Mullvad VPN - Infrastructure audit completed by Radically Open Security - eviltoast

We invite you to read the final report of our third security audit, concluded in mid-June 2023, with many fixes deployed late June 2023. Further re-tests and a verification pass was performed during July.

  • Radically Open Security found no information leakage or logging of customer data
  • RoS discovered 1 High, 6 Elevated, 4 Moderate, 10 Low and 4 info-severity issues during this penetration test.
  • rar@discuss.online
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Getting in trouble? It’s more like:

    • Server providers threatening to terminate business with Mullvad because some of its users used port forwarding to host contents that meant legal trouble.
    • Mullvad chose to terminate support for port forwarding in a transparent way and gave clear dates to prepare. This was done instead of selling off their users or collaborating with whatever legal threats they were facing.

    I don’t like it, but at least I understand their business decision. Even if I took my business elsewhere, they have a solid point on transparency.