I'm not sure to understand: you can't connect to WiFi? I would just like to know if this issue only happens on cellular in order to narrow down the causes.
I think none of this has to do with Private DNS (which is what you found on the internet refers to).
Does the issue only happen on LTE or at home? My guess is that your DNS configuration on your home router or from you cellphone provider have been modified to use OpenDNS's (or any other DNS that cause an issue)
Also, could you provide a screenshot of your browser telling you the website isn't secure?
Should social media content be linked to, or screenshotted, or both?
I would say either both or screenshotted + text transcription for visually impaired lemmings.
Many people donโt have accounts on instagram, twitter, facebook, and donโt want to sign up to read a single comment.
The text transcription would help. Another solution would be linking to alternative front-ends like Nitter for Twitter X but they could end up broken by an update or abandoned like Bibliogram.
For those of use that canโt follow every practice and qualifying session, having access to results immediately is better than trawling the web to see what happened.
Yeah, when I'm busy on a race week-ends I usually unfollow every Formula 1 communities and follow them once I watched the race, just like I did on Reddit.
I really like Corridor Crew / Corridor Digital: I have been following them for over a decade and they have so many good videos where they dissect Visual Effects and stunts or experiment with new tools (lately they have been toying with Stable Diffusion and they did with Deep Fakes earlier).
On a similar subject, Captain Disillusion is underrated, he's debunking viral videos using his knowledge of VFX.
Ahoy makes mini-documentaries on video game history (mainly retro PC gaming) with really nice graphics and music made by himself.
And lastly, not so much a creator, but a documentary series that sucked me in: PsychOdyssey follows the developers from Double Fine during the production of Psychonauts 2. It's a very rare and honest look into the creation process of video games and it particularly hit with me because Psychonauts 2 is my favorite game of 2021.
Unless your ISP does Deep Packet Inspection (DPI), your ISP should not be able to see your DNS queries since you won't be querying their DNS server anymore, but the authoritative servers. Maybe you can protect yourself from DPI by setting up unbound to query the authoritative servers using DoT or DoH (though I don't know how).
As for MIM attacks, I don't have enough knowledge to answer.
Not sure what you mean by setting unbound as a DoH server. You mean to query unbound through DoH? Wouldn't you prefer to query you PiHole instead (which will query unbound)?
Anyway, the best way to do this is using Adguard's dnsproxy: it proxies calls to any DNS server. (self plug: I made a Docker container for dnsproxy)
Personally I went the self-hosted way: I'm running a PiHole and using AdGuard's dnsproxy in order to expose DoH and DoT to the internet for my personal use.
There is unfortunately no code, the repo just contains a couple of Markdown files. Everything we have is a specification which "describes how this is being prototyped in Chromium".
What you are mentioning is media DRM (think Netflix, Spotify). This is something entirely different: a mechanism to ensure the entire content of a web page is not tempered with.
Seems like someone (you carrier) or some app is trying to do a Man-in-the-Middle attack. I guess it only happens on this kind of website?
I guess you should start by checking for rogue apps installed on your phone.