I use NordVPN and am happy with the tradeoff (they claim to delete files after a set period, iirc) and speed of a paid VPN.

For any UK readers, if you're looking at getting NordVPN, check the cashback sites like TopCashBack before buying. There's 65% cashback on offer at the moment. Ping me for details if you need to. I think TCB is in some of the Americas countries too.

Online security is maximized via doing that which maximizes online privacy.

Whether or not a VPN is a great way to thwart hacking efforts on a public network, VPNs can be a rather good way of trying to maintain some online privacy in a world where governments, companies and those with access to government- or company-collected data try to use IP addresses and other means to try to monitor and/or control internet users.

My suggestion is to use VPNs and remote proxies, preferably accessed from relatively highly-trafficked publicly-accessible networks. Adding TOR into the mix of tools used isn't a bad idea. Whether the concern is that of being hacked or of being stalked.

You do realize that security and privacy are two different concepts. While some aspects may be shared by both, they address different issues. And just having a VPN and/or Tor alone doesn't really help your web browsing privacy...

I'd have to agree with StuckinYYZ -- privacy != security. A VPN will keep your data away from an open WiFi snoop. Facebook will still track you whether you use a VPN or not. You can use a privacy-centric web browser, or tracker-blocking browser plug-in which will stop Facebook from tracking you, but anyone watching the packets can still see what you're doing.

Yes, TLS may encrypt the data content, but there's still a ton of useful data from DNS queries and other metadata alone. If you want to see something worrisome, watch the DNS queries your mobile phone makes, especially when you're not using it. If that doesn't convince you to reduce the amount of apps on your phone AND restrict background data for the apps, nothing will.

All my DNS queries now go over HTTPS to the Cloudflare DoH service. Not that I was particularly bothered - but it was a nice little project for my Raspberry PI (along with Pi-Hole & PiVPN).

Absolutely brilliant name for an app!

And it's a great App! I'd recommend it to anybody who has a few devices connecting to their home network.

It removes the need to install ad-blockers on each device.

+1 on Pi-Hole. I run it at home and believe it or not, we have two RaspPis at my office running it as our DNS service. Some would say it's dicey to use "non-enterprise" gear in an enterprise environment...that's why there's two of them, and spares ready-to-go on the shelf. Not only does it block ads, but it also blocks malware as well, and it's such a polished piece of software.

I have found that it causes a lot of spurious block responses on legit domains (returning an address of 0.0.0.0 for a site). I have one at my parents' house, for example, and their complaints about the internet randomly not working stopped when I turned off PiHole. Dad got a "can't connect to the internet" error when I sent him a link to Ars Technica, for example.

I use it at home and it does seem to be a little aggressive in what it blocks. It blocks interstitial trackers for links clicked from Twitter or Google, for example.