Addressing Almost All Techlore Mistakes—And Why You Shouldn't Solely Trust Techlore.
After the numerous years working on Techlore, I’ve made many mistakes. Here’s why they happened, why they will continue to happen, and why you shouldn’t solely trust Techlore.
I’ve been running Techlore since 2014—yes, almost a decade ago. Today, I’ll detail why and how Techlore makes mistakes, why they will continue, and the numerous systems I’ve created to ensure you can verify what Techlore is doing.
The most common mistakes are a result of outdated (or incorrect) information which no longer represents the information we currently share. For example:
Techlore Dispatch is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
I’ve previously stated Authy was open source, when it’s not. (This was just an outright mistake)
I’ve previously suggested using Google Authenticator over other TOTP applications. (In 2017, the TOTP alternatives to Google weren’t great. And in fairness to myself, Google Authenticator at the time was an entirely offline app which was unlikely to be a privacy concern)
I’ve previously suggested NordVPN as a good VPN! (Though again, in fairness to myself, NordVPN genuinely was frequently suggested between 2017-2019 before their core scandals, even throughout the privacy community)
⏩ Fast forward to today:
I am now critical of Google Authenticator, describing it as a ‘literal meme’ (sure, it’s exaggerated for YouTube, but I also really think it is!)—and that original video was updated with an entirely new video with better quality information.
NordVPN is no longer listed as a top VPN in any capacity; they haven’t been for years, since we quickly reacted to the numerous issues they began to face. All our VPN tools reflect this, and our shift away from reviews to objective VPN data is also largely a response to situations like this. Outdated Nord content is unlisted along with other outdated reviews in our archive playlist.
These were just a few mistakes, and there’ve been many more!
Between the ability to make honest mistakes over the course of hundreds of videos, and the inherent issue of content becoming outdated—our content will always have mistakes—even if the content was free from mistakes on release.
To help deal with this, I manage a Techlore changelog to document mistakes. In addition, I actively unlist old videos I feel are too harmful to be left public; many of these videos are incredibly popular and brought us tons of viewership, but the performance isn’t worth the poor information being spread. To my knowledge, I don’t know of any YouTube channel that actively documents mistakes made in prior content, delists popular content, and creates publicly accessible archives for people to view the issues.
I believe more people should embrace their mistakes as we have, not hide them under a rug and pretend they were 100% right all along—because we all grow and evolve.
I, Techlore, Privacy, and the World evolves! I have no issue telling you I don’t have all the answers. In fact, no one does. Anyone who claims otherwise and refuses to accept they could be (or are) incorrect is unlikely to have your best interests in mind. I loosely base Techlore on the scientific method. This means we prioritize research, testing, procedures, evidence, and are open to evolving our understanding of privacy and security as more information and services comes to light. Rather than doubling down and telling the world Authy, Google Authenticator, and NordVPN are fine because we said so 5 years ago—we actively come forward and tell the world we were wrong. Our hypothesis and results were incorrect, and so we need to go back to the drawing board. The inverse example is we won’t blindly call something untrusted or harmful unless there’s real evidence to demonstrate that to be the case; this is a common form of speculation in the privacy community that leads to the rapid spread of misinformation.
While our approach allows us to avoid a majority of misinformation, it has the natural consequence of failing to predict the rare situation where a previously unfounded conspiracy theory turns out to be true. Though again, our process allows us to evolve to now reflect this new information!
We’re not perfect, we will never be perfect—all I can guarantee is we will evolve, just as we’ve done for nearly a decade.
😌 I’ll make this simpler:
If you want to be stuck in your current model of thinking, refuse to evolve when new information comes to light, and would rather rely on speculation than evidence—Techlore is not the resource for you.
If you want to evolve and join the process of experimentation, not jumping to conclusions, analyzing evidence, embracing nuance, and learning from mistakes—Techlore is the resource for you.
On a similar note, nuance is an important characteristic of Techlore. Rather than screaming into the microphone how evil Google is, or how perfect Google is—I will outline situations where I feel Google can be genuinely helpful and harmful in the same video. I’m not sure why the internet is so black/white, but it results in both the Google lovers and haters being equally upset—believing I’m taking the opposition’s side. (often in the same video!) It blows my mind how two people can interpret a video in two different directions, completely unaware of their personal confirmation bias. More on this here:
It’s upsetting, because nuance does not get clicks. The internet rewards extremism, and each time I opt-out of this approach, I leave success on the table. Creators will always experience more success through outlandish claims without nuance, than covering an issue with nuance—every time.
To put it bluntly: I don’t care what side you’re on for anything. I’m going to look at the evidence and what my assessment is of a situation. If you want me to embrace the common black/white duality of the privacy world—Techlore is not for you. You will hear me praise and insult just about everything. At some point…my favorite services will be criticized, and my least favorite services will be praised.
This isn’t to say, however, that I don’t have pre-existing biases that’ll influence Techlore. I do my best to check my bias where I can and acknowledge it’ll always exist. This is the best I can do, as well as leaving our communities open for people to share their opinions and criticisms of Techlore, which I take into consideration to help ensure I’m not creating an echo chamber.
Behind the scenes, we deal with a load of nonsense, most of which I actively do my best to keep out of the public. Physical threats from projects, individuals threatening to sue us, doxxing attempts, and more unhinged insanity that reads like fiction. I’ve lost count of the number of people who’ve threatened to sue us—it’s getting old. I’m perplexed by these threats, as I feel I’ve done a great job of steering Techlore in an honest, evidence-based trajectory that evolves with the industry, that evolves as I evolve, and stays true to my values of what I think is right in the world.
