Session disables forward secrecy for no reason.

Personally, I assume it’s a honeypot.

Like basically all cloud providers, Oracle publish their public-facing IP address ranges.

https://docs.oracle.com/en-us/iaas/Content/General/Concepts/addressranges.htm

Many services block these because, as you are pointing out, standing up VPN tunnel routing on a cloud instance is sort of trivial. Cloud providers publish these ranges specifically so anyone can block them easily. If lemmy.world is not blocking Oracle Cloud already, it’s only because they just haven’t come around to it.

Mullvad has a 30-day money back guarantee.

Apart from that, some payment methods (like crypto) allow transmitting arbitrary amounts. At least, paying for years in advance works without issue. You could pay a few cents and try it out, but be mindful of fees.

In the specific case of Mastodon, an instance pretty much only receives a post via federation if one of its users either follows the creator of that post, or is mentioned in it.

Discoverability suffers, because this also applies to replies to a post even if you follow its poster. You might see them, or you might not. You look at the post history of one of the users in a thread and it comes up empty.

This is not much of a problem if you’re in one of the, say, top five instances, but beyond that, many functions become increasingly unreliable. Instead of one big microblogging ocean, it feels more like an assortment of a few lakes and myriad puddles with only tenuous interconnection.

Personally, I’ve kinda given up on finding (or creating) my One True Instance and am resorting to having profiles on all of the biggest instances. This also has the advantage that arbitrary defederation decisions affect me to a much lesser extent.

Almost all extensions will weaken your security posture. In fact off the top of my head there are basically only two kinds of extensions that could improve it:

• ad blockers
• (maybe!) password manager integrations

Anything else is questionable at best. Maybe you could create browser profiles where you install extensions somewhat more liberally, with decreased expectation of safety.