>If you don't trust Ledger – how much do you trust your VPN provider? They know both your original IP and what you're doing on the Internet (or at least to which services you're connecting).

Well, the big difference (for what OP is worried about) is that two distinct companies would need to be compromised instead of just the one.

Exactly, and ip address does not give precise location (unless a third company, the ISP, is also compromised).

I've long dreamed about having "anonymous" internet through coaxial/DOCSIS because the modems should work anywhere on the same node (or maybe even beyond) as long as your connection point is physically connected.

I could put down any name and nearby(ish) address I want...

Upstream is shared by less subscribers than downstream. Usually in the same neighborhood. So, it is easy to spot a wider place and then put boots on the ground to do the rest.

Any of widely used VPNs is much more generalized. Chain two or more in case of real concern.

As long as you never connect a phone to that modem (which will leak its GPS location to Google), or order anything from Amazon for delivery to the physical address.

IP address is often resolvable to a precise location, given access to databases maintained by surveillance capitalism entities. I think parent said the second party that would have to be compromised is a VPN provider, assuming that's being used to hide the relatively insecure ISP assigned IP address.

You need location access to scan for Bluetooth devices in app. Pretty sure you don’t need it to use already paired devices.

It’s because companies were using Bluetooth scanning in apps combined with known location beacons to work out users locations.

As I said, I'm not using ledger anymore. The new wallet's app does not have location permission and my location is turned off anyways.

VPN is just an extra layer. I'm sure VPN can see I'm connecting to the wallet's servers, but they can't see my crypto balance (I hope the communication is encrypted by the app).