Session disables forward secrecy for no reason.

Personally, I assume it’s a honeypot.

If you only ever use services that let you sign up with arbitrary addresses, then sure, you gain resilience against mail provider shenanigans at the expense of exposing a non-agile identifier — the domain name you bought — to any third party you provide with an address.

However, in a confused attempt to stamp out single-use mail services, some sites are rejecting mail addresses that don’t originate from one of the big mail providers, like Gmail, iCloud, Outlook. ‘Please provide your real mail address’, they’d say.

If you aren’t using any such service, you can use your own domain. Be wary of services that bounce messages to your “actual” inbox without rewriting the involved addresses (Cloudflare offers something like this, I don’t get why though), as that can lead to deliverability issues due to DMARC.

The IAB publishes some Gmail-specific guidance on how to ‘normalize’ plus-addresses to ‘real’ inboxes, so that’s something that doesn’t really do anything for you anymore. Out of the large mail services, iCloud is somewhat notable for offering single-use addresses under the same @icloud.com domain name they use for standard addresses, without having to register extra accounts or other annoying requirements. So websites that want to lock out single-use iCloud addresses would have to block iCloud addresses entirely, which is something they’ll most probably refrain from doing.

Like basically all cloud providers, Oracle publish their public-facing IP address ranges.

https://docs.oracle.com/en-us/iaas/Content/General/Concepts/addressranges.htm

Many services block these because, as you are pointing out, standing up VPN tunnel routing on a cloud instance is sort of trivial. Cloud providers publish these ranges specifically so anyone can block them easily. If lemmy.world is not blocking Oracle Cloud already, it’s only because they just haven’t come around to it.

Mullvad has a 30-day money back guarantee.

Apart from that, some payment methods (like crypto) allow transmitting arbitrary amounts. At least, paying for years in advance works without issue. You could pay a few cents and try it out, but be mindful of fees.

Almost all extensions will weaken your security posture. In fact off the top of my head there are basically only two kinds of extensions that could improve it:

• ad blockers
• (maybe!) password manager integrations

Anything else is questionable at best. Maybe you could create browser profiles where you install extensions somewhat more liberally, with decreased expectation of safety.

When Squadron 42 finally comes out, it’ll just be considered commentary on contemporary issues. Basically like Job Simulator… in space

According to my mom, the calcium off her teeth.

“My dentition was so great, but then you came.”

I’d argue this counts as dog-sitting. The dog is around people in every panel, and actual sitting (i.e. doing nothing else) isn’t required.

“I’m allowed to do this… This place is literally named Chinatown”

This is so, so phenomenally inappropriate, that it’s frankly impressive.