253

We invite you to read the final report of our third security audit, concluded in mid-June 2023, with many fixes deployed late June 2023. Further re-tests and a verification pass was performed during July.

  • Radically Open Security found no information leakage or logging of customer data
  • RoS discovered 1 High, 6 Elevated, 4 Moderate, 10 Low and 4 info-severity issues during this penetration test.
top 19 comments
sorted by: hot top controversial new old
[-] regulatorg@kbin.social 38 points 1 year ago

Forgot one point

  • got in trouble for not offering port forwarding anymore
[-] Kata1yst@kbin.social 10 points 1 year ago

Yeah I had to move to another provider over this. It's sad, I like their policies and services, but it's a deal breaker.

[-] Kekzkrieger@feddit.de 4 points 1 year ago

why do you need to port forward over vpn?

[-] DavyJones@lemmy.dbzer0.com 5 points 1 year ago

You can reach more leechers when sending a torrent if you port forward your torrent client. It was awesome.

[-] NullGator@lemmy.ca 1 points 1 year ago

I've used it to open a local port on my laptop publicly without needing to make any changes to the local network I was on. It can be useful for opening your laptop's ssh port or to host an http server to send someone a big file you don't want to pay to upload somewhere.

One other common use is 🏴‍☠️ which I suspect is why they disabled the service :/

[-] rar@discuss.online 3 points 1 year ago

Getting in trouble? It's more like:

  • Server providers threatening to terminate business with Mullvad because some of its users used port forwarding to host contents that meant legal trouble.
  • Mullvad chose to terminate support for port forwarding in a transparent way and gave clear dates to prepare. This was done instead of selling off their users or collaborating with whatever legal threats they were facing.

I don't like it, but at least I understand their business decision. Even if I took my business elsewhere, they have a solid point on transparency.

[-] regulatorg@kbin.social 1 points 1 year ago

Agreed, but getting in trouble sounds funnier

[-] Robboman93@lemmy.world 15 points 1 year ago

Mullvad is a great vpn, one of the best for sure. Unfortunately because they don't support portforwarding the product is not a option for me anymore. I switched to airvpn and am satisfied with it.

[-] Mkengine@feddit.de 6 points 1 year ago

I never really used a VPN, what is your usual use case and what exactly would I need port forwarding for?

[-] Robboman93@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

I use it for downloading torrents without leaking my IP. If you can't portforward you are limited to downloading torrents. You won't be able to upload, or at the very least your upload speeds will be very slow. If your primary use case is torrents portforwarding is important. It allows you to open a port and be able to upload.

[-] Mousepad@burggit.moe 2 points 1 year ago

Usual use case is just privacy or sometimes getting around region-locked content. I personally have very sadly switched away from Mullvad as well due to the lack of port-forwarding. My ISP does not allow it and I use it to play certain games with friends (I do not want to pay to host a server to do something once a week).

[-] JadElClemens@burggit.moe 1 points 1 year ago

Same, I really liked Mullvad and wasn't even with them long. But it is what it is.

[-] Scrof@sopuli.xyz 13 points 1 year ago
[-] neutron@thelemmy.club 10 points 1 year ago

Happy customer for years.

It's a shame port forwarding is not supported anymore, but I'm thinking of other ways to supply the deficiency instead of switching providers.

[-] chickenpotpie@lemmy.one 6 points 1 year ago

What other ways are you referring to, if I may ask?

[-] neutron@thelemmy.club 2 points 1 year ago

Having a VPS and routing all traffic between VPS and homeserver using wireguard. It's often discussed in selfhosting communities where the admin is behind restrictive firewalls and policies (which means no port forwarding) or cannot afford to reveal their home ``IPs

[-] Empyreus@lemmy.world 10 points 1 year ago

Cool to see. Does anyone have more context on these types of tests and how mullvad did?

[-] Anemia@lemmy.world 7 points 1 year ago

If you read the report there's both context there and also on their site mullvad have commented on the found issues stating either reasons or what they are doing to fix it.

[-] Privacy@monero.town 7 points 1 year ago

Keep it up, guys. Mullvad is since years my go to VPN.

load more comments
view more: next ›
this post was submitted on 09 Aug 2023
253 points (100.0% liked)

Privacy Guides

16263 readers
4 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS