I really respect how Mullvad is willing to sacrifice business to give extra security and reliability to the (remaining) customers. I first saw it when they disabled auto-renewal with PayPal, because it'd force them to store PII along with your account.
Unfortunately for me, they made one too many sacrifices, and disabled port forwarding[1]. They don't store any contact information that could be used to warn customers, so my connection mysteriously failed one day and I was left with several months of prepaid service.
I'm a bit bitter for that, but honestly their technical writing and security decisions have earned enough good will from me that I want them to keep the money. As the only VPN that doesn't feel shady, I wish them all the best.
I sincerely apologize for the inconvenience we have caused you.
Announcing the removal of a feature such as this a mere 30 days ahead is not how we like to conduct our business in the general case. I expect those of our customers who relied on this feature to be disappointed by its removal as well as the manner in which it was done.
Nevertheless it was the right thing to do. The manner and extent in which it came to be abused in recent months made it unacceptable for us to continue providing it. This feature should have been removed a long time ago, with a longer grace period. It wasn't - a mistake on our part - and some of our users suffered for it, including you. For this I am sorry.
Affected customers can get their money back for any prepaid service they can not use, of course.
If you used port forwarding to (I) make a service reachable (II) from the open Internet there are plenty of good hosting providers which will happily take your business.
If you used port forwarding to (III) stay anonymous while (I) making a service reachable we can highly recommend Tor's "onion service" feature. It was built with that use case in mind.
If you used port forwarding to (III) stay anonymous while (I) making a service reachable (II) from the open Internet, there are no good options that we can recommend.
Port forwarding needed to be removed on moral grounds. It needed to be removed because it was causing too much of a disturbance to our core mission of making mass surveillance and censorship ineffective.
I hope my explanation has - if not allayed your disappointment - at least provided some clarity.
Best regards,
Fredrik Stromberg (cofounder of Mullvad VPN)
Thanks for the reply. I'm sorry my negative comment got to first spot on what should have been a positive post. I understand why the decision was made, and I think I'd have done the same.
I really hope you guys stick around, Mullvad has exactly the posture that we need from security services.
Port forwarding doesn't seem to be a problem for long-established independent VPNs like AirVPN (based in Italy but very ingeniously without exit servers in Italy) or AzireVPN (Swedish; added port forwarding -- all mappings in memory, no static records -- just recently [1]). What makes Mullvad's situation different? Is it a question of margins for high traffic port forwarding users (Mullvad is branching out in browsers and search while these two are not) or something else? I used to be a long time user and a huge fan and proponent of Mullvad's but the communication here has been very much opaque. This is especially so as port forwarding removal was announced straight after a raid where police, after Mullvad's explanations, didn't take anything [2].
I'm sorry we haven't been more clear in our communication.
Our decision to remove port forwarding was not a question of margins - it was a moral and practical decision.
Port forwarding is a feature with many legitimate use cases. This year it became clear that we had become popular for use cases we didn't want to support. Undesirable content and malicious services is a good summary. I'm not privy to more details than that as my main focus is research.
Technology is often a double-edged sword, but thankfully it is often also a net benefit to its users and society in general. Privacy online is exactly that kind of technology. Enabling anyone to host any service anonymously on the open Internet is another matter.
I hope AirVPN and AzireVPN somehow succeed with providing that feature while steering clear of its downsides. That would be awesome.
Nitpick: Mullvad is older than both Air and Azire. :)
Thank you! That clarifies :) I'm also glad for all the innovations Mullvad has invented/supported/etc in the VPN space -- anonymous account numbers, multi-server SOCKS proxies, Wireguard over TCP, post-quantum Wireguard, stboot, open APIs, the list goes on.
It feels like VPN for apps is very different than a VPN for browsing. While in both cases I want my traffic to be mixed in with a lot of other people's traffic (so service provider dealing with complaints about neighbors is part of the value proposition), browsing use case is tied to IP reputation (so don't want someone to run a Tor exit on the same IP), whereas the app use case is much less IP reputation-sensitive but definitely benefits from port forwarding (e.g. to anonymously run nodes that powers distributed infrastructure like crypto).
I'd definitely pay premium, with longer commitments up front for "this server might be useless for browsing but run all your anonymous crypto nodes behind forwarded ports" type of service. Maybe if port forwarding is active only if you have 6+ months of outstanding service commitment (and you forfeit the balance if your port gets used for C&C or whatnot) is enough of a deterrent. Some VPNs are doing some traffic segregation already, e.g. having dedicated servers for P2P, though nothing exactly like this.
It seems pretty evident why they had to turn it off:
> The manner and extent in which it came to be abused in recent months made it unacceptable for us to continue providing it.
Probably the difference between Mullvad and AirVPN/AzireVPN is how popular the service is, which also usually dictates how popular it is for people to try to abuse it.
Maybe 1% of each service's traffic is abuse, which for AirVPN/AzireVPN is not that much, but on Mullvads scale it becomes a whole nother beast.
Mullvad is probably the VPN with the longest track record of not keeping logs. I find it likely that the vast majority of people who hosted immoral content using Mullvad's port forwarding feature solely used Mullvad for this purpose because of their reputation. After Mullvad discontinued port forwarding, IVPN (probably the second most trusted VPN provider) came out a month later and announced that they were also discontinuing port forwarding [1]. I think it is likely other VPN providers will follow suit.
According to Mullvads blog [2] the police raid was related to a blackmail attack in Germany.
What sort of abuses you have encountered when dealing with port forwarding? Was it DMCA'd content hosting or were there other major issues with it? Also how does other VPNs that offer port forwarding (like Proton) function against those sort of abuses?
VPN port forwarding is, by and large, used for BitTorrent because you can't seed without it. VPNs are used for BitTorrent in general because it's well-known that IPs participating in BitTorrent are monitored and logged by anyone who wants to[0]. I bet it's at least 100 BitTorrent users for every 1 user using port forwarding for any other purpose.
You can still seed/download without port forwarding setup, however the other person you're connected to needs to have port forwarding. Basically either side of the P2P connection needs to be reachable from the open internet, but not both.
So you can still seed, it just won't be as usable.
Reading between the lines, I'd be very surprised if it wasn't highly undesirable content, i.e. child porn or fraud. This came about a month after a very publicised raid by the Swedish police -- after which they left with nothing [1].
FYI: Our decision to remove port forwarding was not a reaction to the surprise visit by Swedish police. I wish we had been more clear about this in our blog post.
For example, say someone wanted to run their botnet distribution server. Now, unless you’re a state actor working for North Korea or some such, that generally gets a rather angry knock on your door in a rather short period of time.
Being able to hide your IP/traffic for $5/mo is going to save you a significant amount of trouble.
I’m certain AWS and other hosting providers keep track of any activity that’s too strange, and the authorities will have your hosting provider give you the boot even if they can’t figure out who you are exactly.
Developing a reputation for allowing, if not quite condoning such behavior will quite quickly get you shut down as a business. Even if they can’t “prove” anything, you’ll get hassled, harassed, and investigated to death because your existence goes from being a nuisance to being a problem.
Some guy torrented a few movies on your VPN? Whatever. Some guy used your VPN to break into their local government’s servers? If they can’t find him, they’ll take it out on you.
I had no idea this even happened. It would have been useful to show a notice within the app itself (like you do for patch notes?). Maybe you did, and I didn't see it, but I just got done paying for another 6mo on your service being none the wiser.
I'm not sure whether we did or not. Please don't hesitate to contact support for a refund of remaining time in case you've decided to switch providers.
> They don't store any contact information that could be used to warn customers, so my connection mysteriously failed one day
This situation seems avoidable: what if the payment/signup flow had a big loud warning that you need to configure your own polling of an RSS endpoint using a client capable of pinging you?
That's honestly a great idea for an alternative to newsletters... it would be nice if there was better first-party RSS support (what about in the email client?) since I don't think any OSs have it, because right now that would probably confuse most customers
You might be surprised! The Mullvad client is super well designed and usable for newbs, and I'll bet a lot of their business is from people whose more technical friends told them it was a good idea. There's a reason that Tor warns users that posting personal information or using accounts with their regular credentials compromises anonymity.
I wish RSS had more surface area with general computer users, but I reckon even being called RSS makes it unlikely. Folks in tech often forget how intimidating opaque names can be for nontechnical users.
Not being a Mullvad user myself, I wasn't sure if people tend to use a Mullvad client or a generic VPN stack built into their OS, but the Mullvad client could simply display news like this to the former set of users leaving only the latter set to configure a separate RSS client or whatever.
I’m a network newbie so I have no idea about the importance of this. I have done port forwarding in my router before, mainly so I can access my Plex system outside of my house. I used to setup port forwarding when torrenting but I have realized that I can still get my Linux ISOs without it. I never cared even though I’m a heavy user of their product. When will it start to affect me, or in other words, what use cases am I locked out of when port forwarding is disabled?
Oh!! That makes a ton of sense now, I feel dumb for not thinking about that since I was just doing some config changes for Docker services running in my home server. I realized I couldn’t access it from another machine because the Dockerfile didn’t have ports forwarded appropriately. Thank you very much!
After they disabled port forwarding, I moved to ProtonVPN. They seem like the next best thing, and they continue to state that they have no intention of removing port forwarding (for now, I assume).
I'm glad to read this. We considered switching to them earlier this year (couldn't find the budget) and it was still on the table, but this is a deal breaker. If we'd switched I'd have been in the same situation, with a lot of prepaid service I couldn't use as intended.
To be fair, the announcement came with the option of asking for refunds, and I have no reason to doubt them. My few interactions with their support were pretty good.
None as solid, no. My needs are fairly specific (exit node in a specific country, torrent-friendly, good speed, not too expensive, not too shady, first-party support for my OS'es, doesn't have to be government-proof), so you'll need to do your own research.
For what's worth, I eventually went with Proton VPN, but it's more expensive and gives a used-car-salesman feeling.
I really don't like the aesthetic direction Proton's been taking in the last few years, from top to bottom. I'm finding their mail apps, both in desktop web browser and on mobile, less and less usable. In addition I get this feeling from their design choices as well. I know their mission is to grow enough to challenge predatory providers like gmail, but it makes me wary and makes me feel as if I won't be using them in 5 more years.
Proton has unfortunately become incredibly bloated over the past few years. Meanwhile ProtonMail doesn't yet support auto-forwarding or (on mobile) email content search.
Not that person but I've spinned a 1984 instance paid with bitcoin without KYC. Then setup nat+rdr rules that foward to my service through a wireguard tunnel.
Becoming well known for always trying to put customers first is a good strategy and probably makes business sense in the long run. I have used mullvad for years. I have no intention of shifting provider. Mainly because the evidence is starting to stack up that they are one of the few good actors in a cess pit of shitty/shady competition. (Though it's a shane mullvad gets blocked by netflix, well the last time I tried it wasn't working).
The only other service I have any brand loyalty to gog.com. For some reason I feel the same about them.
I use IVPN and they also deprecated port forwarding. I believe they didn't cut people off directly but if you stop using it you can restart using it. I wonder if they removed it for the same reason.
What are legitimate use case to use port-forwarding behind a VPN IP? Genuinely curious, I'm not implying anything.
The main use-case is hosting something for which you don't want to reveal your IP or circumvent some ISP that block hosting web servers on their residential IPs. I'm sure I'm missing many more use cases.
Basically you have a thin proxy on some not so cheap but ‘anonymous’ Bitcoin payed VM, that then (http) links to your vpn endpoint.
You need the dual setup as using the btc vm for storage of terabytes of data as well as for TB of traffic is too expensive for a volunteer run project.
I have been out of the loop for a while on this, but doesn't BitTorrent require you to set up a port forward? Otherwise you can only connect to peers that do, but not other peers that don't.
I’m confused, the blog post backs up what you say but I can still set custom ports within my account page… And I’m currently running a service that needs to advertise out on a port to work from Mullvad.
I don't want to revoke a key to test but I'm pretty sure that just sets the port in the Endpoint part of the WireGuard config file. (the port you use to connect, for if the regular one is blocked). Are you sure your service behind Mullvad is accepting incoming connections?
Is it a torrent client, by any chance? Those can still work without port forwarding, if the swarm member you're sharing data with (regardless of direction) has an open port on their side.
Try creating a new torrent with some random file, seeding it from a Mullvad device and downloading it from a different Mullvad device. That should only work if you have port forwarding set up (or if you're not actually going through Mullvad - you will see that by the peer IP in the torrent client).
That custom port on the WireGuard config page is not the place where you'd configure port forwarding; that's not what that is. They had a separate port forwarding page for configuring city ports which is now gone. But you say you have it working. My guess is that you're just misremembering where the configuration is, and that Mullvad hasn't removed existing port forwards yet like they said they would.
In the wireguard config section of their tutorials, there’s a spot to put a custom port - it’s really unclear from the docs but this allows you to expose out a service within the higher limits of the port ranges, and only on dedicated servers.
Really hard to find but they call this “city ports” over global ports because you have to set them up beforehand.
My biggest professional regret is not joining Mullvad when their founder emailed me.
A seriously large chunk of their values aligns with my own, and it's woefully few technical enthusiasts that continue to place liberty over convenience -- meaning most of us tend to use hyperscaler cloud providers under the purview of the US Government. -- and before anyone mentions it; yes that has been an issue for me in my professional career as the cloud providers must adhere to US sanctions, meaning if you are from Cuba, Iran or Crimea you can't play the games I made. -- which is annoying because you could buy our game legally in Russia and Ukraine, but if you happened to be in occupied territory then no play time for you.