With that said, I firmly believe our approach is interpreted as a direct threat to these individuals, as they rely on the opposite techniques we strive for:
They rely on blind trust in an individual, black/white thinking, refusal to evolve and admit prior mistakes, and zero ability to self-reflect.
Have I completely avoided being sucked in to these situations? Absolutely not.
Have I completely prevented some of the situations from ending up in the public? Absolutely not.
All I can tell you is I do everything in my power to keep this behind closed doors to ensure the public doesn’t need to experience it unless I feel it’s necessary for their (or our) protection. I don’t want people to have to deal with the bullshit I deal with—no one should have to experience this.
Why am I bringing this up? Because it’s my way of communicating to all of you our efforts to stick to our mission—to stick to our process—to keep Techlore informational. I’m also voicing this problem because we’re not the only ones dealing with it. I’m in contact with countless leaders of other privacy projects/services/resources that deal with the exact issues we deal with, but are in a similar situation where they don’t want to make things public. Some of these individuals have had to get dedicated mental support just to keep developing software, some are thinking about leaving privacy entirely, and some have already left without any PSAs—likely out of fear from the backlash. I guarantee that most of you reading this blog interact with software and resources developed by these individuals struggling behind the scenes.
If you value the hard work going into the privacy projects you use every day, you have to take the human element seriously. It’s not just software, it’s not just resources—it’s also the people developing them.
Everyone in the community can help us (and other amazing privacy projects) stay on-topic and avoid insanity by doing something very simple:
Use your voice to call out shitty behavior in the privacy community—even if it’s ourselves. If you see bad behavior, SPEAK UP! All it takes is one person to make a difference. And remember, you can call out bad behavior without it needing to completely reflect a service/company/project/software. Call out arguments made in bad faith. Call out misinformation. One of the worst things you can do is stay silent and quietly enable problematic people.
On the personal front, I’ve been offered jobs from other privacy companies that would pay significantly better than what I’m able to pay myself through Techlore. I’ve been contacted by a Google recruiter because of my work at Techlore. (Yes, quite unexpected indeed!) I have yet to graduate college, almost entirely because of my dedication to Techlore. But most importantly, I can’t say Techlore has a positive impact on my mental health and overall happiness.
On the Techlore front, we’ve received offers for thousands of dollars to insert links in our descriptions, for sponsorships we didn’t believe in, to perform paid reviews, and a lot more sketchy shit. Nearly every day, we receive emails from services wanting to pay us for coverage and fake opinions—we turn it all down. The only offers we consider are ones that align with our public protocols, and even those we’re incredibly careful with. After nearly a decade, I’ve accepted sponsorships from only the following companies:
Yep, 4 companies. All companies I still personally use, whole-heartedly believe in, that follow our protocols, and to this day are listed as formal Techlore recommendations because they’re that good. (And none of them are sponsors anymore at the time of writing this article, I have no further reason to praise them!) If any of these companies fuck up tomorrow, you bet we’ll be the first people to remove them from our resources.
I can only share so much about my personal life, but what I can share is I could be doing multiple things more successful, and much less stressful than managing Techlore. So why do I do it?
I still work on Techlore after nearly a decade because of the countless number of people telling me how much Techlore has helped them on their privacy and security journey. These positive comments mean the world to me ❤️
I do it because I’m dissatisfied with the state of the privacy and security community.
I do it because I feel Techlore provides real value to people, and is the most impactful thing I’ve done for the world.
Until I’m happy with the state of privacy and security, I don’t intend to stop working on Techlore. After years of having the option to sell-out, I’ve only ever said no—and that’s what I will continue to do.
Why You Shouldn't Solely Trust Techlore 😱
As I’ve always said: Techlore should never be your only source of your information. Why? Because others will have different, sometimes better perspectives. Because we will be wrong. My goal is to spread privacy and security to the masses through evidence-based recommendations, nuance, and the inherent biases and personality of myself through the process. (Which apparently many of you seem to enjoy :P)
With that said, I wanted to share the systems I have in place so you don’t need to put blind faith in Techlore:
All our tools are open source with numerous contributors.
We maintain a changelog of prior mistakes made.
We consistently dig into the evidence of a situation and report on the best available information—not hunches or speculation.
We continually update old content that’s no longer relevant as soon as we’re able. (Though please keep in mind we don’t have unlimited resources to instantly update things!)
We have no issues immediately coming forward and admitting when we fuck up. We embrace and fix our mistakes rather than ignore them.
We are transparent about our revenue sources.
We publicly post our sponsorship and affiliate protocols.
We publicly share criteria for our resources.
We only use opt-in affiliate links, where affiliate links are clearly outlined and used alongside standard link options. Users are always in control of the links they click. In addition, we have incredibly strict requirements for what affiliate links are chosen in the first place.
We don’t tell you to blindly trust us. We’ve designed our community itself as a system to help hold us accountable. They’ve been directly instructed to hold us accountable, and continually do so.
TLDR: Don’t trust, verify.
If you enjoy what we do, then that’s great. If you don’t, then I suggest you find other communities that align with your values. If you don’t find one, then create your own. We need more rational people in the privacy and security space, and that starts with each and every one of you…everyone can spread privacy and security to the masses—in their own unique way.
PS. The last thing I want to mention is I wouldn’t be able to run Techlore with this much independence and integrity without all of the individuals directly supporting us. It’s this independence that allows us to function without corporate influence on our content and resources.
I want to thank our current top patrons: Afonso, Boori, BRIGHTSIDE, Casper, Clark, Cyclops, Eldarix, JohnnyO, Jon, kevin, Larry, love your content, NotSure, Poaclu, x
Techlore Dispatch is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.