^ You really think that if NSA wants to spy on you, that they’d only do it if you were on a VPN? Seems both naive and paranoid at the same time.
I’ve ran a VPN for many years and so far, no men in black at the front door… They’d bother in an attempt to catch people updating their router firmware? It wouldn’t even make sense to worry about any other activities you engage in, because on those cases you’d be far more secure with a VPN, than without.
Besides, you’d have to be a target in the first place. I know computing power is a lot better than it used to be, but we’d still be talking about double encryption for millions of people simultaneously if they attempted to catch anonymous people that weren’t already under surveillance and even then, they’d find bigger fish to fry than people updating their router firmware.
Taking the trip to Canada for a day *only* to get firmware seems absurd to me. If you ever need a firmware, I’ll get it and email it to you. Just PM the link and an email address to send it to, or I’ll put it on a cloud somewhere for an unrestricted download.
Backing up to address the general topic of VPNs, if you have any activities that could get you into legal trouble, you’re far better off with a VPN than without. Anyone who suggests otherwise, is just playing some pretend-expert game where all they’re really saying is, don’t “only” depend on a VPN without focusing on both how it’s set up, plus all other relevant details too.
In other words, keeping everything else equal, you’re still better off using a VPN, but what you shouldn’t do, is get a VPN, not pay attention to the details of it, and then think you can get away with riskier things than you would otherwise without the VPN. Details matter, though I should add that any VPN hosted in a country that doesn’t drop their pants when the US wants info, is pretty secure for the purposes of doing things this low in threat level.