Configurable blocking of domains and IP ranges to prevent outbound traffic. This provides the following platform agnostic benefits:
*Blocking "Phone-home" applications on any device
*Parental control (block facebook apps and/or website)
*Disable C&C access to malware / botnets should a device or computer become compromised
*Effective Ad and Tracking blocking
It could even be configured to operate in a White-listing mode to restrict access to exclusively approved ip's and domains.
Just a few comments on this:
On iOS it is impossible (without jailbreaking) to control outbound traffic.
If Vypr could create the outbound firewall at the server end, we would finally be able to control this traffic.
To make it easier for us, Vypr (or the community) could start creating easy to use rule sets for the most popular applications.
So, let's say I want to use an app, but I don't want it to phone home, deliver my private info etc to the vendor's servers. Vypr could provide rule sets for popular apps which will allow them to work, but not to send data which would be considered privacy-violations.
Finally - the ability to actually see where the data is going (visualize our outbound traffic) would be great. That will help to create new rule sets as well.
I think you could actually do this entirely in your DNS service. Look at how OpenDNS does outbound filtering in their Umbrella service. This is done entirely on DNS destinations, and while not perfect, it does solve 90% of the problem using 1% of the effort compared to actually analyzing traffic.
This would also allow it to work for SSL encrypted traffic.