Starmer's Online Privacy Act came into force yesterday, driving many people to use VPN's - but who owns your VPN?Right, so Keir Starmer’s Labour government h...
Mullvad has open-sourced a lot of their infrastructure, and really it all checks out.
They’ve had multiple independent audits that show that their VPN infrastructure is indeed diskless (RAM only, no permanent storage), and they run what they say they do. Even if they wanted to store all of their logs for the police, it shouldn’t be practical for them to do so.
These auditors specifically are Radically Open Security out of Amsterdam, their website lists their team with names, pictures, and descriptions, I picked one at random and they had a realistic web presence.
There is no way to prove what they are actually running, other than audits. Anything a legit system could send, a malicious one could send too.
Bit concerned you’re asking questions that aren’t just answered by the webpage oscardejarjayes linked to, but by the link itself “completed-by-radically-open-security”.
I 100% get the skepticism, but VPNs inherently require trust on the other side, it’s literally impossible to actually “prove” it’s legit. But this is also true of any means whatsoever to connect to the internet. You cannot be truly anonymous online unless you rely on SOMEONE to obscure your identity for you.
Mullvad have done the best means of building up evidence, if ever got found out as lying, they’d immediately lose 90%+ of their customers.
And to be honest, allowing and actively encouraging customers to pay by cash would make them a pretty shit Fed honeypot, too.
Mullvad has open-sourced a lot of their infrastructure, and really it all checks out.
They’ve had multiple independent audits that show that their VPN infrastructure is indeed diskless (RAM only, no permanent storage), and they run what they say they do. Even if they wanted to store all of their logs for the police, it shouldn’t be practical for them to do so.
https://mullvad.net/en/blog/2023/8/9/infrastructure-audit-completed-by-radically-open-security
Other ran the audits how do you know that their running an implementation of what the open sourced? what are the orgs that run the audits?
These auditors specifically are Radically Open Security out of Amsterdam, their website lists their team with names, pictures, and descriptions, I picked one at random and they had a realistic web presence.
There is no way to prove what they are actually running, other than audits. Anything a legit system could send, a malicious one could send too.
Bit concerned you’re asking questions that aren’t just answered by the webpage oscardejarjayes linked to, but by the link itself “completed-by-radically-open-security”.
I 100% get the skepticism, but VPNs inherently require trust on the other side, it’s literally impossible to actually “prove” it’s legit. But this is also true of any means whatsoever to connect to the internet. You cannot be truly anonymous online unless you rely on SOMEONE to obscure your identity for you.
Mullvad have done the best means of building up evidence, if ever got found out as lying, they’d immediately lose 90%+ of their customers.
And to be honest, allowing and actively encouraging customers to pay by cash would make them a pretty shit Fed honeypot, too.
Bit concerned with your VPN evangelism steering people away from actually secure solutions like I2p