Got in touch with ProtonVPN support and asked about this. Here’s their reply:

Our engineers have conducted a thorough analysis of this threat, reconstructed it experimentally, and tested it on Proton VPN.

We concluded that:

1. The attack can only be carried out if the local network itself is compromised
2. Our Windows and Android apps are protected against it
3. For iOS and macOS apps, you are completely protected from this as long as you’re using a Kill Switch and a WireGuard-based protocol (our apps use them by default, and if a user wants to use something other than WireGuard derivates, they’d have to manually set it up). Note that Stealth, WireGuard TCP and Smart protocol on iOS/macOS are all WireGuard-based.
4. For our Linux app, we’re working on a fix that would provide full protection against it.

Piped is also hit or miss. I have to change instance almost every day, even the small ones don’t always work.

I use Proton Pass to generate aliases with the browser extension but otherwise use 1password which is much more mature and has great support on all platforms.

The reason that 2fa exists is not to protect you if someone gets their hands on your device. It’s to protect you if your “static” credentials leaked from a providers’ database or you otherwise got phished. Using a password manager to handle mfa is totally reasonable.

Cool, didn’t know that!

Proton pass does e-mail aliases if you pay up for the high tier subscription

Using the web version

I tried it now and could start a call without an account. Am I missing something?

With Proton Pass it will even generate those fake emails for you. No need to tweak any settings. And the best part is that you’re not forced to use the password manager that goes with it.

I used it for a while but could not find good results for any kind of advanced query. Qwant in comparison is slightly better but still worse than duckduckgo unfortunately. For really niche stuff I still need to revert to Google…

https://friendlycaptcha.com/

Unfortunately the 99% that don’t know about less popular options will still be affected

Signed and shared on Mastodon

At the moment I pay 4 euros per month, so slightly more expensive than the cheaper commercial options out there but I control the software completely.

That is not something I do at the moment but I would be happy to hear how other people do it.

All VPN software might affect bandwidth due to the increased progressing needed for encryption, but quantifying it is hard because several factors come into play : mainly the hardware and bandwidth on either side of the tunnel. Giving it a go is easy and you can check which VPS specs give you the speed you require. Regarding the number of connections, I’m not sure of the answer. For all intents and purposes I don’t run into a lot of problems on a daily basis and bandwidth is acceptable on a cheap 4€/mo VPS with 2 CPUs. Bonus tip for privacy, you can use port 443 for wireguard which makes it less obvious you’re using a VPN.

The traffic is encrypted between my computer and a VPS located abroad that I rent, which acts as a sort of proxy. My ISP only sees traffic between me and the VPS.

Self hosted WireGuard