Your Weekly Privacy & Security Wins 🏆 (Week 64 - Sep 5 2025)

A dedicated place to share all of our wins! Welcome to our 64th week of privacy & security wins And thank you all for your patience with holidays and travel last week, let’s keep the train chugging along!

Now, this only works if you all want it to work. That means:

• Don’t be shy! Even the smallest win is something you can share. The more of you who contribute the better it is for everyone
• Be positive. Remember we’re all in different places of our journey. Someone enabling 2FA on their first account can be just as excited as someone who figured out how to install Qubes on their new system. Give each other some love!

Since we skipped a week and you all may be a bit shy, I’ll start it off. The newest video I just put out (https://youtu.be/EwgTKdzTELY) talks about why I started using a browser-only VPN workflow. Some people in the comments left some cool other workflows I’m excited to try in the coming weeks!

Beyond that, I moved a few more AI workflows I had through DuckDuckGo’s ai for better privacy compared to using the native AI models, and that’s been about it!

Making a personal note to refer to my privacy needs as ‘shyness’ with some folks.

“I’m trying to cultivate more shyness in my life.”

“I’m too shy these days for Discord. Are you on Signal?” I’ll need to workshop them a bit.

• I haven’t been too coordinated in my work towards privacy lately, but recently downloaded Tails to a USB stick after losing my last one (no persistent storage on it, so already experiencing the benefits of Tails in a way).
• Signed up for one of the opt-out services.
• Also updated the login for an old work email that was coupled to a laptop I no longer have.

Also, new to the forum. Nice to meet, everyone!

iCloud Private Relay

I subscribed to iCloud+ on my iPhone (for $1/month with a gift card, i.e., without a credit card) because it offers much better battery life than a classic VPN. I always had problems with battery life using the official WireGuard client or Tor onion routing. I also installed the Safari plugins Sponsorblock and uBlock Origin Lite. This allows me to watch YouTube videos without ads on the train, meaning that not only are ads from YouTube filtered out, but also those from the content creator. This is made possible by a crowdsourced filter list with timestamps indicating where ads begin and end in the video.

Very interesting. Please more details. Which product exactly?

Much better than Big Brother services like Disney+ and Netflix

Blue-Ray players include DLNA client?

Not sure if this counts as a “win” but I was just reminded to go over my toggles in brave://flags and make sure everything about AI and their crypto was shut off and most of the fingerprinting protections, including Strict Fingerprinting protection, was turned on.

While I was checking my regular settings I noticed one in Content Filtering that said Anti-AI Search Filters, so pointing that out to everyone should count as a “win” because it reminds us all to check the settings after an update.

I might as well give a tip or two for those using web browsers, as I personally do this myself.

If one were to be using only one browser for everything, unless they use Multi-Account Containers and something like Proton’s SimpleLogin, they’re probably uninformed about the fingerprinting that’s happening right under their noses, as Henry proves here (Yes, it’s Invidious, because I want to protect your privacy, though I don’t maintain the instance I placed in).

Not to worry, though, as there are ways to fight said fingerprinting JS slop. One way is using something called browser compartmentalization, which is not as complicated as it sounds some, but very descriptive.

To explain this a bit, it’s a concept where you use one browser for one specific purpose. For example, I use only one browser specifically for Google logins (that being Zen browser in this case), and another for my normal browsing and logged-in accounts (I like Waterfox for that in particular). However, since I seemingly ran out of Firefox-based browsers that were available (that weren’t the likes of Pale Moon), I had to make a different profile for my former editor on one browser for Fediverse shenanigans (he uses Librewolf, and so do I, for this purpose alone). I don’t use the Fediverse necessarily, but a different protocol that isn’t AT (because BlueSky is sorta decentralized, but is centralized because of the OFCOM stuff in the UK).

Of course, you’ll need to harden your browsers to the nines, and use good quality plugins that won’t be compromised (I’d recommend uBO (uBlock Origin for those not in the know), Privacy Possum (Privacy Badger fork), LocalCDN (Decentaleyes fork), LibRedirect, SimpleLogin and ClearURL’s as the extensions for your primary browser). I harden all the Firefox-based browsers I use this way, with some slight extension variations depending on what I want to use that browser for.

