Your Weekly Privacy & Security Wins šŸ† (Week 62-63, Aug 8 2025)

A dedicated place to share all of our wins! :trophy: Welcome to our 62nd-63rd week of privacy & security wins :slight_smile:

Now, this only works if you all want it to work. That means:

  • Don’t be shy! Even the smallest win is something you can share. The more of you who contribute the better it is for everyone :slight_smile:
  • Be positive. Remember we’re all in different places of our journey. Someone enabling 2FA on their first account can be just as excited as someone who figured out how to install Qubes on their new system. Give each other some love!

Going live with last week’s at 2025-08-08T21:00:00Z

YouTube:

PeerTube (Still in beta to be safe):

2 Likes

After stumbling in to the security sphere I have gone on a security spree. This week I have started using basically all of Protons free ecosystem. 2FA, Aliasing, VPN, you name it now I’m left wondering whats next. Here is what I have done roughly during this week (It’s summer in Sweden and the days blend together during the holiday)

The Cloud

I ditched Icloud for Proton Drive which was really easy! I just clicked sync on the IOS app and BOOM all my photos uploaded. I removed my photos from my un-encrypted Icloud (I don’t trust anyone with it).

VPN

I watched some videos about VPNs and heard about the Swedish police wanting to collect Mullvads data, which they couldn’t :wink: . Which made me think about what they collect from the ISP. I choose Proton, mostly because it was free and I already had switched to their Email earlier this year. I then heard that my Face-ID could be used against me to unlock my phone. But obviously SWEDEN wouldn’t allow THAT :fearful: … ahem ahem. So I added a restart shortcut to my home screen… just in case… Face-ID is just to convenient.

Passwords and 2FA

Then I saw Proton Authentication in the App Store, of course I had to get it. I connected virtually all my accounts, at least the ones who supports it, to 2FA :key: . Then I saw Proton Pass and relocated my passwords from the iPhone password-manager. Changed the reoccurring password i used, across all my logins :dotted_line_face:, to proton generated passwords and added some aliases. I have also gone on a goose chase trying to find all my forgotten account and deleting them for a lesser internet presence.

What do I improve?

I know about GrapheneOS and I really want it but I will wait till i afford it. I am for using Signal as an message app but I’m not sure how to get my family and friends to use it. Should I use apple pay instead of putting in my credentials manually, i know apple pay is supposed to be safer, but what do they store on their end? Which IOS browser should I use for privacy?

FYI I am already using Linux, LibreWolf, DuckDuckGo and ad-blocker since a while back when I stumbled into the Linux sphere

8 Likes

Might as well do this one, since I just started doing this recently.

For those unaware, there is a tool called Picocrypt, which is a file and folder encryption tool. While it may not be developed anymore (as of August 7, 2025), it’s a small (3MB) but powerful tool for encrypting files and folders. It utilizes XChaCha20 as its encryption cipher, supplemented using Argon2 for key derivation. It’s even been audited as well, so you know you’re in good hands.

Not only that, but this tool allows someone to utilize Reed-Solomon error correction, plausible deniability, compression and even portability. Data integrity is a thing with it in addition to the aforementioned.

Unlike VeraCrypt, which requires sudo permissions (doas [BSD’s version of sudo] is not supported, as I found out like a complete doofus), Picocrypt doesn’t require sudo permissions, and can be run as a user, which is a bonus. Speaking of, VeraCrypt uses AES-256 as its encryption cipher with PBKDF2 as its key derivation (not as safe as Argon2, though), and also lacks Reed-Solomon and compression support. Despite these setbacks, plausible deniability is supported with VeraCrypt, though no data integrity can be had.

All of this described is why I wanted to try out Picocrypt, so I encrypted some files with it to see how it works. I’m still learning what I’d want to do with it, but I’m sure I’ll find a way to pull this off to where I can send things encrypted, as that’s now a requirement.

If anyone wants a tip, you can use Picocrypt or VeraCrypt to encrypt something, and then send the encrypted file and the necessary password through something like Wormhole or Send (I like Wormhole) so even its transport can be encrypted in transit and at rest. This is how you can protect the metadata of whatever you’re sending, and own it (so can the receiver, whoever is collaborating with you or a client of yours). Make sure you use disposable links to do this, or they become AI material to provide slop.

5 Likes

I do some photography as a hobby and I’m still reliant on some closed source editing software to make things easier. Tools like GIMP are capable but it saves a lot of time when the software deals with a lot of the decisions for me.
I’m otherwise almost entirely on Linux given Windows constant badgering to enable ā€œWindows Backupā€ and upload everything to the cloud.

I bought an M2 Mac Mini from a family member that was looking to upgrade and have now migrated my photo editing setup to it.
I’m also starting to use it for more sensitive tasks, like finance, since it’s generally more secure than Linux.
It’s been a journey getting used to the interface differences and I’m still in the process of migrating all the files and getting multiple backups set up but it’s turned into a real workhorse for anything other than gaming.

3 Likes

I very recently discovered this community after deciding that I want to boost my privacy and security online. This is the first time I post in a ā€œprivacy wins of the weekā€ post so here’s a summary of where I am currently and the future projects:

Current wins

  • Deleted google chrome and Microsoft edge and installed Brave and Mullvad. Surprisingly, I like Brave browser a whole lot better than Chrome
  • Brave search engine
  • Switched to proton suite and got a subscription
  • Was already using bitwarden for my passwords but I did the very tedious task of deleting unused accounts, switch almost everything to email aliases through proton, and change passwords to strong ones. I am now using proton pass and I like it just a little better than bitwarden (although both are fantastic options)
  • I had 2 google accounts, deleted one but the other its sadly not possible
  • Deleted my entire Facebook history (old photos, posts, etc.) which thankfully it wasn’t a lot
  • Changed my WiFi password and router log ins (more security related win but still)
  • Deleted all google, apple, meta apps from my phone, except Instagram
  • Discovered RSS feeds and find them extremely intuitive. Just need to start using them a lot more often
  • Uninstalled a whole lot of unused apps and switched to web apps for some

Future projects

  • NAS: I really like owning my media and eventually I want a hope server and storage to keep all my legally bought movies and music. The goal eventually is to unsubscribe from Netflix and Apple music and have a similar service with my own library using something like Plex
  • WiFi router: buy an Asus router to install VPN directly in there so that all devices in my household are a little bit more secure
  • Notesnook: my line of work involves a lot of note taking. Traditionally I used pen and paper or something like apple notes. I have already created an account with notesnook but I need to try it out and see if it works for me
  • Redact: I like the idea of redact but the yearly plan throws me off. I understand the financials behind it, but it probably is not for me for the time being
  • Monero: I am not well-versed in anything related to Crypto. I am still reading but if I find a daily life kind of use case, I will probably get some Monero as well

Any suggestions from the community always welcomed

7 Likes
  • Moved from VSC*de to Neovim (btw)
  • Learned how to use rsync so making backups is easy instead of a chore
  • Have more or less moved to noai.duckduckgo.com purely to have a no AI experience, and ddg’s bad search results have made me search more to find what I want instead of being given the answer instantly by an LLM. Now I actually think what to search and whether the results are relevant to me or not
3 Likes

Convinced a friend of mine to start dual booting Linux Mint on his gaming PC in the near future, for non-privacy reasons (and also non-coding reasons, for that matter).

Story:

A few days ago he gave me his laptop for temporary use. As I was using it I felt the urge to give him a tour of what Linux desktops look like on this device, because I am very enthusiastic about Linux desktops, and hoping it would catch on to him as well. Well, he agreed as long as it didn’t touch his windows 10 installation and it was reasonably quick, and so I used Ventoy to turn a USB stick into a multi-boot one, so I could boot up a few distros in quick succession.

Out of the 4 distros I showed him (Linux Mint, Manjaro KDE, Fedora Workstation and Ubuntu) he liked Linux Mint (which has the cinnamon desktop) the most. I’m really glad he liked it because I know he’s one of those people who are actively avoiding Windows 11 as long as they can (probably until Microsoft gives them the final warning), even though their hardware is ā€˜allowed’. He told me he fears the bloat and the UI choices, which is understandable.

Sidenote: I bet there are a lot of others like him that are sitting on the edge of switching to Linux, but are still unsure probably because they haven’t seen the actual desktop experience with their own eyes on their own machine. Currently he only has plans to use it for gaming, but I can’t imagine he won’t expand to other areas once he is on ā€œthe other sideā€, if you know what I mean :laughing:…

Side-side-note: he also just despises Windows in general, so that helps a bit too lol

2 Likes

I forgot to share this last week, but I wrote up my thoughts on how I can be more politically active to stand up for digital privacy. I’ve taken some steps already like calling my reps on a regular basis, but I’m still learning about how to do more. Enough is enough.

I have been using YouTube since some time around 2008-2010, and there have been so many anti-consumer and anti-privacy practices in that span of time through them alone that it’s hard to count. From the Google+ account fiasco to the self-censorship most creators do in order to skirt demonetization, my dislike of the platform on both a privacy and anti-consumer level has grown.

The introduction of AI ID Verification was the final straw so now, I’m finally done with YouTube! I sadly had to get rid of a lot of creators that I followed on my RSS reader because they didn’t have their videos up anywhere else nor did they have any sort of blog I could follow, but I was able to find a few of them on PeerTube and a few others had blogs that I didn’t know about until I went through this process. Is it a sacrifice? Absolutely, but it’s one I’m willing to make for myself on a personal level, as well as in the battle for a freer internet.

5 Likes

That’s a great pivot, glad to see you invest your efforts onto switching to Peertube as a video consumer. I truly think Peertube is the future of the video content creator & video streaming industry, and the more people like you, the more it will gain recognition from bigger creators.

2 Likes

I removed my phone number from several online services that I had signed up for before I cared about privacy because I learned that knowing someone’s phone number can be used to dox their real name. Of course some of the online services could still retain the data secretly, but imperfect actions are still better than nothing.

3 Likes

Hey everyone! I’m sad to share that my family recently experienced a loss. It’s been a hectic couple days with some lingering things still happening, so there won’t be a privacy wins stream this week. I have two really exciting videos in the works though, and plan to be back with privacy wins next week. Thanks so much for your patience and support during all of this, and I’m excited to be back with you all soon :oncoming_fist:

Feel free to keep this thread going and I’ll combine them into next week’s stream. Loving these wins here so far!

3 Likes

Hi - BTW Graphene OS is free for Pixel owners. Way to go with your changes! I highly recommend jumping to a de-googled phone, it feels so great. I went from iphone12pro earlier this year to a Pixel 8 with GOS and full Proton integration (other than Auth since the 2FA also lives in Proton Pass).

1 Like

What RSS reader do you like?

Nice work! I would suggest a de-googled Pixel with Graphene OS next. Getting off the big tech phone surveillance chain is super-liberating.

This is not a weekly win. Rather a snippet of my privacy journey. Makes use of free services as much as possible. Contributing to open source by filing bug reports!

Operating System

Desktop - Ditched windows for Linux. Tried various distros like Ubuntu, Pop OS, Garuda Linux for brief periods of time. Now settled with Fedora Workstation Gnome. It’s my favourite distro so far. I think my distro hopping days are over.

Mobile - Motorola highly debloated with AppManager and no google login. Main profile with Fossify apps replacing all google apps. A seperate work profile for proprietary/rarely used apps like Google Maps, Uber etc.

Browsers & Extensions

Desktop - Firefox for general purpose browsing with cookies auto cleared on exit. Ublock Origin, Redirector (for redirecting to privacy frontends like Invidious, Nitter, Redlib) and Imagus as extensions.

Brave with Bitwarden Password Manager for sites which require a quick login and for Tor browsing (I know it’s not ideal, I just want to bypass my service provider)

Zen Browser with Ublock Origin for always login websites with cookies cleared on exit (exceptions for login sites).

Android - Firefox for general browsing with Ublock Origin and Redirector extensions.

Brave for site logins (which I use very rarely).

Tor Browser in Work profile for anonymous browsing.

Search Engine

Brave is the default search engine. In case a search doesn’t fetch the results I am looking for I make use of Search in Google/Bing option in Brave Search. Here, I use Redirector extension to forward the ā€˜Search in Google ā€˜ to Mullvad Leta and ā€˜Search in Bing’ to DDG HTML.

