Hi, I’m Jonah 👋

I’m a data privacy advocate currently working with Privacy Guides and Techlore.

I also occasionally post things here.

New Privacy and Security Features in macOS 13 Ventura

macOS Ventura was released this week, and the Apple users among us may be interested in the improvements it brings to your personal privacy and security. We always recommend running the most up-to-date version of your operating system available. Updates add privacy and security improvements all the time—and macOS Ventura is no exception. Some notable new additions to the macOS privacy ecosystem include: Lockdown Mode Rapid Security Responses Passkeys Let’s venture in and see what these updates will mean for you....

October 27, 2022 · 7 min · 1344 words

What is the deal with PrivacyTools?

If you don’t like drama, feel free to ignore this whole post. It’s honestly a very boring topic that nobody besides terminally online people with an axe to grind will care about, however because I continue to be asked about this topic anyways, I had to publish this for future reference. An extended version of this page was originally published on Privacy Guides to clear up misinformation being spread by the project currently known as PrivacyTools....

September 25, 2022 · 10 min · 1973 words

Toxicity and Fanboyism in the Privacy Community

I wrote this piece as a response to (and general agreement with) The Real Privacy Enemy is Ourselves by Henry from Techlore, which is a very interesting read. I do work on the Techlore YouTube channel and online community myself. Toxicity and fanboyism is a big problem in many niche online subcultures (Linux community, Android vs iOS, etc.), but it’s especially hard to keep seeing it crop up again and again in the privacy community — such an important topic we’re very involved with on a daily basis....

February 8, 2022 · 4 min · 689 words

Threat Modeling: The First Skill You Need To Begin Your Privacy Journey

I originally wrote this piece for the Privacy Guides blog, although the information herein has been largely superseded by my contributions to their Threat Modeling and Common Threats pages, which I recommend exploring. The major trade-off with many privacy-centric services and software I’ve seen is that in general, the more private and secure something is, the more restricting or less convenient it is. This balancing act between high security and privacy, and usability and convenience is one of the trickiest problems to overcome both when creating software and services and when choosing which services to use....

September 13, 2021 · 7 min · 1306 words

The Trouble with VPN and Privacy Review Sites

There’s a massive problem in the privacy world. Websites, social media accounts, and other platforms are constantly popping up out of nowhere, telling you to buy The Greatest Service Ever in order to solve all your privacy woes, whatever that may be. These websites often employ marketing teams to make sure their “reviews” are what you see first when you begin your research. Some of them are even operated by VPN providers themselves, operating under anonymous business entities to hide their bias, or doing it right out in the open, hoping you’ll mistake their advertising-filled press releases and blogs as insider knowledge of the VPN space....

November 20, 2019 · 9 min · 1803 words

Choosing a VPN

So you know what a VPN is, but there are so many options to choose from! Well before we dive into this, let’s get one thing off the bat: Avoid Free VPNs Privacy-respecting VPNs can provide their service because you pay them for it. Free VPNs are worse than your ISP when it comes to respecting your privacy, because selling your data is the only way they can make money, whereas an ISP is primarily paid for by you....

October 30, 2019 · 6 min · 1272 words

Understanding VPNs

A VPN — or Virtual Private Network — is a tool that secures your internet connection from attackers on your network. But before I explain how that all works, let’s talk about the internet without them. Your Internet Service Provider (ISP) can see everything you do online. Well, nearly everything: When websites use HTTPS (or TLS, or SSL. these terms are often used interchangeably when referring to website encryption), indicated by the padlock in your web browser, your ISP cannot see exactly what you’re doing on the website....

October 5, 2019 · 5 min · 995 words

Thoughts on Apple's Independent Repair Provider Program

I can honestly say I didn’t see this coming. On August 29th, 2019, Apple announced they would begin not only selling original OEM parts to independent repair businesses, but also provide them with the tools, guides, training, and diagnostics required to complete repairs on out of warranty iPhones. This is great news. It’s a surprising turn of events from a company that has spent years lobbying against Right to Repair bills across the nation....

September 1, 2019 · 10 min · 2097 words

Self-hosting a Shadowsocks VPN with Outline

Outline is a suite of open-source software developed for journalists to safely access their network and the internet while traveling in countries where their activities may be monitored or censored. Despite this, the Outline platform is ideal for a wide range of users, especially less technical users, and users in censored countries like China who may have little to no knowledge about how VPNs or proxies work. Outline consists of two parts, the Outline Manager and Outline Clients....

August 22, 2019 · 8 min · 1525 words

Enabling Pushover Notifications on Successful SSH Logins

If you run servers for public services, like I do with privacytools.io, you definitely want to monitor them for any successful logins to user accounts (via SSH, et cetera). The way I plan to accomplish this is to set up an automatic notification to the Pushover app on my phone in the event of any login. I’m going to implement this as part of PAM authentication, and configure it to fail any logins if the notification script fails for whatever reason....

May 15, 2019 · 2 min · 324 words