> Even if you use DNS-over-HTTPS/TLS, you don't know if your DNS provider is in cahoots with the eavesdropper. You have to trust someone
but in this case, couldn't you just use an offshore dns provider that's in a jurisdiction that won't cooperate with judicial system? (assuming here adversary is getting sued by copyright holder, not govt agency)
If making requests offshore is a panacea, use a VPN that proxies _all_ your traffic there. Then you needn't care if the website is HTTPS or HTTP
In the case of _this_ site, it has nothing a copyright holder could complain about, so it doesn't matter if you visit it. It says "We don't link to it from here, but just Google for 'Pirate Library Mirror'". Yup, why not tell Google what you're doing? Once you've done that, and visited the (also HTTP only) "Pirate Library Mirror" site, you'll find it doesn't have any .torrent files. But it does have a link to a .onion site available only in Tor Browser. And the onion site _does_ have .torrent files you can download and add it to your Bittorrent client and begin infringing copyrights.
The two HTTP sites involved have nothing that could get you legally into trouble, even if an eavesdropper saw _all_ your traffic. It's certainly good practise to make all sites HTTPS, but for these specific sites, it isn't a downside that they're HTTP-only. The only situation I can think where HTTPS vs HTTP would make a difference is quite unlikely: if an active attacker, able to modify your traffic, substituted a link to a different .onion site, with different .torrent files specifically for you
but in this case, couldn't you just use an offshore dns provider that's in a jurisdiction that won't cooperate with judicial system? (assuming here adversary is getting sued by copyright holder, not govt agency)