@salixlucida VPNs increase latency and shift the MITM problem from one place to another. For good end-to-end privacy, use HTTPS and DNS-over-TLS.
@salixlucida DoT is supported and enable by default on Android P or later, and available on all Linux distros via either getdns or systemd-resolved (manual configuration steps required).
@salixlucida Technically, you'd also need ESNI to hide the hostnames. It's still a draft, but already supported by Firefox (and still not enabled by default).
@salixlucida If you need to hide even destination IPs, use Tor. It's higher latency than a VPN, but free, distributed and 100% trustless. It's also harder to block.
@codewiz even better, Tor over VPN.
@salixlucida ...while wearing a tinfoil hat :-)
@salixlucida do not forget the awesome mullvad.net with magnificent wireguard support.
"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko