It’s an urgent concern that the current state of OPSEC networking is terrible. I am talking about non-linux-experts. The problem of leaking traffic when you want to be anonymous can happen any time.
- MIsconfigured browsers (if you dont tick ‘proxy by socks5’, firefox uses your local DNS. And you are over).
- Misconfigured DNS, (ill implemented proxies)
- Apps/browsers ignoring environment variables. Or you mistype anything.
How many whistleblowers are getting killed for that ?
I spent 6 months on GitHub - planetoryd/nsproxy: Kernel-namespaces-based alternative to proxychains.
I see flatpak as a prime platform for accessible/usable OPSEC to be implemented. (The goal is to minimize the probability of dissidents worldwide persecuted, not compiling a system for 8h)