alt Hacker NewsYou absolutely shouldn't do that because a vulnerability in the kernel can be immediately escalated into decloaking your real IP. /s
(TBF this is presumably why parent specified that proxying ought to happen on separate hardware.)
You absolutely shouldn't do that because a vulnerability in the kernel can be immediately escalated into decloaking your real IP. /s
(TBF this is presumably why parent specified that proxying ought to happen on separate hardware.)
> a vulnerability in the kernel can be immediately escalated into decloaking your real IP
Not necessarily IMO... if you create a network namespace that can only communicate with mullvad, and then run the VM inside that... even owning the entire VM and escaping it doesn't help you... you would now have to exploit the host kernel as well, which to me is basically just as good as it being separate hardware in the first place.