Have you ruled out the Google Pixel USB-C earbuds? Those work well for me and the design is nice and simple. I’ll probably keep using them until they break one day (like you also have mixed feelings about bluetooth).
Remember seeing that Google was going to phase them out eventually but they still seem to sell them at least for now.
Should be okay as long as you didn’t give the instance any of your other information (e.g. email during signup, etc.) and the Lemmy instance itself allows logins via Tor. You may also want to avoid instances using Cloudflare, it often blocks Tor connections so loading pages can be hit-or-miss.
Just saying it’s okay for basic privacy, you’d likely need a different solution if you’re actually being targeted by governments/organizations/etc with access to your ISPs and ability to backdoor your equipment.
OTOH if you’re already on a VPN I don’t think you need to go through the trouble of adding Tor to that mix.
(I’m on Tor right now)
What if I logged into my Lemmy account outside of Tor without a VPN one single time?
Strictly speaking that means your Lemmy account is now compromised, time to go create a new one over VPN or Tor or however you prefer to browse.
Think you would likely have to scour garage sales and used buy/sell sites for one of those ancient portable mp3 player devices. I remember the old iRiver devices did support FLAC natively but that was before 128GB storage existed so no idea how something like that would behave when you stick in a 128+ GB SD card into it.
The other tricky part is that something that old/used may have a worn out battery so any device with a built-in battery may not stay on for very long.
The other comment makes a good point, starting out you should focus on anything that https://www.rockbox.org/ supports since that’ll give you FLAC support. (besides the Archos, apparently it is impossible to play FLAC on those https://www.rockbox.org/wiki/WhyRockbox.html).