Sidetracked a bit, but it's really refreshing from the outside to see a company that isn't scummy that values liberty.
Yup. As a Cuban, sometimes it is annoying and sometimes go beyond that. Some cloud providers are totally off limits for us, some are fine with us (the minority and less known), some let us use some services but no others, some even have valid OFAC licenses but still deny access (because ACL complexities, I suppose)... it's all over the place. That's why I'm 95% of the time on crappy VPNs both to escape/evade US sanctions and my own country censoring mechanisms.
The thing is, I somewhat understand why the sanctions were placed decades ago, but... is that rationale still valid? Anyway, and sadly, the sanctions affect "regular" people like me the most. The ruling elite? Not at all.
Funny how everyone talks about the Chinese "great firewall" that blocks access towards some western platforms from China, and no one talks about "USA great firewall" that blocks Cuban citizen from acceding to a lot of services
Besides the technical differences brought up by other commenters, I'm a Canadian and I hear about USA sanctions toward Cuba on regular TV news and newspapers, never mind more specific news sources, every USA election cycle. It's a massive topic of public debate, and from what I can see it hugely influences outcomes of key seats in state and federal elections. Sometimes these claims of "nobody talks" or "mainstream media doesn't want you to know" are just... incorrect?
Because the latter is not a thing. The United States does not implement any border firewalls on traffic entering the country. No law compels blocking Cuban citizens from accessing US hosted content, just preventing them from entering into financial transactions.
I honestly have no idea how the sanctions are reflected in the actual wording of the law, but what I see is that many companies are actually overzealous and wholesale limit (block) access regardless of the outcome of the content request (that is, even if the transaction is not a financial one.)
Let me give you an example: I can't open dell.com, at all. What I want to believe is that they blocked all access because it was easy, just a geo thingy flipped on. It is their decision though, but it is supported on existing sanctions. So... yes, the law compels them to do it, indirectly or not. And there are hundreds, thousands of other examples that I can provide, if you're interested.
> Anyway, and sadly, the sanctions affect "regular" people like me the most. The ruling elite? Not at all.
This confirms my secondhand knowledge of financial sanctions. It seems to universally be this way and makes me wonder why we still tout them as if they were effective. They sure don’t seem to be.
Like, what things? I'm a citizen of a heavily sanctioned country, even though I haven't lived there for years. If anything, sanctions only affect people in such a way that they hate the countries that imposed the sanctions on their country, but not their own government. That's a very naive point of view.
Like we saw recentlly with Russia, the people were not upset when they invaded Ukraine. Then when McDonald's pulled out of Russia a fat guy chained itself to the doors. So internet, fast-food, clothes, cars, movies... water pumps... and so on.
False. There's a lot (the majority) of people from my close circle who were and are "upset", if I can put it this way. I don't have the statistics, but let's say that's 80/20 ratio (supporters/non-supporters), even though I personally believe it's closer to 50/50.
> fast-food, clothes
So you really think that limited access to the Internet and the fact that McDonalds is gone would force these 20% to get on the streets and fight against the heavily armed government forces AND the rest 80% of the country population? I mean, among the other reasons that come to mind, sanctions (movies, cars, clothes - what??) are somewhere at the very bottom of my list, if matter at all.
It's not what I think, is what actually happened: a russian guy protested ONLY for his lifestyle, a burger, not for his government killing other people.
I also got upset when I had to implement geoip tracking to block specific countries and thought about the people that wouldn't have access to the free service we were providing, which I thought could help someone bootstrapping their small business and potentially improve their lives.
That being said, many people consider sanctions as an act of war[0] and if you think of them like that, well obviously it sucks, it's war and war-like consequences always suck for the people on the ground.
Just make sure when your boss asks you to implement geoblock bans for sanctions, do what you need to do and not more like trying to block VPN users or other shenanigans. Don't break the law but don't make it harder for people on the ground to use their right to internet access.
Sidenote: I know a bunch of people from Crimea and many things we take for granted are surprisingly complex for them. People from Cuba or Iran at least have the certainty of which country they are in.
Yet, if you lived there you would be issued a Russian passport, your official documents would be from the Russian state; your police would be Russian.
And; if you lived in Laos, Cuba, Cambodia or Afganistan: you would currently be taking the opposite stance.
We owe it to ourselves to not permit the affectations of propaganda to convince us that we are consistently right, the truth on the ground is much more complicated.
I certainly believe Crimea is an invaded territory of Ukraine, but I cannot pretend that it's a wise notion to demerit the entire conflict down to "Crimea is in Ukraine".
It does nothing to help the people there, and is completely meaningless in the face of my initial comment: that while I could sell games to Ukrainians, I could not allow them to play from within Crimea... a territory you claim; is Ukraine. The implicit argument you just made is that we have created sanctions against Ukraine itself.
Crimea is de jure in Ukraine per international consensus. Crimea is de facto occupied by Russia. These are orthogonal statements are both valid. Everything else you listed derives from these premises.
While this is a provocative response and there is no excuse for the Russian invasion of Ukraine, the 2001 Ukrainian census[1] states 60.4% of the Crimean population considered themselves Russian and 24% of the Crimean population considered themselves Ukrainian.
Obviously it's impossible to do a reasonably unskewed poll in Crimea right now. However in other parts of Ukraine the number of people who consider themselves Russian drastically decreased when Russia started shelling their homes. So it's not clear how informative 2001 polls would be. Russia has also deliberately encouraged Russians to move to Crimea recently which would also skew that statistic.
You make some good points. I agree, any census done after Russia took Ukraine in 2014 can't be used and I don't doubt people who once considered themselves Russian started to consider themselves Ukrainian after Russia attacked Ukraine, but this was before all that so I don't think that's a problem.
And I'm not saying considering yourself Russian means you have allegiance to Russia, but I think there is a strong correlation between the two. Even if there's less of a correlation than I think, the percentage which considers themselves Russian is over twice that of the percentage which considers themselves Ukrainian. Maybe the Tatars align more with Ukraine than Russia, improving the balance, but idk.
Thanks for this. I'm glad people have good, evidence-based responses to my comment.
This gives us a great idea of how likely a Crimean who considers themselves Russian would actually vote between the two and that while the correlation is strong, it might not be strong enough to suggest Crimeans would favor Russia and while Crimea is still clearly, the most Russian-friendly Ukrainian state, the decision between the two is much closer than I previously thought.
Edit: to add, I have talked with a Crimean who supports Ukraine, but they say the outcome of a vote would very likely be pro-Russia, even before they started shipping Russians in and pre-occupation.
What it probably shows, is that while the fraction of inhabitants of Russian ethnicity stayed roughly the same in there, the supporters for joining Russia, at the very least, are not the same exact set of people. And we don't really know their number because the vote didn't have any independent observers.
> but they say the outcome of a vote would very likely be pro-Russia, even before they started shipping Russians in and pre-occupation
I heard similar opinions too, but it might vary on who you ask. E.g. we talk about information bubbles on the Internet, but they exist IRL too. That is to say, hearsay is not proof. And even if it were true, one might keep in mind that the reasons for that might not be obvious. E.g. there had been a fair amount of anti-Ukrainian propaganda on the Russian state TV (which broadcasted in Crimea as well) starting with 2000s or so.
Or here's a thought exercise, from another perspective: would you say if US made a poll in Monterrey (Mexico) about whether the people in there wanted to join US, and >50% of them said yes, it would have been justifiable (in at least some practical sense) to annex it? Or Montreal/Canada, for example. It's close enough to the border.
The Crimean issued passports are accepted only by Russia and other occupied areas such as South Ossetia and Abkhazia.
Practically they are required for many domestic tasks, and Russia won't let you leave the region with a real passport so you need one to get out. The European Union has emphasized to its member states that possession of one of these "passports" should also expedite the issuance of a humanitarian/refugee passport.
> And then you are trying to legitimise the Russian invasion.
In this conflict, I agree with you 100% - fuck Putin.
On the other hand, many international organisations don't recognise Taiwan as a country, whereas in my mind it's clearly a country for obvious reasons. So I don't consider international recognition to be the be-all-and-end-all of which borders lie where.
Yes. Zelensky has made it clear that they have lots of equipment and arms (although they'd love to have more.) What they need is foreign volunteers to fight.
I am speechless; I can think of a dozen or so glib responses to put down this line of reasoning in a combative way.
I will do my best to go against that instinct and instead say;
1) I don't believe necessarily that Crimeans are "Russian"
2) I don't believe that we can talk about a countries people as being homogeneous.
3) I don't believe we should be deciding what liberty people should be entitled to, that feels decidedly totalitarian to me, it would be very easy to decide that you dear reader are not entitled to liberty either, since you implicitly support *gestures broadly*.
Bit of a generalisation there, how many of us in the west were against and protested against the various wars we’ve been involved in and been basically just ignored because the government just does what it wants?
"The people" value different things depending on who they are. I'm sure you can find Russians who value liberty and peace, and I'm sure you can find Americans (or Germans, or Canadians, or Australian Aboriginals) who don't.
The world is not as black and white as you paint it, taken from an outside perspective the US has also done many things that we would likely go to war for if it was anyone else, including chasing journalists across borders, forcing down diplomatic aircraft and spying on allied governments (Merkel in particular).
Regardless; your enemies are not my enemies. Even then: Sanctioning occupied territories only serves to push the occupied territory further into the occupiers hands.
What are you doing about western governments pursuing journalists who reported war crimes in iraq?
This moral superiority about expecting people from other places to do what we don’t would be hilarious if it was completely outrageous
We’re expecting normal people to stand up against armed regimes while around the world our governments commit the worst human crimes while we’re zapping on netflix I have absolutely no words, I’m terrified
Isn’t trading with certain states like sanctioning of how they treat their population? Withholding trade seems fair. We don’t want to deal with you because you start murderous wars for example seems fair. As for “multi polarity”.. seems so far like the catchphrase of shitty governments and unhappy people here that dream of some radical change.. It’s a false word somehow
There was a real possibility that Russia could have joined Europe, but something got broken along the way.
I'm not sure that USA is really a strong ally of Europe. It's something in-between. US has its own interests before all.
They would lend us (Europe) money and sell us weapons in case we go to war, but a friend giving you a loan and making profit out of you isn't really that great friend.
The USA is not perfect, but there isn't anyone else out there.
Beggars can't be choosers. Especially after European NATO members underinvested in defence for decades and refused to see Russia as a threat that it is.
Not that long ago France even attempted to sell them aircraft carriers.
Brazil - high crime and corruption, but at least there is some democracy
Russia - totalitarian regime with no democracy and no rule of law.
India - lots of poverty and corruption, but at least there is some democracy
China - authoritarian regime with no democracy whatsoever.
South Africa - poverty and corruption.
Not very great choices. Also only Russia and China would be safe for people like Snowden or Assange.
The only time I've heard the expression about multipolar was from Chinese and Russian Foreign Minister playbook.
Add "NATO", "Russophobia", "Nazis", "Western" and other keywords in the soup and you have the perfect anti-Western speech.
It's not even a Western tool.
Sanctions are a tool to refuse to trade with opponent regimes, and it works both ways
(China has sanctions on the West too, for example on semiconductors. Russia has sanctions too against the West).
It's not perfect, and it has side-effects, but overall it deters other countries / terrorist organizations to follow the same path of taking an hostile posture against you.
If you let people go around sanctions, then becoming hostile will simply have no consequences.
If there are no consequences to actions, and there is a big prize to win, then the politics will do it, no matter what.
> In April 2023, the Australian government released their 2023 national review where it is outright stated that the age of American unipolarity and primacy in the Indo- Pacific is effectively over, paving way to great power competition and a more fractious world order.
It's new to me that Australia is known to spread Russo-Chinese propaganda either.
Where's the second democratic pole? If the only alternative to living in an US aligned country is moving to an authoritarian hellhole - then... no thanks...
Up front, I believe Mullvad is the best commercial VPN solution and is doing a great job at making good privacy more accessible.
However, a lot of the comments here seem to be hailing VPNs in general as the solution to privacy on the internet.
I would like to remind people that VPNs only really protect you against two things: your ISP and the endpoint. And that's assuming that your ISP isn't doing some shady analytics.
That being said, knocking those two things off the board is a huge benefit to privacy and absolutely should be done.
It is my understanding that many ISPs and backbone providers sell or otherwise disclose full detailed packet metadata, including precision timestamps, and that there are companies that aggregate this data across the entire Internet.
At which point your VPN becomes just another hop in the trace.
VPNs, no matter how secure they themselves are, are effective for accessing lightly geo-locked content and defeating unsophisticated analytics and tracking. They are really not a serious privacy solution in any sense, unfortunately.
I don't understand this area well enough, I think. Doesn't a VPN encrypt the routing information that tells the packet where to ultimately end up? I.e. my ISP can see the traffic going to the VPN, but can't look inside it, and can't see where it goes from there?
Correct, but the destination ISP chain (and of course the destination service itself) can equally see the traffic coming from the VPN, and if you have packet metadata (precise timing and packet sizes) from two sources on either side of the VPN, it is trivial to correlate those two streams.
Note that Mullvad's WireGuard settings offer a "multihop" feature, meaning the VPN destination your ISP sees and the VPN endpoint the end service sees differ.
I'm not sure how that protects you though. ISP sees your traffic going into WG1. They know all of Mulvad's IPs, so isn't it just as easy to correlate that traffic when you exit through WG2?
