OPSEC-oriented Networking, and nsproxy

It’s an urgent concern that the current state of OPSEC networking is terrible. I am talking about non-linux-experts. The problem of leaking traffic when you want to be anonymous can happen any time.

  • MIsconfigured browsers (if you dont tick ‘proxy by socks5’, firefox uses your local DNS. And you are over).
  • Misconfigured DNS, (ill implemented proxies)
  • Apps/browsers ignoring environment variables. Or you mistype anything.

How many whistleblowers are getting killed for that ?

I spent 6 months on GitHub - planetoryd/nsproxy: Kernel-namespaces-based alternative to proxychains.

I see flatpak as a prime platform for accessible/usable OPSEC to be implemented. (The goal is to minimize the probability of dissidents worldwide persecuted, not compiling a system for 8h)

1 Like