Is there any merit in installing a virtual machine with OpenBSD and pf (or any other simple and secure OS + iptable) on a mac laptop and routing all the traffic through that machine? I read a similar set up for corporate laptops running windows (I thing I read this in BSD magazine). They claim that Windows machines are too hard to secure and if you are taking them to the wild (public wireless, hotels, ...) you'd better but a secure OS in between! If you think this is a good idea, how you route all the traffic on a mac through the virtual machine and prevent any application or service to go directly? I am not sure if just setting the gateway will do that, what about DNS? you don't want anybody to fool you with DNS cache poisoning or similar attacks either.