Would create this in General Talk, but I’m not allowed to create topics there.
I’m an user of the VirtualBox version of Whonix, but VirtualBox feels quite heavy on outdated hardware (think 15 years old PCs). They still run Linux fine, and given that new Linux kernels support network namespaces, is it possible to entirely replace the two VirtualBox instances with just two Linux Network Namespaces? One would run the Tor daemon, not letting anything but Tor go outside through the host, the other would run apps that would get transparently proxified though the Tor one. Are there any third party projects that mimic the Whonix functionality by using Linux network namespaces?
Whonix does quite a bit more than just providing torified VMs. It includes a lot of security hardening configuration to make applications in the VM much harder to exploit. It includes kloak, which masks your typing rhythms and mouse movements so that it’s harder for websites or malware to fingerprint you based on that data. Because of the dual-VM structure, malware that infects the workstation cannot de-anonymize the user because of the gateway; this advantage would not exist with a network namespaces setup because malware could trivially infect the host and use that to deanonymize the user. To get protections similar to a VM, one would have to use an entire containerization solution like LXD, and even that could be easily escaped by exploiting host kernel bugs. A major part of staying anonymous is staying secure, and VMs help make that possible.