83
Are Your VPNs Protecting You—or Handing Your Data to Israel?
(www.youtube.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 26 Jul 2025
83 points (100.0% liked)
technology
23890 readers
383 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 5 years ago
MODERATORS
Mullvad
Proton VPN if you are torrenting, since Mullvad closed off port forwarding... :/
Is there any good reason for them to disable port forwarding?
Interpol went around and got everyone to blacklist their exit nodes because mullvad wouldn’t cooperate with their investigation into malware and csam using forwarded ports. A few years ago browsing with mullvad got real tough because of that. They decided to pull port forwarding rather than only be useful for running p2p malware and csam behind and everything’s back to normal except now you gotta use air or proton or something to do port forwarding.
Why can Proton do it then tho? /gen
Because proton users don’t just get the vpn, they get some kind of bundle that has a bunch of metadata which can be given up under investigation. So when interpol comes sniffing around with warrants proton can say “here’s all we have” and it’s actually something they can use instead of mullvads “here’s all we have” that’s actually nothing.
And there wasn’t a malware/csam investigation at a dead end involving proton.
The police didn’t go around to a bunch of cdns with papers to try to compel them to blacklist mullvad servers because they hate port forwarding, a dastardly computer psuedocrime only useful for disseminating malware and csam, they got cdns to blacklist mullvad in an effort to flush out nontechnical poi to their investigation. My understanding is that it worked.
People were using it to host CSAM and more relevantly to their decision to also run malware C&C servers behind it.
why do people trust this one more? is there any proof more they delete their logs than the others?
Mullvad has open-sourced a lot of their infrastructure, and really it all checks out.
They've had multiple independent audits that show that their VPN infrastructure is indeed diskless (RAM only, no permanent storage), and they run what they say they do. Even if they wanted to store all of their logs for the police, it shouldn't be practical for them to do so.
https://mullvad.net/en/blog/2023/8/9/infrastructure-audit-completed-by-radically-open-security
Other ran the audits how do you know that their running an implementation of what the open sourced? what are the orgs that run the audits?
Bit concerned you're asking questions that aren't just answered by the webpage oscardejarjayes linked to, but by the link itself "completed-by-radically-open-security".
I 100% get the skepticism, but VPNs inherently require trust on the other side, it's literally impossible to actually "prove" it's legit. But this is also true of any means whatsoever to connect to the internet. You cannot be truly anonymous online unless you rely on SOMEONE to obscure your identity for you.
Mullvad have done the best means of building up evidence, if ever got found out as lying, they'd immediately lose 90%+ of their customers.
And to be honest, allowing and actively encouraging customers to pay by cash would make them a pretty shit Fed honeypot, too.
Bit concerned with your VPN evangelism steering people away from actually secure solutions like I2p
These auditors specifically are Radically Open Security out of Amsterdam, their website lists their team with names, pictures, and descriptions, I picked one at random and they had a realistic web presence.
There is no way to prove what they are actually running, other than audits. Anything a legit system could send, a malicious one could send too.
As another poster mentioned, after a raid the police had nothing.
I have an acquaintance that works there also and my impression is that they are very serious about the task at hand. Hence why there are no user names, no subscriptions and the option to pay with crypto or even mailing cash in an envelope - apparently quite a few people do this, some using newspaper clippings for the user ID.
Only thing I hear about them is that they got raided and police walked away empty handed since they genuinely had nothing, but I’d love to hear more what else specifically makes this provider more trustworthy tbh
The source for the lack of evidence retrieved being the police themselves?
tinfoil hat on but great way to set up a honeypot