I'm not convinced the other offerings are actually secure.
For example[1]:
> However, if he controls the responsible DHCP server, he can simply command end devices to send their data past the VPN. To do this, it sends the DHCP option 121 with a corresponding route –, for example, to redirect all DNS queries. The VPN's own encryption is omitted, but the VPN connection is maintained so that the user is unaware of the attack.
> Leviathan Security has reproduced the problem with Windows, Linux, iOS and MacOS – but the attack does not work with Android because Android ignores the DHCP option 121.
For example[1]:
> However, if he controls the responsible DHCP server, he can simply command end devices to send their data past the VPN. To do this, it sends the DHCP option 121 with a corresponding route –, for example, to redirect all DNS queries. The VPN's own encryption is omitted, but the VPN connection is maintained so that the user is unaware of the attack.
> Leviathan Security has reproduced the problem with Windows, Linux, iOS and MacOS – but the attack does not work with Android because Android ignores the DHCP option 121.
[1] https://www.heise.de/en/news/Tunnelvision-Attackers-can-bypa...