While not FOSS, the closest thing we have to a drop-in replacement would be Magic Earth. It uses openstreetmap data, supports fully offline usage, has satellite images (only online though) and best of all, no tracking or telemetry.
I just read the full article, and I'm not even that concerned about storing the key in plaintext. I find the possibility of copying the files, and then being able to run the same session simultaneously a lot scarier.
As the article states, currently all processes are able to read the file which contains the key. Instead, you could store the key in the macOS Keychain (and Linux/Windows equivalents), which AFAIK is a list of all sorts of sensitive data (think WiFi passwords etc.), encrypted with your user password. I believe the Keychain also only let's certain processes see certain entries, so the Signal Desktop App could see only its own encryption key, whereas for example iMessage would only see the iMessage encryption key.
If your hate only goes towards touchscreens and not having physical buttons, Mazda is (or at least was) very anti-touchscreen. I haven't done any research on their current stance or if they have good EVs, but a neighbor of mine was really happy with his Mazda ICE car for having a button for everything.
In that case you can try adding before:2023 or similar to your search
It's not decentralized, everyone connects to one central server.
I will once again shill for Proxigram (not my project), the only? remaining FOSS instagram frontend. You can try it out on one of the public instances.
I'm not entirely sure if it supports opening Instagram links though.
I can relate, with every update I'm like "Wow this is going to optimize my setup so much" and then I just don't change anything lol
This comment about the app signature should apply to your situation too, you can't mess with an APK and then sign it with the Google Play keys.
APKMirror is the most trustworthy website there is for APKs out there, if you do some research you will see that the community consensus is it being pretty safe.
I do however understand your concern, especially when talking about banking apps. Honestly now that I think about it, for a banking app I'd rather make a burner Google Account as well. For less sensitive apps however, APKMirror is the best non Google way to get their APKs.
About the app, I have no idea, I only ever used the website (with uBlock).
Obviously it sucks that you need a Google account to access all these apps "properly" through the Play Store, for free apps they should really just let you download them without an account.
Most mobile devices won't work without batteries. The best way to work around this is to supply it with 4.2V (anything between 3V and 4.2V will do) over the battery connector.
What worked for me at my old school was using a ShadowSocks proxy. ~~Basically what this does, is it takes all your traffic and just makes it look like random https traffic (AFAIK).~~ ShadowSocks is just a proxy. The description fits the Cloak module, mentioned below.
I believe multiple VPNs support this, for me with PIA VPN it's in the settings under the name "Multi-Hop" (PIA only supports this on the Desktop App, not on mobile).
This technique is pretty much impossible to block, unless you ban every single VPN ShadowSocks Proxy IP. If that is the case for you (chances are practically 0), you could also selfhost ShadowSocks in combination with the Cloak module, however this method is a lot more complicated.