EDIT: So because of my $0 budget and the fact that my uptime is around 50% (PC, no additional servers) I ended up using NextDNS. For the time being it works (according to dnsleaktest), an added benefit was improved ad-blocking (100% in this tool). I now have plans for a proper router in the future with a Pi-hole. Thanks so much for all the info & suggestions, definitely learnt a lot.
So it turns out I got myself into an ISP that was shittier than expected (I already knew it was kinda shitty), they DNS hijack for whatever reason and I can't manually set my own DNS on my router or even my devices.
Cyber security has never been my forte but I'm always trying to keep learning as I go. I've read that common solutions involve using a different port (54) or getting a different modem/router or just adding a router.
Are they all true? Whats the cheapest, easiest way of dealing with all of this?
Didn't know that. Can you tell me who is supposed to enforce this and where is the law from?
When you accept the ToS I always understood that I was signing in for emails, just like (in my experience) 100% of other services/sites like Spotify, Proton, Bandcamp, eBay, Facebook, X, GitHub... well I'm not gonna list every single one but you get me.
Still, thank you for educating me.