Assuming the ISP monitors the entire network graph (your computer, the VPN server's activity, and the end service's server), you wouldn't. At that point, it's game over unless you're using mixnets or something.
If they merely monitor your computer and the end service, the correlation weakens a little with plausible deniability.
The real win is when the ISP adversary is monitoring your computer and the WG servers and NOT the end service. In that case, say they see you go to WG1, and then they see WG1 going to an end service. This is also correlation, and pretty undeniable. But say they see you go to WG1, then they see WG1 go to WG2, and they have no visibility of WG2's traffic. Then the tracking's broken; the footprints run off into the surf.
So multiple hops buy you defense in depth assuming it eventually gets you outside your adversary's monitoring range.
> VPNs, no matter how secure they themselves are, are effective for accessing lightly geo-locked content and defeating unsophisticated analytics and tracking
Circling back to this statement: aren't they also useful on public Wifi?
the reason the uk wants an encryption backdoor is because it's expensive to do statistical analysis of encrypted traffic. there's ways to make it more difficult, but if you own the certificate that a tls endpoint uses you can just open it and reencrypt it for the destination. this is called break and inspect. if a vpn uses different certificates and is built well, there would have to be a flaw (spyware, vulnerability, etc) on one of the endpoints for anyone other than you and the vpn to read the encrypted data.
Why would they even do so ?
Large ISPs are public, so this activity would appear as extra revenue (if they sell traffic data) in their financial reports and annual reports.
The most likely is that ISPs are just respecting the local laws, and doing the minimum retention as required by the law (because more data storage = more costs),
and that their actual fear is that someone leaks this data and causes reputation damage, so they'd avoid storing anything if they can.
ISPs are also in the business of analytics [1, 2], and a significant percentage of customers hiding their traffic reduces the value of their analytic products.
This view is extremely western, not all ISPs are obligated to show "financial reports", and "shady analytics" does not imply a user's complete network traffic record into perpetuity. And even if your arguments were valid, this is not limited to the ISPs financial gain, but surveillance which occurs in every country.
One of the projects I worked on a couple of years ago was audited by Radically Open Security - I was extremely impressed with the quality of their specialists.
They didn't find anything of course (in the the system I was responsible for) beyond a couple of remarks (which I believe we had already explicitly marked with comments as they were marked for improvement by our static analysis tools; think "you can use a better variable name here" and "this can be simplified by using guard clauses" level). Not bad for something built under extreme circumstances and very little sleep (6-month-old-baby + COVID + crunch + 2 other busy young kids = hell).
Mullvad is THE ONLY mainstream VPN that doesn't have seriously questionable credibility.
Not even Proton VPN is OK - sleuths have figured out that it's just a white-labeled version of NordVPN.
I am thankful that Mullvad is doubling down on their commitment to integrity, because there isn't an alternative.
Note in the link above [1] doesnt work anymore since Nord actually removed the product page for their white label product, but it does exist and you can see it in the Products dropdown as NordWL.
And since the link to [2] in what I linked above is broken, here is the archived version: https://archive.is/iZ2l2
It appears in this audit. They only reviewed test production servers.
Playing devils advocate, what would be stopping Mullvad from providing the Open Security team with a version of Mullvad stripped of logging features? I hate to be this skeptical, but shouldn’t an actual audit review customer facing servers (within bounds to prevent the auditors from logging info).
Maybe I’m wrong someone pls lmk. But I’m not convinced a test of this calibre demonstrates Mullvads claims of no logging.
It wouldn’t make that much of a difference, I think, since they could just do the same with the real servers but only for the period of the audit. There has to be some faith that the subject isn’t actively deceptive and malicious, or the audit has to be random and at any time.
They don't state it clearly but this was a "we are capable not to mess up" audit rather than a "we are keeping your promises" audit.
I believe it is relevant to the threat model of an attacker gaining (partial) access to a production server (eg no accidental logging), not to the threat model of mullvad deploying malicious code.
I feel like this is a meaningful audit but would have liked if they had stated this more explicitly
At some point of paranoia people should really look into selfhosting a VPN service. Sure, your VPS provider can see one side of the traffic so its not bullet proof, but that can be mitigated.
Mullvad is a nice middle ground for those who don't see that as worth their time or don't know how. Its good to see they're at the very least trying to keep up appearances.
I doubt that's the better way. How is self-hosting helping with the paranoia vs. using Mullvad?
I don't really see how it's more secure to run some software that you haven't audited on a VPS somewhere at a provider you haven't audited. I'd trust a company with resources to run their own hardware, investing into a more secure setup [1] and contributing to more open infrastructure [2] much more than I trust myself to run something securely which isn't my sole occupation.
Self-hosting also makes you vulnerable to the network hosting you (not only the hosting server itself, but also the internet transit provider) and of course the website you are visiting, as you are the only user from that source IP (rendering a VPN practically useless).
Can do various mixing and matching if you have more than one VPS. Again, it rearranges rather than removing the vulnerabilities, and it's pure window dressing against an organised, financed actor.
I've done this as an intellectual challenge more than anything else.
I do this, mostly for the static IP that isn't linked directly to me and my approximate location, with mullvad exit only for 'sensitive' stuff. The degree of separation is nice even if the breadcrumbs are there. Best if the VPS allows crypto or cash payments.
I work in a bank and wish it worked like that too. "Sorry ECB, sorry SEC, we don't allow auditors access to our customers money". :-) My work would be so much easier! Too bad we can't do it because we'd go to prison.
I would have liked it if the audit had also provided a number of logins to be used on that server to act like typical users. Just so it was operating as a normal server would.
This could have led onto auditing a live server.
Auditing an in use customer facing server would definitely require a good amount of controls to ensure the auditors didn’t log any possible customer data.
Mullvad has been chopping away at system transparency for a little while: https://mullvad.net/en/blog/2019/6/3/system-transparency-fut... -- Effectively, a mechanism by which their servers can perform attestation to their server really being what is says it is.
I think they might have even spun this out into a separate project. With this, you can "trust" Mullvad that what's audited is really what you're using.
Sadly I can easily imagine a future where mullvad suffers because big tech simply rangebans all their datacenters (already happens to some degree between cloudflare and individual admins - people are seemingly even banned from using chatgpt if they connect over it, or at least it's involved) and you need the shady residential proxies to actually be able to connect/scrape anything.
A self hosted VPS may also work if the company is small enough to avoid the coming BlanketBans, but only time will tell.
I switched to Mullvad after teh last article i read here on HN about how they didn't log and couldn't offer logs to the authorities. I don't have the link but I was impressed and these audits are further proof that that decision was correct.
