Your Weekly Privacy & Security Wins 🏆 (Week 57-60 - May 30 2025)

A dedicated place to share all of our wins! Welcome to our 57-60th week of privacy & security wins

Now, this only works if you all want it to work. That means:

• Don’t be shy! Even the smallest win is something you can share. The more of you who contribute the better it is for everyone
• Be positive. Remember we’re all in different places of our journey. Someone enabling 2FA on their first account can be just as excited as someone who figured out how to install Qubes on their new system. Give each other some love!

Henry will be going live for last week’s wins at 2025-05-31T14:00:00Z

PeerTube Beta:

YouTube: https://youtube.com/live/QD3H3-j0Kj0

1. Two more friends switched to Zen. Both were fed up with Chrome and wanted a feature-rich browser, so I suggested Zen along with uBlock Origin.
2. I helped both cousins in starting to use Proton Pass.
3. I shifted from Linux Mint to Fedora. I didn’t even last a week before distro-hopping — Linux Mint just wasn’t that friendly to me.
4. One major thing I did was create a shared folder on Mega ( so files will be encrypted ) containing all the important documents of me and my family in one place.

My dad switched from Fedora to Mint today. Good to have balance in the universe.

Kind of an unplanned privacy win. I’ve made the migration to hotspot life with no cell line. My Pixel I purchased on Amazon about 1.5 years ago ended up getting blacklisted and I’m not in a position to buy a new phone so my sim is living in a hotspot now. Honestly, not that bad, and kinda of freeing. I can just shut off the network anytime and still have access to local files.

How did you get your phone blacklisted?! I’ve never heard something like that happening.

I didn’t do anything for it to happen, whoever owned it before I bought it off amazon reported it lost or stolen, or they stopped paying for it and the carrier reported it for nonpayment. Either way, I get screwed and whoever had it before me got a payday.

Edit: This is actually the second time I’ve had this happen. The first was a Galaxy S5 10 years ago when I bought my first good phone also on Amazon as it were.

Well it seems I’ve accumulated a win for this Saturday after the previous wins :

Out of all the people I expected, My brother asked for a Password manager, I set him up with Proton Pass and joined him in my family plan (same with my mom like previously), he’s even thinking about using Proton VPN in the suite which is great and considering his stance on Privacy, huge win overall to say the least. More than justifies the cost now me and my friend are paying for Proton family and that’s honestly really cool.

Main Win:

After months of being busy with other things and having some privacy projects be on a forced halt, I’ve finally gotten around to finishing them (or at least completing a version 1).

First is finishing my cross-device strategy after building a PC and installing Fedora Workstation on it a couple of months ago to work alongside my Windows 11 laptop which I used to use for everything for the past 2 or so years prior to building my PC.

The idea is to use my laptop for my “professional life” as I have no choice but to use Windows for apps such as the Microsoft Office suite since their web apps are actual garbage. Then, for everything else including personal and other use cases I would use my Fedora PC.

The actual “strategy” part comes in when I decided to add Syncthing into the mix so that I can have convenient yet private and secure file sharing between my machines, allowing me to conveniently work on or view professional files created on my laptop through my PC when at home, while at the same time not having the files created on my Fedora PC be spied on by Windows due to the intricate nature of Syncthing’s sharing system. Also, having certain files such as my KeePassXC database be shared and updated automatically is a serious time and sanity saver.

In-Progress Win:

I am currently working on finishing two Bash scripts.

The first is an automated setup script for my Fedora PC which installs apps, removes bloat, and does some system configurations so that I can quickly get back on track should I decide to wipe my system in the future.

The second one is a rsync backup script which I am planning to use both in a manual and automated way to accommodate my new backup strategy. The script is completely broken at the moment since it was originally made from back when I used to do everything on my laptop (I would use it with WSL there), but the plan now is to have it automatically create incremental daily backups to a secondary internal HDD which I have installed in my Fedora PC, while still allowing me to manually run it to push backups to an external HDD I would carry on me every once in a while for a more resilient backup strategy.

Also hoping to be able to create a PowerShell setup script for my laptop as well if I still have time

Maybe Win…?

Switched from Brave to Firefox as my “logged-in” browser due to weird hardware acceleration issues I had with Brave on Linux which would cause freezing in the browser when running multiple windows. I was hesitant to switch as to my understanding stock Firefox’s fingerprinting protections (without hardening) are worse than stock Brave’s, but the freezing issue was just getting too annoying. However, I do have to admit that Firefox containers are very nice

I got inspired by the latest stream about donating to your favorite projects, so I started to donate to Signal again after a long break. This also made me think how we often have a tendency to take things for granted and don’t really consider what would happen if a certain service didn’t exist anymore. If anyone is interested, this keynote talk with Meredith Whittaker was really good and reminded me again why Signal is such an important tool in this time.

I have settled a concern with iCloud+ w/ADP rather than abandon a service I’ve been quite happy with for more than two years of usage. This has been done both with a technical tweak and with an update to my threat model that streamlined it even though that wasn’t the goal.

My concern had been the exposure of metadata and the threat of convergent encryption with ADP. A deep dive into convergent encryption mostly alleviated my concerns as the way it is used in ADP makes the impact to me to be minimal. For the remaining files I was concerned about I just added Cryptomator vaults to my iCloud Drive.

On the threat model front I’ve streamlined it to categorize data into three general buckets to make it easy for me to choose how to handle on the fly.

Streamlined info categories:

Level 1: Encryption in transit preferred, E2EE not needed.

