Mullvad VPN - Infrastructure audit completed by Radically Open Security
Mullvad VPN - Infrastructure audit completed by Radically Open Security
We tasked the Netherlands based security firm Radically Open Security (RoS) with performing the third audit towards our VPN infrastructure.
We invite you to read the final report of our third security audit, concluded in mid-June 2023, with many fixes deployed late June 2023. Further re-tests and a verification pass was performed during July.
- Radically Open Security found no information leakage or logging of customer data
- RoS discovered 1 High, 6 Elevated, 4 Moderate, 10 Low and 4 info-severity issues during this penetration test.
You're viewing a single thread.
Forgot one point
- got in trouble for not offering port forwarding anymore
Yeah I had to move to another provider over this. It's sad, I like their policies and services, but it's a deal breaker.
why do you need to port forward over vpn?
You can reach more leechers when sending a torrent if you port forward your torrent client. It was awesome.
I've used it to open a local port on my laptop publicly without needing to make any changes to the local network I was on. It can be useful for opening your laptop's ssh port or to host an http server to send someone a big file you don't want to pay to upload somewhere.
One other common use is 🏴☠️ which I suspect is why they disabled the service :/
Getting in trouble? It's more like:
- Server providers threatening to terminate business with Mullvad because some of its users used port forwarding to host contents that meant legal trouble.
- Mullvad chose to terminate support for port forwarding in a transparent way and gave clear dates to prepare. This was done instead of selling off their users or collaborating with whatever legal threats they were facing.
I don't like it, but at least I understand their business decision. Even if I took my business elsewhere, they have a solid point on transparency.
Agreed, but getting in trouble sounds funnier