Good to know. We initially set that network up well over a decade ago so my knowledge isn’t exactly current.

You could try Tinc but it’s fairly involved to get running. Pretty nice if you have a root server and want to get several people wired up, though. There are probably easier solutions for your use case.

The official Linux client has been discontinued. Microsoft’s official solution is to use a browser – they explicitly mention Firefox.

There also seem to be unofficial clients. No idea if those are any good.

I’m on a friend’s mail server with my own domain pointing at it.

That plus a catchall address means I can give out different email addresses to every website, app, and service provider without having to rely on things like Gmail’s plus addresses being accepted. That makes it really easy to tell who leaked my address to spammers – and to filter out the resulting spam.

Add to that Thunderbird’s built-in address spoofing functionality and I can even do that for outgoing mail.

So whether you go self-hosted or have a provider that allows custom domains, I can really recommend setting one up. They’re not too expensive (unless you go with some of the more exotic gTLDs) and I consider hassle-free per-service email addresses to be a game changer.

Also, we load the JavaScript from five different CDNs, some of which are horrifically slow today. We also make sure to only load some of the scripts after others have been successfully loaded so uMatrix users have to refresh the page a dozen times.

Yes; I was summarizing, not offering a differing viewpoint.

The real point is not that Linux is less secure than often said but that “inherently secure” is not a thing, especially not when a network is involved. Your system can make it easier for you but you still have to look after your own safety.