Email & Logins

Proton Mail for work purposes. Proton Pass/Simple Login alias as it comes with proton account but rarely used.

Tuta Mail for other uses. DDG aliases forwarded to Tuta for all logins.

DDG email address (not alias) for important sites like bank, govt etc.

Sometimes, work requires Gmail. So an account only for this purpose.

An old Gmail account pending deletion. Giving it a two year cool off time.

2FA - Ente Auth for desktop and Aegis for mobile.

Mail Client - Thunderbird for Gmail accounts.

File Storage

Filen for important files with one way sync from desktop and occasional manual backup to a HDD.

Proton Drive in case.

File Sharing

Syncthing for sync between desktop and mobile for important files.

Local Send for transfers.

Office Suite

Desktop - Libre Office and Only Office

Mobile - Only Office

Note Taking

Notesnook synced between devices.

DNS

Desktop - DNScrypt-proxy with Oblivious DOH and custom blocklists.

Mobile - RethinkDNS with Oblivious DOH and custom blocklists.

I have been using NextDNS for a very long time. Switched recently for the privacy benefits of ODOH.

VPN

Desktop - Proton VPN

Mobile - Cloudflare Warp wireguard configuration in RethinkDNS

App Store

Desktop - Distro packaged apps via terminal, Gnome Software for Flatpaks and Appimages from source. If the distro packaged app is a very old version, makes use of officially supported alternative ways for updates.

Mobile - Aurora Store, Obtainium. Play Store (without login) for webview, Google Maps, etc.

Youtube

Desktop - Freetube, Grayjay

Mobile - Pipepipe, Grayjay, Metrolist (for YTM)

All softwares and services are tweaked for maximum security and privacy by following guides from various privacy forums. Bid goodbye to all big tech social media. Deleted all unwanted accounts. The only thing I am unable to get rid of is WhatsApp as it is the major communication platform in my country.

4 Likes

I use self-hosted FreshRSS as a Google Reader API-compatible server. As for the client, I use Newsboat because I really like the terminal. My only gripe with it is that it doesn’t support images via the kitty protocol, so I’m considering writing my own RSS reader.

I use Twine RSS as it has a good UI compared to other RSS readers I’ve tried. You might want to give it a try - the best part is that it’s available on both iOS and Android.

Made a few small contributions to consumerrights.wiki, adding some small grammar cleanups, granny rule* type clarifications, external links etc, in an attempt to help build a better information ecosystem for the layman internet user. This wiki not only tackles right to own issues, but also many of the anti-consumer practises we as privacy-advocates are familiar with, such as:

  • Ecosystem lock-in
  • Privacy invasions / security incidents
  • The enshittication pipeline of big-tech

Hope to see y’all there give it a try! (no sign-up required)

*granny/senator rule (shortened for quicker reading)

The Wiki aims to be a widely accessible source where the general consumer can learn about the issues that affect them, and where relevant regulatory or political figures can be directed for a full explanation of the issues they have sight over. In general, a good rule of thumb to use when writing for the Wiki will be ā€˜would I be comfortable showing this article to my grandmother?’

This has two main implications:

  • Avoid using inflammatory language
  • Avoid unnecessary technical detail

Examples of unacceptable content includes:

  • Strong and unfiltered language
  • Deep dives into the technical functionality of a product at the center of an Incident
  • Unsourced ā€˜facts’, and excessive use of disreputable sources
  • The tone and language a Youtuber or disgruntled customer might use in a rant video or review
  • Direct insults to specific individuals or companies, or direct attribution of malice to said individuals or companies
  • This Wiki is not a place for righteous indignation - there are plenty of places on the internet to get mad about things, this is not one of them

We will be especially vigilant against potentially harmful content, and take strong action against users who:

  • Advocate for direct action against malicious companies or individuals within articles themselves
  • Add false or misleading information to the Wiki, particularly that which may be damaging to companies or individuals
  • Invent sources or quotes
  • Write articles which feature a blasĆ© attitude toward the expression of extremely strong, or even violent, sentiment towards named individuals and companies

Source: Consumer Rights Wiki:Editorial guidelines - Consumer Rights Wiki

2 Likes