • No, or at least less tracking. While I don’t think the retro gaming OSs are built with a huge privacy focus, I can do more to enhance my privacy - and I think they’re less privacy invasive than whatever mainstream console or handheld you can buy today.
  • No f*ckin’ microtransactions!!

I’ve been playing around a bit with Batocera and RetroArch before, tried some emulators on both Android and iOS, but having a dedicated gaming device that runs smoothly, which I can connect to my guest WiFi and even run offline after having set it up is a huge win! Can’t wait to receive that thing in the mail!

In case someone considers to do the same, just consider that there are legal issues if you don’t own the games beforehand. We all know that piracy is the worst crime ever invented since the Gods created our universe!

5 Likes

I joined a Canadian server, sh.itjust.works, on Lemmy yesterday. Today, my Reddit account is no more.

Reasons for the change:

  1. Reddit is an American company and who knows how laws will change in that country.
  2. Too many people in the subreddits I followed (degoogle, Proton) posting questions that have been asked dozens of times.
  3. No ads.
  4. Ability to hide bots - it’s in the options.
6 Likes

Small nugget I found out today that many of you might already know about: on Android, in Location settings, you can (or should) disable the WIFI search.

Even if you have disabled the main WIFI service on your phone, this Location subfunction still allows apps to search for WIFI to get a more accurate position of your device.

3 Likes

confused on what you;re trying to imply here.
Apps that scan for networks properly like Fing legitimately use the Location permissions precisely because it’s the only way to scan a network, due to how Google changed the API, with Location off and Wifi On/Off apps cannot retrieve your location using those at all. And with approximate location set, it will not be your precise location at this point.
Location using Wi-Fi and Bluetooth can legitimately improve accuracy but it seems useless on GOS without the Google Location Accuracy or Network location so I’ll likely disable it.

1 Like

Hey! I’m talking about this (it’s short): https://youtube.com/shorts/QFb30mI7dYI?si=kvh3kn0FALXMlNP6

1 Like

that’s literlaly like, rule number one, turn off your location when you don’t need it. Of course if you find its useless to have bluetooth and wifi scanning, turn it off but even then at that.
Clickbait at worst, misleading at best.

This week I made my, technically, first contribution to an open source project.
I planned to do it, but later, it was just on my radar. But I saw one library, that would be great to add to the project on my job, but it was lacking stuff.
The library, unfortunately, is not stable enough, but I’m happy anyway.

Oh, and also I’ve visited the Hitchhiker’s guide, suggested by @Batcherdink and installed a Privacy Redirect (Also, oops, sorry, LibRedirect is even better). I am amused on how many alternative frontends (and instances) for popular websites are there. And they’re generally faster, take less bandwidth. Love it!

3 Likes

I switched to lineage os on my ā€œtype 1ā€ samsung, the build is unofficial and fairly recent but it works, i don’t use any google services and switched to foss alternatives. Ive been using linux on my laptop for a while and i like it much more than windows, anyways, i pretty much de-googled!

5 Likes

Hey everyone! No livestream this week—and rather than starting a new week let’s just keep this thread going for another week! Lots of good wins so far, so let’s get some more!

Some wins on my end:

  • Here’s a test PeerTube stream from bed today that is ready for public use! Doing some more testing and hopefully will finally have PeerTube streaming for next week.

  • Techlore Clips is now also on PeerTube—this required bypassing YouTube’s blocks which took some finessing, but they’re currently transcoding as I type this. Get subscribed and track the videos as they come in:

A lot of transitions at Techlore that are necessary to get things back on track, the last of which being Go Incognito being migrated away from Teachable (important for v1 & especially v2!)

7 Likes

Wins:

Set up Tailscale to use services hosted on my desktop an my other devices
Set up Open Web UI
Switched from Manjaro to Fedora Workstation
Started convincing more people to use Signal
Started contributing to an open source privacy friendly project
Discussing privacy and moral concerns(like Meta’s book pirating for thier AI)
I am using Metrolist(available on F-Droid) for local and streamed music(although I mostly download music than play it - all via the app)
Set up Cake Wallet

Losses:

Spotube(my old music player) got a Cease-and-desist
Fedora has an issue with pointerlock that I was somewhat able to fix
Steam has been a little buggy, and my 3rd party xbox controller(i wanted a wired one and i don’t even play xbox) isn’t working with my games :stuck_out_tongue:
I play some Steam games meant for Windows using the Proton hotfix, but it is messing winh the keybindings and I use a different layout soo…

Questions:

Is there a particularly good local DNS service to replace an IP/localhost(with a port) with a custom url? (when I go to local ai it loads 100 101 102 57(imaginary ip of my computer), which I am all loading on my computer; nt another device) I also would like to mention I don’t have the ability to modify the router; All of this needs to be local.
Is there an optimal vscode extension for GitHub Push/Pull requests? I am using the GitHub Pull Requests extension but I don’t know it there’s a better one.
What is a good F-Droid Client? I have been using Neo-Store because it has the multi-repo abilities, but I have been having issues(takes WAY longer than it should to load) :frowning:
Is there Techlore merch? Like a hat, shirt, or stickers?

Fun Things:

I try to use Obtanium for as many apps as possible!
I use Molly(molly im) instead of Signall, which offers SOOO many usefull features and it’s more privacy friendly(not for IOS)
I am using orbot to help people access Tor without running my whole device through it!!!

6 Likes