Selective application tunneling is very interesting, I didn't know APIs were available for that (or do you have a custom network driver for it?).

Is it bullet-proof enough for a killswitch or would the apps go through the normal route if I forgot to open your application, or if the vpn server is down?

I think selective application tunneling for windows is an incredibly useful thing and I wondered for a long time why it wasn't more popular until I realized how difficult it is to implement.

TunnlTo uses WireSock https://www.wiresock.net/ which is a custom network driver built by Vadim Smirnov. He'll be on later to answer any technical questions. He is the expert in networking and kernel level drivers.

I wouldn't call it bullet-proof enough for a killswitch yet but certainly is something we're working towards. The response so far from HN is encouraging so it looks like it will be worthwhile dedicating more time to the project to get it to that level.

muststopmyths

You keep saying driver, but wiresock says it’s usermode. Can you clarify ?

Not trying to be a jerk, just that I’d be more inclined to try out a purely usermode application than install a driver.

zacharachnia

I assume since Wiresock is using BoringTun(https://github.com/cloudflare/boringtun) under the hood, it works similar to other userspace implementations of wireguard, (e.g. wireguard-go, wireguard-rs) in that it uses a TUN device to deliver packets to the userspace implementation, and back out to the network. So, no driver installation required, but CAP_NET_ADMIN is required to create the TUN device.