You’re not gonna have much luck. If you’re able to clone these kind of cards, its an honest security vulnerability and should be reported.

As an alternative, I’ve seen people suggest using a smartwatch, like the Garmin ones, that have a “wallet”.

I love my current pixel 5. Ive had it for several years now, and the size is really nice. My battery is starting to show wear and the charge port doesn’t connect very well, although I probably just need to give it a good cleaning.

Unfortunately, Google will only push security updates until this October. Third-party OSes like Calyx or Graphine will keep the open source components patched as long as they can, but they can’t fix any bugs in the proprietary pieces.

Although its definitely more expensive, I keep thinking about grabbing a refurbished pixel 7 or 6, since google promises 5 years of security updates.

CalyxOS on a Pixel 5. Its nice and micro G works fine in most situations. When I have the time though, I’m probably going to try graphine os with sandboxed google play and see how that works for me.

What kind of thin clients? I wonder if it would be worthwhile to compile a list that people could use to find used computers for their projects.

This is pretty similar to what I do. Except I just use ngnix to forward http requests through the wireguard tunnel based on the host header. Although theoretically you could also use the TLS server name.

I wonder if you could do this as a community project. Everyone could pitch in to cover the cost of the VPS and join their server to the VPN for small self-hosted projects like a website.