It will be a win for most, as was a win for me when I went ahead and started compartmentalizing quite a while ago (I forgot when I even started it, since I’m used to it by now).

Pretty big one for me. I got Linux Mint running on my good computer instead of Windows 11. Its having a lot more issues than my used Dell did, but I’m working on them.

Overall it’s functional for what I need and pretty customizable.

Next step is to get my potato running Linux. It came with Windows 10, but can barely run that, let alone 11. Considering trying Alpine Linux on it just to see how a GNU-less OS is. I’m going to need a hub or something though. It pulled an Apple and only has one USB plug in it, and that’s also the charging port.

… I suppose I should upgrade the Dell to the newest version of Mint while I have the bootable drive…

From this list, only uBlock Origin, LibRedirect, and maybe SimpleLogin are worth adding.

• It is not recommended to use multiple content blocking extensions simultaneously since they can mess with each other.
• The maintainer of Arkenfox has stated that Privacy Badger (probably would also include Privacy Possum), LocalCDN, and ClearURLs are unnecessary because you can already achieve their goals with uBlock Origin and built-in browser features.
• I would only add SimpleLogin extension if you’re not using Proton Pass or Bitwarden that can both generate SimpleLogin aliases without the need for the extra extension. And even then I would probably just use the website instead of installing the extension.

A small privacy win for this week:

For the collaboration with a team, I’ve chosen to make a Proton Docs document instead of the usual Google Docs document. This is for a “game jam”, which is a challenge to make a game within a certain amount of time with a pre-chosen theme. These people are complete strangers to me, but we’ve been using it for a few days now and everyone got on board with it with no pushback. It shows to me it has passed the smell test for being ‘a good enough alternative’.

Rant: I’m really glad it just worked out. I think since Proton as a company has gotten bigger it really has been making waves, slowly disrupting the age-old landscape of Microsoft v.s. Google. What I’m about to say might be controversial, but in a way I’m glad they speak the notoriously marketing-first corpo language. Because this is the old tongue of the economy that unfortunately seems to make most people take them more seriously. The slice of the population that listens more to grass-roots vibes and authenticity-first marketing would still be classified as “early adopters” (as of now, because cultures aren’t static). By the way, on the topic of early adopters, it’s so wild that in Finland 1 in 4 desktop computers uses Linux (servers not included, this page includes everything). Ever since I saw it I’ve been loving Finland based on this fact alone.

Here’s a rundown of everything I’ve been working on since the latest post:

• Notesnook: since my previous update, I have started using it more and more, mainly for sensitive work-related notes. I like the simplicity of it and will probably get a subscription to support the team, even though the free version covers 85% of my needs.
• Task Managers: been experimenting with Joplin, LunaTask, and a simple note editor like notesnook for all the life / work related task management. I recently made a post about this and promised a follow up run-down of the pros and cons of each service, which will take longer than initially anticipated since I want to fully see what each service offers.
• Lumo AI: found a fantastic use case of lumo (proton’s AI assistant) to aid me in my language learning. Tried with Chat GPT and others in the past, but Lumo handles the task a whole lot better than those services.
• Finances: canceled unused debit cards
• Office: switched from microsoft to libre in my personal computer. Not possible for my work computer due to Microsoft 365 collaboration
• Deleted more unused accounts and apps on the phone

Edit: I have currently settled for notesnook as my task manager of choice. You can read more about my thoughts in this community post

Henry’s video on the browser-only VPN workflow opened my eyes to how I could use split tunnelling on the Mullvad android app. I always kinda knew split tunnelling was a possibility but never considered using it practically until now, kinda embarrassing

When YouTube would get fussy since I’m using a VPN I used to just disable it entirely, then go do something else and forget I left VPN off.

Now I just have split tunneling configured so GrayJay and my messaging apps don’t go through the VPN, I get smooth YouTube watching and video calling without needing to toggle the VPN on and off, cheers for that one!

Okay great stuff everyone, awesome week! We’ll be showcasing @Tourma at 2025-09-12T21:00:00Z

YouTube:

PeerTube (again, still in beta :P)
https://techlore.tv/w/bE6ZhYHepZ89K5rYn2wFBT

Next week’s thread is live: