Mullvad
this post was submitted on 26 Jul 2025
84 points (100.0% liked)
technology
23890 readers
233 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 5 years ago
MODERATORS
Proton VPN if you are torrenting, since Mullvad closed off port forwarding... :/
Is there any good reason for them to disable port forwarding?
Interpol went around and got everyone to blacklist their exit nodes because mullvad wouldn’t cooperate with their investigation into malware and csam using forwarded ports. A few years ago browsing with mullvad got real tough because of that. They decided to pull port forwarding rather than only be useful for running p2p malware and csam behind and everything’s back to normal except now you gotta use air or proton or something to do port forwarding.
Why can Proton do it then tho? /gen
Because proton users don’t just get the vpn, they get some kind of bundle that has a bunch of metadata which can be given up under investigation. So when interpol comes sniffing around with warrants proton can say “here’s all we have” and it’s actually something they can use instead of mullvads “here’s all we have” that’s actually nothing.
And there wasn’t a malware/csam investigation at a dead end involving proton.
The police didn’t go around to a bunch of cdns with papers to try to compel them to blacklist mullvad servers because they hate port forwarding, a dastardly computer psuedocrime only useful for disseminating malware and csam, they got cdns to blacklist mullvad in an effort to flush out nontechnical poi to their investigation. My understanding is that it worked.
People were using it to host CSAM and more relevantly to their decision to also run malware C&C servers behind it.
why do people trust this one more? is there any proof more they delete their logs than the others?
Mullvad has open-sourced a lot of their infrastructure, and really it all checks out.
They've had multiple independent audits that show that their VPN infrastructure is indeed diskless (RAM only, no permanent storage), and they run what they say they do. Even if they wanted to store all of their logs for the police, it shouldn't be practical for them to do so.
https://mullvad.net/en/blog/2023/8/9/infrastructure-audit-completed-by-radically-open-security
Other ran the audits how do you know that their running an implementation of what the open sourced? what are the orgs that run the audits?
Bit concerned you're asking questions that aren't just answered by the webpage oscardejarjayes linked to, but by the link itself "completed-by-radically-open-security".
I 100% get the skepticism, but VPNs inherently require trust on the other side, it's literally impossible to actually "prove" it's legit. But this is also true of any means whatsoever to connect to the internet. You cannot be truly anonymous online unless you rely on SOMEONE to obscure your identity for you.
Mullvad have done the best means of building up evidence, if ever got found out as lying, they'd immediately lose 90%+ of their customers.
And to be honest, allowing and actively encouraging customers to pay by cash would make them a pretty shit Fed honeypot, too.
Bit concerned with your VPN evangelism steering people away from actually secure solutions like I2p
These auditors specifically are Radically Open Security out of Amsterdam, their website lists their team with names, pictures, and descriptions, I picked one at random and they had a realistic web presence.
There is no way to prove what they are actually running, other than audits. Anything a legit system could send, a malicious one could send too.
As another poster mentioned, after a raid the police had nothing.
I have an acquaintance that works there also and my impression is that they are very serious about the task at hand. Hence why there are no user names, no subscriptions and the option to pay with crypto or even mailing cash in an envelope - apparently quite a few people do this, some using newspaper clippings for the user ID.
Only thing I hear about them is that they got raided and police walked away empty handed since they genuinely had nothing, but I’d love to hear more what else specifically makes this provider more trustworthy tbh
The source for the lack of evidence retrieved being the police themselves?
tinfoil hat on but great way to set up a honeypot
The big marketing push for VPNs where they sponsor absolutely anyones videos always made me suspicious.
If anyone wants to avoid hearing a Briton speak or avoid seeing his disgusting bog-dweller face and teeth:
It’s Israeli company Kape Technologies! They run a bunch of the big VPNs, collect user data, turn it over to the iof and mossad and comply with police orders beyond what’s required by law.
Express and pia were the big kape brands to worry about a while ago but there’s a laundry list.
Tldr: use mullvad, pay with cash, turn on doh.
I was wondering about this. I noticed that most of the anti-zionist news subs on Reddit were all blocked by this.
Maybe this is why everytime someone posts a reddit link here and I click without thinking I get a "blocked" page on reddit. My VPN (mullvad) isn't just handing my data over to Israel.
The blocked pages are how you know it's working
My VPN (mullvad) isn't just handing my data over to Israel.
It probably isn't, I wouldn't put all my trust in one company though. They're Sw*dish after all.
What about being Swedish?
It's mostly a joke but Sweden is a country largely aligned with US and thus also with Israeli interests, it's not exactly inconceivable they'd pull strings to compromise Mullvad if they deem it necessary.
A high percentage of VPNs even ones based in Russia and the like hand data to their own governments, which in turn is given or stolen by the Israelis
From time to time theregister .co.uk or some other specialized techie rag reports on “international operation led to FBI to arrest criminals operating VPN (or encrypted phones) ‘used by criminals’ “ They pop from time to time. You can deduce that if your VPN really works against state actors, you will be arrested. You can also deduce that all popular VPN are not secure against state actors. Bcs why those dastardly criminals wouldn’t use some “no logs honest” major VPN?
Any thoughts on proton?
Proton is fine for porn and piracy but you have to be careful what information they have because their warrant canary has been cooked for a while now and there is at least one prominent example of them complying with an investigation and handing over user metadata which was used to corroborate identity with apple (the most famous piece of information was an iCloud email address used as protons recovery vector lol).
Just be careful what you give them.
Oh this guy watches all sorts of porn. Captain, O don't think we've seen this position before. Come! Come! Quick!
Yes! I'm here, I came quick. What is it? What's the new position?
It's difficult to explain, you must watch. We'll need two chairs a spoon, three bananas, and at least two of your friends.
I found a YouTube link in your post. Here are links to the same video on alternative frontends that protect your privacy: