- cross-posted to:
- technology@lemmy.ml
- technology@lemmy.world
- cross-posted to:
- technology@lemmy.ml
- technology@lemmy.world
Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!
Full article:
We have successfully completed our migration to RAM-only VPN infrastructure
20 September 2023 NEWS SYSTEM TRANSPARENCY
Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!
In early 2022 we announced the beginning of our migration to using diskless infrastructure with our bootloader known as “stboot”. Completing the transition to diskless infrastructure
Our VPN infrastructure has since been audited with this configuration twice (2023, 2022), and all future audits of our VPN servers will focus solely on RAM-only deployments.
All of our VPN servers continue to use our custom and extensively slimmed down Linux kernel, where we follow the mainline branch of kernel development. This has allowed us to pull in the latest version so that we can stay up to date with new features and performance improvements, as well as tune and completely remove unnecessary bloat in the kernel.
The result is that the operating system that we boot, prior to being deployed weighs in at just over 200MB. When servers are rebooted or provisioned for the first time, we can be safe in the knowledge that we get a freshly built kernel, no traces of any log files, and a fully patched OS.
It’s a good day to be a Mullvad user. Switched over from Surfshark a while ago, and I love it.
Is it noticeably faster than Surfshark for you?
You don’t use Mullvad for their performance, you use them for their insanely paranoid security and privacy practices.
And for the record, I was never impressed with Surfshark speeds. I dropped them when they bundled a virus scanner into their VPN client, that’s sketchy as hell. I don’t want my VPN provider scanning my files.
I haven’t noticed a difference but this company is significantly more trust worthy IMO
Funny thing is I started using Surfshark just before they started all the YouTube sponsorships. Them doing so many sponsorships actually made me trust them less somehow, if that makes sense.
Mullvad “appears” to be more trustworthy but maybe they are just better at marketing that image. They still cost twice as much as Surfshark.
The best piece of marketing Mullvad ever got was when the Swedish police raided them and Mullvad literally had zero data to turn over to them.
Why is their logo a Mole when Mullvad is The Goat
In case someone actually ponders this, Mullvad means mole in Swedish.
Mullvad is good, definitely my go-to VPN these days.
Wow, that is very impressive. I’ve been a subscriber for a few years and I couldn’t be happier with their service.
Except with the removal of port forwarding
I’ve been a subscriber for 5+ years and have zero issue with the loss of port forwarding. I use my devices for everything from gaming to torrenting, and haven’t run into something cause a problem that required me to use port forwarding on mullvad.
what has been an incredible source of frustration as a user of Mullvad tho is when websites block me or hit me with repeating captchas. I’ve also had a huge uptick of spam coming in from weird domains. Obviously not sure if thats mullvad-related, but sounds like the issue of “individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers”.
The removal of this feature seems to be a better of two difficult options.
Torrenting works better and faster with port forwarding.
dogs need about one ounce of water per pound of body weight per day
I find the “Mullvad VPN scratch cards” interesting. If a store near you has them you could buy one and be totally anonymous. What I find a bit odd is that you can buy them on amazon as well but sold directly by mullvad. Doesn’t that defeat the purpose? The idea of the card is a decoupling of your real identity from the vpn user but when you buy the card in their store doesn’t it negate that?
I am probably just missing something here. Does anyone have more insight?
The code on the card is covered so Amazon might know you use Mullvad but they have no way of knowing what your account is.
Mullvad know your acct but they have no way of knowing how it is you paid other than maybe it being a scratchcard which they don’t track anyway.
I am not talking about amazon knowing it. Amazon offers shops for businesses, where a business directly sells goods to their customers using amazon as a transaction platform. Those shops send the goods directly to their customers (Sometimes it comes from an amazon warehouse as well tho). If the first case is true, mullvad would send me the card directly, so they would know I bought it, which makes the card obsolete in my view.
But maybe they don’t send it themself and the cards are all just sitting in a big warehouse. Either way, to me it’s not 100% a given that they couldn’t at least in theory know who bought it.
I am just playing devils advocate here btw, I am not really concerned about it.
You are buying access to a VPN not a nuclear warhead for the black market. The link between buying a VPN card and the code used in that card to link to said vpn activity which is also pretty well protected on Mullvad is not easily discoverable. Seems like a pretty reasonable privacy gap to me.
Doesnt Matter, if the police wants the data, they come with Auto Batteries and an usp and make User of the multiple Power supplies of modern servers.
They will carry the whole rack in one piece if they can.
And if they don’t have anything recent in persistent RAM storage…?
Interesting what’s going happening with mullvad. For the best part of 10’years, you hear nothing.
Does anyone know why they are recently noisy?
You are incorrect. Look through their blog archive (scroll to the bottom): https://mullvad.net/en/blog/
They’ve been posting steadily for over a decade, maybe the posts just got more popular this year on whatever sites you browse
Going by rate of blog posts by year they don’t seem any noisier than usual. The opposite if anything. 18 this year and there’s only 3 and a bit months left of the year whereas in 2018 they made 60.
Of only they’d kept port forwarding.
Didn’t really have a choice:
…Regrettably individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers. This has led to law enforcement contacting us, our IPs getting blacklisted, and hosting providers cancelling us.
Big issue there is hosting providers cancelling them. Can’t operate a business without that.