Customer data not compromised
...according to Mullvad. Plus, the cops aren't going to admit what data they might have stolen, since the cops decide what data to present as evidence to courts -- assuming their investigation leads to any trial at all.
You might see my position as paranoid, but it's not. Mullvad is a trusted third-party. Mullvad's customers's data (in the form of traffic) goes through Mullvad's servers. Mullvad customers can only trust Mullvad to be (a) benevolent and (b) smart enough to prevent compromise of their servers (e.g. by the NSA, CIA, etc) -- two characteristics that are neither provable nor permanent.
I am not saying that what you say couldn't be true. But what solution do you propose? Or is your intention to imply that 'we are all fucked' and that there is nothing we can do to avoid surveillance?
I propose that people stop sending money to trusted third-parties and instead send that money to a project (e.g. through Open Sats or EFF) to build something better than Tor. A better-than-Tor is entirely possible, so we are not permanently fucked. But until a better-than-Tor is built, we are all currently fucked, for two reasons:
  • Tor can't properly protect against a global survaillance program (i.e. Five Eyes), but Tor does provide protection against national surveillance programs (e.g. the Great Firewall of China).
  • VPNs can't even protect against national surveillance programs, since nation-states can easily go to the VPN's ISP and grab all the traffic in/out of the VPN's servers.
The folks at the Tor Foundation are probably knowledgeable enough to build a better-than-Tor, but their resources are focused on keeping Tor working. That's why I propose another project to solve the global-surveillance problem.
But I don't know what that project would look like, since so few people seem to even be aware of this problem. And why would anyone care to investigate this problem when every YouTuber promotes VPNs that say they protect against Big Brother surveillance (despite the fact that they don't and can't).
Thanks for your thorough reply.
Let's not forget also that fiat money explains why they can fund all these humongous surveillance systems in the first place.
I see Mullvad as one of the most decent VPNs. But I agree with you that they could and they might be compromised.
There are a number of better than tor projects out there. I by no means know all of them... But I know session messenger uses a tor+, I also know of i2p, xx labs were also working on new anonymized internet, and heck I've heard of at least two other tor-like crypto projects out there.
Like everything else, these projects are being developed and worked on now so none are perfect, but those people are at least working on something, right?
Sure but in the meantime a handful of most-trustworthy VPNs along with Tor usage is the best we have, and that does not mean we could fund other projects.
Thoughts on and its SPN?
@theindranetworkprotocol is also working on something promising.
What would the incentive to be malevolent? Being paid off by the spies?
It also helps to use Tor over VPN, change VPN providers every now and then, avoid g**gle and social media crap, use privacy redirects.