Mullvad VPN - Infrastructure audit completed by Radically Open Security - eviltoast

We invite you to read the final report of our third security audit, concluded in mid-June 2023, with many fixes deployed late June 2023. Further re-tests and a verification pass was performed during July.

  • Radically Open Security found no information leakage or logging of customer data
  • RoS discovered 1 High, 6 Elevated, 4 Moderate, 10 Low and 4 info-severity issues during this penetration test.
    • Kata1yst@kbin.social
      link
      fedilink
      arrow-up
      10
      ·
      1 year ago

      Yeah I had to move to another provider over this. It’s sad, I like their policies and services, but it’s a deal breaker.

        • NullGator@lemmy.ca
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I’ve used it to open a local port on my laptop publicly without needing to make any changes to the local network I was on. It can be useful for opening your laptop’s ssh port or to host an http server to send someone a big file you don’t want to pay to upload somewhere.

          One other common use is 🏴‍☠️ which I suspect is why they disabled the service :/

    • rar@discuss.online
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Getting in trouble? It’s more like:

      • Server providers threatening to terminate business with Mullvad because some of its users used port forwarding to host contents that meant legal trouble.
      • Mullvad chose to terminate support for port forwarding in a transparent way and gave clear dates to prepare. This was done instead of selling off their users or collaborating with whatever legal threats they were facing.

      I don’t like it, but at least I understand their business decision. Even if I took my business elsewhere, they have a solid point on transparency.