Why not launch your own? https://sporestack.com/launch/vpn

What cyber war? You mean internal sources at the DNC leaking documents, exposing their own corruption?

I've just about lost all respect for Wired.

Also: https://canhazip.com/

For me:

https://canhazip.com/ returns: 2601:645:8104:b920:905c:9243:77f4:d57

https://myip.rest/ returns: { "ip": "24.7.88.203", "about": "https://myip.rest/about/" }

Why the difference?

Do you take Bitcoin? How do I find connections?

Not right now, but it's on the todos list and I think should just be a configuration change since the payments are done via Stripe. I'll look into it this weekend!

In terms of finding connections, it's quite basic at the moment, in that you have to know someone's username to send them a request. Please feel free to add me, my username is davnicwil

I don't get it. Is there a reference to rudo?

Random User DO, I think.

That is hysterical. I am flattered.

Reminds me of that game that would delete your files if you couldn't shoot things fast enough.

I was also wondering about that. With El Capitan there was the big 'root' change. I guess they probably didn't break setuid, so this might still work.

I'm not sure about xraru working or not. If vncviewer runs on OS X, maybe? It might actually be a convenient way to run X programs in general.

Although if I add in any logic for auto-scaling, it'll likely break on OS X. But it'd be even more important because of the crazy retina resolutions.

xhyve, by the way, is an awesome hypervisor for OS X. It's pretty light. Not raru-light, but as light as you can get for proper hardware virtualization.

I've never heard of CLONE_NEWUSER before, it looks interesting. I don't think it's in FreeBSD.

My concern is that you can clearly browse and save files, so there is something that has access. Maybe it's much more secure than I thought, but I tend to be really skeptical towards programs of such length being perfectly secure.

CLONE_NEWUSER / user namespaces is Linux-specific, yes. (Though see my other comment.)

I believe the Chromium sandbox mostly applies to things like renderers, where you can just hand it a buffer and a bunch of inputs and it'll effectively contain things like HTML parser bugs or libpng buffer overflows. I'm not totally sure if browsing itself is sandboxed.

Thank you! This leans more towards the client side than the server side. It's certainly in the hackish and glitchy direction, and has no guarantees for success.

Qubes looks really interesting. I'd love to give it a try some time. I've just grown rather attached to my FreeBSD setup and this seemed like one of the ways I might be able to improve security on it.