> I switched to Mullvad after teh last article i read here on HN about how they didn't log and couldn't offer logs to the authorities
It should also be pointed out that OVPN[1] is an option as well. They were taken to court and won[2], so they demonstrated above all reasonable doubt that OVPN no-logging means no-logging.
See the link for the detail, but I quote:
"the Rights Alliance and their security experts have not been able prove any weaknesses in OVPN's systems that could mean that logs are stored. "
I came across mullvad some time ago (apparently they struck a deal with Mozilla). Anyway, their service is great and it is such a rare thing to just pay for a service without all the nonsense around. Just; click here to get an account. Nothing else. Then just freaking press pay, in any of a huge array of methods, including cash in the mail!
Is that an option? I've been paying 5 euros a month for a number of years and probably use it for 10 minutes a month, on average. I would love to just plunk down 20 euros and be good for the foreseeable future, if it was a couple cents per minute.
It's not on the pricing page (I was surprised too) - I think maybe GP means that it's rolling monthly, and that they no longer do card subscriptions (on a pro-privacy stance, not wanting to store them, Know their Customer, etc.) so you can pay (say, Amazon) for the time (1 month, 94 months, however many months) you need.
Correct, it's always monthly pricing, no usage pricing. I assume OP meant they could pay for a few months, stop, then start back up at any time easily.
I just send them enough cash for a year at a time. No issues yet. I suppose there is a chance someone grabs it out of the mail but I'm willing to risk it.
As ivpn's gateway in Brussels is more often than not 100% [0] during the evenings, I'm looking for an alternative. This wasn't the case until some 6-12 month. Anyone experience with mullvad's [1] throughput in Belgium?
This is Viktor from IVPN. We have recently added more capacity to our Belgium server. I'm looking at our internal graphs and it has not been hitting 100% in the past couple of days. We are monitoring it closely and ready to add more bandwidth if necessary.
I'm a little hesitant to say the following, since I don't collect metrics, and thus it's maybe a bit unfair on Mullvad, but: sometimes the Belgian Mullvad locations can be a bit slow. I've had that feeling from time to time, and on a few occasions when switching to their Netherlands locations I get better speed. Right now for instance I get close to full theoretical speed as promised by my ISP while going through Mullvad Netherlands, and only a quarter of that speed through the Belgian locations.
As an occasional mullvad customer im glad to hear.
That being said, I wonder why we arent hearing about any cases involving them and cybercrime. Letter soup agency smear campaigns or actual cybercrime.
They operate totally in the clear as opposed to Tor and other overlay networks, but unlike with Tor, there are no "opinion articles" or biased news articles slamming them as pedophile enablers.
If the VPN is hosted in America or Europe it's without a doubt logging, otherwise they would not be able to operate legally. Full Spectrum Awareness logically means VPNs should be a prime targets for the surveillance state that we're in.
What law would require an American VPN host to log the activities of their subscribers? CALEA only applies to telecoms and ISPs (legal common carriers), a VPN provider is neither.
> These servers were deployed as though they were to be production customer-facing servers, however these servers have never been utilised as such.
> Servers that ROS was given access to for testing purposes should be isolated from production data, but we found that
the Wireguard host was receiving production user traffic via multihop configuration
FWIW you can look at the network traffic in your browser devtools and verify that only the public key is being sent to them. You can even hit their API endpoint with the public key you want to add manually, I just tried it and it worked.
Either way, if you don't trust them it hardly matters if your connection to their server is secure - they're the ones decrypting it!
I have PIA paid until December but I'm getting so many captchas with them that I've been seriously considering paying for Mullvad, too. Glad to see people are still happy with them so I can go ahead.
I don't want to discourage you from using Mullvad, but there are lots of captcha and cloudflare problems there, too. I consider it a cost of doing business.
Both are fine for vpn performance. However, Mullvad has won me over with their business practices.
Mullvad accepts my payment for a month of use at a time, and I manually renew it (after I receive a reminder) each month. If I don’t need a vpn the following month, I don’t pay for another month. I also find Mullvad works a bit better on Linux too.
I just got hit with a 2 year auto renewal charge from proton for my old proton account (email, storage, vpn) for roughly $200 with no email reminder. I thought I had cancelled the auto renewal, but I apparently hadn’t. When I went to cancel it after receiving the charge, the process was full of dark patterns and offers to continue my service, ending with the inability downgrade because it required me to manually delete emails for 30 minutes to free up storage to downgrade to the free account.
It feels like proton has shifted their focus to metrics and profit growth over user experience while Mullvad simply provides a great product with no trickery.
Please note that Proton subscriptions are automatically renewed, as well as that if you are using multiple services under the same Proton account, the access to all of them will be suspended if an invoice has not been cleared for longer than 14 days: https://proton.me/support/delinquency.
We cannot downgrade a subscription for you automatically, as only you can choose what data should be removed from your Proton account - it is impossible to downgrade the account to a Free subscription if it exceeds the limits of the Free subscription.
However, as soon as you downgrade the account yourself and cancel the subscription, we will automatically refund you for the unused time. The refund is automatically issued in the form of Proton credits which you can use for a Proton paid service in the future, or you can request the credits to be refunded back to your original payment method by contacting our support team: https://proton.me/support/contact.
This entire situation would have been avoided if you had sent me an an email saying, “Hey, we wanted to let you know that you are subscribed to an auto renewing plan that is set to charge your payment on file in two weeks.” Instead you have taken my money, and I have to spend my free time asking for it back.
> We cannot downgrade a subscription for you automatically, as only you can choose what data should be removed from your Proton account - it is impossible to downgrade the account to a Free subscription if it exceeds the limits of the Free subscription.
Add a button to delete all data in my account that appears when you tell me you can’t downgrade.
> The refund is automatically issued in the form of Proton credits which you can use for a Proton paid service in the future, or you can request the credits to be refunded back to your original payment method by contacting our support team
What is a proton credit? You chose to issue an unauthorized payment on my card in USD.
To summarize my experience, in order to cancel a subscription at the end of its period, one must:
- Set a reminder to cancel the subscription potentially years out because they cannot disable auto renew
Failing to cancel before being charged without a warning email, they must:
- Discover how to manually delete all of their files across various proton services to get their storage below a free tier threshold
- Email support to ask that their refund issued in proton credits be converted into their payment currency
- Respond to support’s email asking if they are sure they want a refund
Please note that this response and the whole reasoning is absolutely ridiculous. But thank you for it anyway, I’ll make sure to keep away from your services in the future.
Mullvad is THE ONLY mainstream VPN that doesn't have seriously questionable credibility.
Proton VPN is very questionable - sleuths have figured out that it's just a white-labeled version of NordVPN. But the trail is a rabbithole, and you might not be personally satisfied with the standard of evidence. Here is a start for you:
https://news.ycombinator.com/item?id=23571653
And since the link to [2] in what I linked above is broken, here is the archived version: https://archive.is/iZ2l2
In addition to reading like it was written by an angry 12 year old, it makes some enormous logical leaps. The facts given are that Proton has an official legal entity in Lithuania called PROTONVPN LT, UAB, and another company called Tesonet shared Lithuanian offices and apparently some business services with them. The article claims that Tesonet is a "data mining company" based on the following evidence:
> Tesonet has its hands in “Machine Learning Solution, cybersecurity, and collection of business intelligence data” in efforts to create algorithms, that best suit their client business needs. If you read their about page, the company openly states it employs many different technologies to structure data, which is run on various services like MySQL, Anisble, collectd, StatsD, ElasticSearch, Grafana, Influx DB, Python, and Couchbase.
> ALL of these names rely on HEAVY USER INFORMATION, which makes sense, considering that Tesonet is a DATA MINING company. Now, let us not forget that Lithuania itself is a NATO member that regularly holds NAZI marches.
Let's just say that I'm not immediately convinced that Tesonet is in the business of selling user data.
The article also claims that in one online Lithuanian business services directory, the CEO of Tesonet was listed as the head of PROTONVPN LT, UAB. I have no idea of the legitimacy of this claim, but it stretches plausibility to claim that Proton is secretly not a Swiss company and secretly has a Lithuanian data mining company CEO as its head.
The article then goes on to make some completely unsupported allegations: "the real question is not whether ProtonVPN is working with Tesonet, but if the provider is owned by the data mining company" and "Under the name of a FREE VPN service, they’ve been collecting USER DATA all along."
Furthermore, the original source of most of this information actually comes from a Hacker News comment. The article links to a comment by the head of Private Internet Access! https://news.ycombinator.com/item?id=17258203
Unfortunately this gives the game away, because the comment is "retracted and removed by author's request". Dang comments:
> In addition to the redacting the above comment, we deleted several comments below by request of their authors. My understanding is that the dispute has been resolved and that the allegations are retracted.
In other words, it appears to me that the true source of these rumors has retracted them and no longer believes that Proton has the claimed ties to Tesonet.
Ironically, as a result of looking into this, I feel slightly more confident about ProtonVPN than I did previously.
Edited to add: you're also stretching even the blog post's unsupported allegations in your comment, when you say that ProtonVPN is "white-labeled" Nord. The article makes the unsupported insinuation that ProtonVPN and Nord are both owned by Tesonet, but this is different from the claim that ProtonVPN is just Nord repackaged as a different product, as you claim here.
> In other words, it appears to me that the true source of these rumors has retracted them and no longer believes that Proton has the claimed ties to Tesonet.
I was nodding along, until this.
Seeing someone retract a pretty specific claim like that by calling on the admins to delete, instead of leaving it up for posterity and/or and discussing how they made the error, feels more like a legal threat was received, and some pants were shat.
I think those two are the most reputable VPNs. I’ve used ProtonVPN for years just since I wasn’t aware of Mullvad at the time and can’t be bothered to switch. I believe ProtonVPN hasn’t had infrastructure audits, which Mullvad has had.
mullvad if you want good support and good linux/mac/windows client, proton has a shitty linux client, they support dynamic port forwarding in their windows client
If you experience something, it's already subjective. No need for the "imo" -escape. Same goes for sentiment. The sentiment is already what you observed, no need to further interprete that. Just share what you see. This is overly careful to a point where it almost lacks any content.
Edit: To make this constructive, you could add why people think so and share a related link or something.
mullvad is well worth it IMO. Genuinely reliable, privacy forward, and consumer-friendly rather than trying to maximize profits and make their own lives easier
Given that it's in the West I still think it's probably NSA compromised, but I'm not nearly important enough for the government to blow their cover about.
That's tinfoil hat nonsense. The NSA aren't gods, wizards, or aliens. They don't have the best people (those are mostly at FAANG), and their total budget is a fraction of Big Tech's.
If you ever find yourself assuming that the NSA/CIA/etc. have magical knowledge that's decades ahead of everyone else, or have "assets" in every village on Earth, you know you've been watching too much TV.
Are you familiar with PRISM or the information Edward Snowden disclosed? The NSA doesn't need "magical" knowledge from the future, they have back doors and exploits in hardware, data collection methods directly arranged with ISPs and FAANGs, and free legal reign. The "best people" at FAANGs readily cooperated with the NSA and FBI, doing everything they could to assist them. If you've never looked into PRISM, I highly recommend going down the rabbit hole.
> the NSA/CIA/etc. have magical knowledge that's decades ahead of everyone else
Exactly what the hell kind of magical knowledge does it take to compromise a VPN? They could own the thing completely.
If you ever find yourself thinking that massive intelligence agencies with budgets in the tens or hundreds of billions of dollars aren't doing anything and have no function, you've been watching too much TV news. If you think that governments require the magical knowledge of gods, wizards and aliens to compromise a VPN service, you've completely retreated into fantasy.
Perhaps for some indication on how much "they're not gods" is, its worth looking at the things the CIA did to try and assassinate Castro (as well as any of the shenanigans they did during the cold war, including trying to train cats with spy sensors in them to wander into a Soviet embassy - that one failed because it took too long to train and their one successful cat was driven over by a taxi when set loose on the street across the embassy).[0]
Its less "super top secret spy agency hires a hitman to take out Castro" and more "we're just going to throw whatever we can at the wall and see what works". Plans included literally mailing him exploding cigars (on the assumption that Castro liked smoking so mailing him one might just work), hiring his ex to try and kill him on a plane ride (which just resulted in the ex rebounding with Castro) and some campaigns to try and make him look weak that can only be described as "hilarious" like flying a plane over the country and dropping leaflets with a bounty of 0.02$ on his head with the idea that he was so weak that the bounty wasn't worth anything (although this one was rejected, they also attempted to make him look foolish by lacing a radio broadcast room with LSD).[1]
To pull a quote from Alan Moore: "If you are on a list targeted by the CIA, you really have nothing to worry about. If however, you have a name similar to somebody on a list targeted by the CIA, then you are dead."
Understand that direct contradiction is not terribly helpful, but this seems important so: no it isn't. (supported by years of public evidence, and also some personal experiences that I can't go into due to <reasons>).
The NSA was getting $10.5bn to spend in 2013[0]. I can only imagine it's gone up since then year on year. That's not a bad fraction when your whole goal is signals intelligence.
Volkswagen's research budget was $21 billion in 2022. $10.5bn is nothing in the big picture, and certainly not enough to "control the world" or whatever grand claims are commonly made about the NSA.
It's not about the NSA so much in my view, it's about the west simply most likely going completely along with America as long as it doesn't involve going to war (e.g. Iraq) which could cost them an election. And a number of European countries are clamoring for draconian surveillance themselves.
And the Best People aren't at FAANG. They are at hedge firms.
