Why am i not surprised. Its really amazing how the world has changed. Western Democracies have become evil in my opinion.

Customer data not compromised

...according to Mullvad. Plus, the cops aren't going to admit what data they might have stolen, since the cops decide what data to present as evidence to courts -- assuming their investigation leads to any trial at all.

You might see my position as paranoid, but it's not. Mullvad is a trusted third-party. Mullvad's customers's data (in the form of traffic) goes through Mullvad's servers. Mullvad customers can only trust Mullvad to be (a) benevolent and (b) smart enough to prevent compromise of their servers (e.g. by the NSA, CIA, etc) -- two characteristics that are neither provable nor permanent.

68 sats \ 4 replies \ @clr 20 Apr

I am not saying that what you say couldn't be true. But what solution do you propose? Or is your intention to imply that 'we are all fucked' and that there is nothing we can do to avoid surveillance?

I propose that people stop sending money to trusted third-parties and instead send that money to a project (e.g. through Open Sats or EFF) to build something better than Tor. A better-than-Tor is entirely possible, so we are not permanently fucked. But until a better-than-Tor is built, we are all currently fucked, for two reasons:

  • Tor can't properly protect against a global survaillance program (i.e. Five Eyes), but Tor does provide protection against national surveillance programs (e.g. the Great Firewall of China).
  • VPNs can't even protect against national surveillance programs, since nation-states can easily go to the VPN's ISP and grab all the traffic in/out of the VPN's servers.

The folks at the Tor Foundation are probably knowledgeable enough to build a better-than-Tor, but their resources are focused on keeping Tor working. That's why I propose another project to solve the global-surveillance problem.

But I don't know what that project would look like, since so few people seem to even be aware of this problem. And why would anyone care to investigate this problem when every YouTuber promotes VPNs that say they protect against Big Brother surveillance (despite the fact that they don't and can't).

231 sats \ 0 replies \ @clr 20 Apr

Thanks for your thorough reply.

Let's not forget also that fiat money explains why they can fund all these humongous surveillance systems in the first place.

I see Mullvad as one of the most decent VPNs. But I agree with you that they could and they might be compromised.

There are a number of better than tor projects out there. I by no means know all of them... But I know session messenger uses a tor+, I also know of i2p, xx labs were also working on new anonymized internet, and heck I've heard of at least two other tor-like crypto projects out there.

Like everything else, these projects are being developed and worked on now so none are perfect, but those people are at least working on something, right?

Sure but in the meantime a handful of most-trustworthy VPNs along with Tor usage is the best we have, and that does not mean we could fund other projects.

Thoughts on https://safing.io/ and its SPN?

@theindranetworkprotocol is also working on something promising.

What would the incentive to be malevolent? Being paid off by the spies?

It also helps to use Tor over VPN, change VPN providers every now and then, avoid g**gle and social media crap, use privacy redirects.

Good service.

Glad I refer people to this VPN and not one that collects user data.

It is important to remember that Mullvad NEVER ASKS for personal information.

  • You don't even need to create an account
  • You can pay up with BTC/XMR

Even if they get the servers there's no information going back to you.

You have an account number, that account number is associated with your IP + traffic logs (which may or may not exist, but likely do exist in some form let's be honest), those logs are a fingerprint to your identity.

Better to be realistic about it.

Sure. But it's still pretty great opsec if you are operating from a cafe, public-wifi or from a Tails laptop running the Mullvad browser.

deleted by author

This could be bad. The authorities showing this kind of interest probably means that since they can't get what they want this way, they'll try to ban VPN services. I live in Sweden, where Mullvad is based, and just months ago, a law was put in place that mandates registering prepaid SIM cards. Also, usually what happens if the Swedish government can't get a law they want in place in Sweden, they take it to the EU and try to inflict it on the entire union...

I wonder if Mullvad has a plan if either of that happens, such as moving abroad.

The open source is what made the third party compromise