I’ve used it for the exact same purpose, great minds think alike. It’s perfect for that scenario given there’s no internet.

I just don’t use it much otherwise because apps like Signal are far easier to move my friends and family on to and they’re more than good enough. The metadata privacy Tor would provide would give me a lot of peace of mind but I know it’ll never happen.

deleted by creator

I think you’re asking if it’s possible for your government to be a man-in-the-middle? Depending on which government you live under, the answer is likely no but more importantly the answer will always be; it’s not worth their effort to find out what you’re watching.

YouTube’s public key is signed by a certificate authority whose public key (root) is likely installed on your device from the factory. When you connect to YouTube, they send you a certificate chain which your browser will verify against that known root. In effect, it’s information both you and YouTube already share and can’t be tampered with over the wire.

Technically, those signatures can be forged by a well resourced adversary (i.e. a government) with access to the certificate authority through subversion, coercion, etc. At the same time, it’s probably easier to subvert or coerce you or YouTube to reveal what you watch.

Just wanted to add a bit about Proton since you mentioned it and I use it quite heavily.

Pros:

• All-in-one platform for storage, mail, VPN, password manager and calendar. Usually works out cheaper than multiple providers.
• E-mail aliases built-in to the password manager makes it a breeze to manage. (Tutanota also supports aliases.)
• Personally, I think the UI is more polished. Not important for privacy but it’s a plus for the non tech-savvy.

Cons:

• All-in-one platform. I’m acutely aware that I’m going to have a headache if Proton is enshittified.
• If you’re not looking for all of the products they offer, it’s just expensive. Tutanota is cheaper for e-mail alone.
• The Drive app needs improvement. Migrating my files was painful and I want automatic Camera uploads. You might be okay with the Windows desktop app.
• The Calendar app has issues when not connected to the internet.
• The password manager doesn’t have a desktop application and managing it through the browser extension or app isn’t great.
• No subject-line encryption support (and other PGP interoperability issues on the free version) but… unfortunately, I don’t get many PGP encrypted e-mails anyway.

Otherwise these two are largely like-for-like for e-mail. There’s no benefit to Proton being hosted in Switzerland and I didn’t move to be warrant-proof or anything silly. The idea is really just moving emails away from an advertising company and paying for a quality service.

Even some shops working with Windows Server are asking “wait, why are we paying for these licenses?”

Then it comes down to whether it’s cheaper to rewrite legacy applications or continue to pay for licenses.

Yeah and ARM servers are cheap. You can often get twice the processor cores and memory for the same price.

That doesn’t always map to twice the performance, though some benchmarks would suggest it could for certain applications.

Absoutely. I mostly use Firefox because I’m so familiar with it by now but the privacy is generally much better and it doesn’t have a massive monopoly on the web. I’m just a lot more comfortable with it.

When I have to, I use ungoogled-chromium on desktop and Bromite on mobile. I recommend those to anyone familiar with Chrome.

I’ve read not to bother with Decentraleyes. The dependencies are often out of date which mean you’ll hit 3rd party CDNs anyway. Unless its coverage is 100℅, it’s less than useless for privacy as the hit pattern to CDNs might even make you stand out.

Privacy Badger is also redundant if you have uBO.

These two form a “mesh VPN” which use direct encrypted links between any number of devices. You can think of it as forming a virtual LAN where you can communicate with devices, including open ports. A lot of them have clever tricks to overcome CG-NATs, which you seem to be struggling with.

Another option is to just rent a server. You can get massive storage space for less than some VPNs cost and you don’t need powerful hardware if your device supports the codecs you’re using. You could even get a cheapy VPS and reverse proxy to your Jellyfin server through an SSH tunnel or similar. Lots of options here.