The data center Mullvad uses - a separate company - never compromises them out of curiosity, preference, coercion
That governments skip the private sector coercion entirely and just add their own devices and logging in the middle, which came out of the Snowden leaks as normal 10 years ago.
All VPNs have this limitation. They’re just internet resellers that amusingly try to differentiate an audience based on privacy.
Do you ever key your passwords outside places where you have total physical control?
On that note, do you let your love person stay over for the night (have physical access to your flat)?
Your incompetent and flabby security posture makes me want to puke. At the very least, admit that your security posture is „typical educated HN reader“ and you’re not serious, so the rest of us can continue on our business without your mind numbing puerile distractions.
[okay that rant was really just a „holier than thou“ parody about how if you’re going to maintain a security posture that’s more tense than 90% of your peers, at least acknowledge what threat model you espouse and acknowledge that others may have a different one. If you had been like: „is this your threat model? Then why don’t you care about this…“, you would have my upvote not my snark. Even if that weren’t my threat model I would have found that exposition commendable.]
Yes, realizing that you can't trust the ownership of a company to stay consistent for eternity is basically like thinking your mate is working for the government to steal your passwords.
What investment do you have in people trusting VPN providers that would cause you to make an argument like that? I bet none, it's just a bad instinct.
i2p, tor. whonix distribution of linux, tails… but ok
I didnt expect the sarcastic tone of responses but I also dont understand why people act like sports team fans of VPN providers. there are other solution, easily accessible, that do more than VPNs can do, depending on your threat model
a VPN user that supposedly just wants to avoid adtech tracking doesnt need annual audits about how little data one VPN stores over the other
You can't trust anything you have not built, incl. your laptop, keyboard, mouse, phone, car, even your teabag (what happens if they're randomly drugging your tea to test some pathogens, with a request from your government).
Even if you have built that thing, you can't trust any semi-capable chip to not log, change, or exfiltrate data in any way possible.
For the people who don't have a kit yet, they can always take the cloud approach and use Google Online Development simulator (G.O.D. simulator) and follow their tutorial for Hello Universe[1].
You're right. We're actually wasting our time ever thinking about our security or privacy, or taking any measures to protect it. You've convinced me that some security is an illusion, and that the real answer is trust.
if you want privacy on the internet you have options. VPNs give you privacy from your local network and ISP and a little bit from the destination service, and that's it.
there are options to have privacy from additional kinds of parties. i2p, tor. whonix distribution of linux, tails…
This thread is reacting to someone pointing out the weaknesses in VPNs. It's the people who were triggered by that to defend VPN usage against the pointing out of this reality, and to imply everyone aware of the drawbacks are paranoiacs; it's those people who have committed themselves in advance to a solution.
> That governments skip the private sector coercion entirely and just add their own devices and logging in the middle, which came out of the Snowden leaks as normal 10 years ago.
In the U.S, VPNs are not effective against targeted surveillance. But they very well may be effective against government passive surveillance programs like the President’s Surveillance Program.
The Snowden leaks revealed many things. What stood out most to me about them was that the government _tried_ to stay within the confines of the law. It was a very twisted, contortionist, interpretation of the law, but they did try very hard to stay within the bounds of the legal theory that allowed the program to exist.
Based on the leaks, if you’d have been running HTTPS over a VPN during the PSP, it’s likely a good portion of your traffic would have evaded the program.
Always critics but never providing a viable alternative. So please tell us your model, yank the cable out of the wall and pitch your phone in the lake? I'm mostly concerned about advertisers, corps, and my ISP. I know that in my country (the USA) that if they want something out of me they'll take me to a back room and beat it out of me, so generally I don't do illegal stuff.
I'm not worried about my government as it currently stands. I'm squicked out by the fact that every single private company I interact with seems to be falling over themselves to collect as much data about me as possible, and resell it to anyone who will pay. There are no protections against this in the US.
I am worried, at least a little bit, about an authoritarian government coming to power and basically weaponizing past data collected against it's citizens. I've seen the inferences facebook and google can make with privately collected data. I don't think it's too outlandish that governments would be able to quickly and easily create detailed dossiers on everyone that protested against x or voted for opposition candidate y.
The Nazis used the census to find Jews. A huge amount of people had no idea that they had matrilineal Jewish descent until the Nazis and IBM told them.
Mullvad looks like one of of the best VPN providers out there. However the use of a customised Linux Kernel and Ubuntu distribution gives pause for thought. Are they going to be able to integrate security patches quickly? Wouldn't it be better to use a standardised security focused OS?
If you don't do any logging and don't want to know what your users are doing - it means that you won't have to deal with the cops as much. And there won't be any risk of those logs getting leaked or stolen .
Unless you're de-facto part of the government like Google and Microsoft - I see no good reason to log anything more than what's legally required.
1. Browsing habits would hardly have an affect on the vast array of data to have an effect on ads presented to you, unless you care about your privacy. Its all target auidence and marketing (look at ExpressVPN or Surfshark. They all offer privacy but never follow up)
2. Their algorithms can avoid showing you ads derived from the VPN if it detects the usage of your actual IP
The market for data is shady. They can simply sign contracts with a few reputable "market intelligence" firms. I am also very sure that another VPN firm wouldnt mind being a proxy seller the browsing data in return for some comission.
how do you troubleshoot? how do you monitor? how do you check for malicious behavior from clients or 3rd parties? how do you keep your providers honest?
Then when audit team is gone, they enable user logging. I think thats a possibility in every provider. IMO based on the transparency they handle police requests to get access emails, I will keep using protonvpn.
“The Swiss legal system, while not perfect, does provide a number of checks and balances, and it’s worth noting that even in this case, approval from three authorities in two countries was required, and that’s a fairly high bar which prevents most (but not all) abuse of the system.”
As any other company operating legally, we have to respect the local legislation, which is what happened in this case. The case also shows that our encryption works as intended - we were not able to share any of the user's data stored encrypted on our servers (email content, attachments, etc.), because we don't have access to it ourselves.
Note also, that the case pertains to Proton Mail, and not Proton VPN. Proton Mail is considered to be a communication service, and in most countries (including Switzerland), communication services are regulated to some extent. The treatment of VPNs is different. There are no Swiss laws compelling us to log IP addresses, personal identifiers, traffic or browsing history, as proven in a 2019 legal case (we were not able to provide the requested information because we don't keep any: https://protonvpn.com/blog/transparency-report/).
Unfortunately for me, they made one too many sacrifices, and disabled port forwarding[1]. They don't store any contact information that could be used to warn customers, so my connection mysteriously failed one day and I was left with several months of prepaid service.
I'm a bit bitter for that, but honestly their technical writing and security decisions have earned enough good will from me that I want them to keep the money. As the only VPN that doesn't feel shady, I wish them all the best.
[1] https://mullvad.net/en/blog/2023/5/29/removing-the-support-f...