Comment by ranger_danger
18 hours ago
One possible mitigation might be to run your system (or just the browser/certain apps) sandboxed to only communicate with the IP/ports mullvad uses for VPNs.
18 hours ago
One possible mitigation might be to run your system (or just the browser/certain apps) sandboxed to only communicate with the IP/ports mullvad uses for VPNs.
You absolutely shouldn't do that because a vulnerability in the kernel can be immediately escalated into decloaking your real IP. /s
(TBF this is presumably why parent specified that proxying ought to happen on separate hardware.)