stop recommending OpenVPN, Orbot and RethinkDNS

OpenVPN is legacy technology. It's overly complex and has far too much
attack surface. It's a huge pile of sketchy legacy code. WireGuard is
what people should be using now. We were only recommending this due to
lack of WireGuard adoption in the past.

Orbot is a horribly maintained app full of memory corruption bugs and
poorly written code. It's not a trustworthy or safe implementation of
Tor for Android. Tor Project is working on a proper replacement which
does not appear to be available yet. We could make something ourselves
if others are failing to provide what's needed.

RethinkDNS was added as a recommendation in order to have an option for
people who want local filtering and other features while using a VPN. We
cannot recommend it anymore. We overlooked technical and other issues
because we wanted to give people an option to use. The bar was simply
that it was better than NetGuard. It's still temporarily mentioned as
an option supporting that combination of features but will be replaced
in the documentation as soon as possible.

static/faq.html

@@ -1321,9 +1321,8 @@
                     then">></span> Network &amp; internet&#160;<span aria-label="and
                     then">></span> VPN</b>. Support for the following protocols is
                     included: IKEv2/IPSec MSCHAPv2, IKEv2/IPSec PSK and IKEv2/IPSec RSA. Apps can
-                    also provide userspace VPN implementations and the following open source apps
+                    also provide userspace VPN implementations. The only app we can recommend is
-                    are recommended: WireGuard, RethinkDNS (WireGuard with local filtering
+                    the official WireGuard app.</p>
-                    options), Orbot (Tor) and OpenVPN for Android.</p>
 
                     <p>VPN configurations created with the built-in support can be set as the
                     always-on VPN in the configuration panel. This will keep the VPN running,