This is information I want to hide from potential criminal threats but I need to share often with third parties. Such as phone number or address which I have to share with financial or medical companies.

Level 2: Information that requires E2EE for content but not metadata

A great example is communication with my spouse. The fact we contact each other often is not a secret but the internal content of our communications require protection via E2EE. This means iMessage or FaceTime meets this requirement. So too most of my files in iCloud Drive w/ADP.

Level 3: Information where the internal content and metadata require E2EE.

This would include any file where the fact of its existence I want to be private in addition to its content. Or a communication of which the metadata should be protected. This means a Cryptomator vault for iCloud w/ADP and the use of Signal/SimpleX for communication.

Installed Mint on my sister’s laptop. She was only using it to watch Netflix and listen to music on Spotify, so nothing that Linux couldn’t handle. It was very fun!

Some people may already know that with this thread, but I finally installed CalyxOS on my Motorola phone after they announced CalyxOS’ compatibility with one of my phones. It was actually a dream that became a reality ever since I had that new phone. It’s a godsend since it seems like Motorola already (LOL) stopped security updates for my phone. When I heard the news here on the forum, thanks to @Jordan, I immediately installed Calyx.

After one day of use, I can safely say that the experience is perfect, all my apps are fully working thanks to microG and I have even more advantages like Private Space and their Datura Firewall. It’s a massive win for me

My Privacy Win?

Hello, I just recently discovered this forum because i prefer some reading and applying things on my own. I always prioritize privacy and security and second thing is convenience of course. I wanna share this achievement to release my excitement learning on the curve.

I am trying to attain a secure environment as possible without paying any money yet as personal challenge..(just a student)..Given the fact that FOSS applications are free and transparent, these guys deserves a lot of support and contributions to continue with the project. Hope i can help and donate soon!

I am Using KeepassDX and KeepasXC as password managers and synced using Syncthing everything and it works seamlessly. Everything is a pro but the local backup could be a “con” sometimes because when such all of my devices are stolen or something unexpected happened, then all of my files are gone too. To address the problem I uploaded the another copy of keepass on cloud and shared it to trusted friends to be kept PLUS, I also added a layer of protection using Cryptomator… So all of my problems for password management are addressed. Wherein I’m using all of features of KeepassXC (all features are free), my passwords are safe and updated (Cryptomator, Rclone, Syncthing). What about my keyfile? its safe and accessible.. no one knows where it is located, must be a government document, someones elephant video, a book, a photo, a music, who knows?, Someones pen drive, on random computer? its still available when something happened on my local devices. now all I need to worry is

1. cryptomator password,
2. keepass, and
3. keyfile
4. Ente 2FA

Also using an Arch based OS, It works fine so not planing to change, ditched windows because its forcing me to do things and security issues, I’m fine with Firefox with profile-maker and Brave for some reasons, Signal, most of the apps are from F-droid, frozen lot of unused apps running in background with Hail, Removed bloats with uad-ng-linux, Shelter for some apps abusing android permissions and app testings, Orbot, Wireguard configuration from Proton, RethinkDNS as firewall and blocker, FMD (Find my device), Fennec, Amarok for hiding files, App manager debloats, control app permissions and integrates Virus Total scans, Thunderbird mail client since some google accounts are still important, yet i needs filters and rules, for Email Aliases i used Simplelogin, addy, duck, adguardmail (temp mail and aliases) all has aliases has roles and purposes since each services has each advantages so I’m maximizing them. Cryptomator with folders in Pseudo names for cloud storage and with Rclone and custom actions on file managers everything is organized. Yes i have a lot of emails, **Proton, Tuta, Google & etc for due to several factors ** but when all things are organized, creating notes and Mind map seems that everything works and good for me. my data are minimized and secured. My extra old android is rooted, and using a custom Rom but i consider it more secure given that i have more administrative controls for tweaking. Once again thank you guys for educating us to learn and be secured for free ;). By the way, I am now always reading terms and conditions and policies HAHA.

Future plan
I wanna try hosting my cloudServer soon once my notes are done and enough budget.

Hope i can learn more with you guys

I donated (or i should say purchased a feature in privacy respecting app) for the first time. Finally happy to contribute to apps and projects i daily use.

Small wins this week:

• Moved to Ente Authy
• Started to use fedora (KDE) on a daily basis (in addition to my Mac Mini). It’s really fun!
• Added 2FA to a couple of additional services
• Restarted small monthly donations to my favorite FOSS projects

Jürgen

I have had huge wins recently.

1. I bought an up to date router because the previous one didn’t get any firmware updates anymore.
2. Also got camera covers with sliders for my phone.
3. Downloaded Brave for more family members, and they love it so far.
4. And I told one of my friends about the telemetry and privacy concerns of windows, he will fully move over from windows 11 to Linux Mint.
   Another friend is currently checking out distros what to choose.

Finally cancelled my Gsuite account of 20 years for my wife and I. Migrated all our emails and data to Proton. Cancelled tons of newsletters and junk emails in the process. Google gives you a grace period of 51 days which I’ll let run out before deleting the accounts completely. One thing I am a little bit concerned about is keeping my google voice number as its proven handy from time to time. Not sure if I’ll lose that as part of the Gsuite deletion… I set up a Hushed phone number for $25 lifetime to use to create a new anonymous google account for Youtube.

I had the same issue on Workstation. I also switched to Firefox for this reason.

I don’t have any wins to share this week (yet!), but I just want to comment, I love these threads. It is pretty awesome how everyone shares their wins are we can just uplift each other and take inspiration from each other for our own privacy journeys.