Mullvad has open-sourced a lot of their infrastructure, and really it all checks out.
They’ve had multiple independent audits that show that their VPN infrastructure is indeed diskless (RAM only, no permanent storage), and they run what they say they do. Even if they wanted to store all of their logs for the police, it shouldn’t be practical for them to do so.
These auditors specifically are Radically Open Security out of Amsterdam, their website lists their team with names, pictures, and descriptions, I picked one at random and they had a realistic web presence.
There is no way to prove what they are actually running, other than audits. Anything a legit system could send, a malicious one could send too.
Bit concerned you’re asking questions that aren’t just answered by the webpage oscardejarjayes linked to, but by the link itself “completed-by-radically-open-security”.
I 100% get the skepticism, but VPNs inherently require trust on the other side, it’s literally impossible to actually “prove” it’s legit. But this is also true of any means whatsoever to connect to the internet. You cannot be truly anonymous online unless you rely on SOMEONE to obscure your identity for you.
Mullvad have done the best means of building up evidence, if ever got found out as lying, they’d immediately lose 90%+ of their customers.
And to be honest, allowing and actively encouraging customers to pay by cash would make them a pretty shit Fed honeypot, too.
Only thing I hear about them is that they got raided and police walked away empty handed since they genuinely had nothing, but I’d love to hear more what else specifically makes this provider more trustworthy tbh
As another poster mentioned, after a raid the police had nothing.
I have an acquaintance that works there also and my impression is that they are very serious about the task at hand. Hence why there are no user names, no subscriptions and the option to pay with crypto or even mailing cash in an envelope - apparently quite a few people do this, some using newspaper clippings for the user ID.
why do people trust this one more? is there any proof more they delete their logs than the others?
Mullvad has open-sourced a lot of their infrastructure, and really it all checks out.
They’ve had multiple independent audits that show that their VPN infrastructure is indeed diskless (RAM only, no permanent storage), and they run what they say they do. Even if they wanted to store all of their logs for the police, it shouldn’t be practical for them to do so.
https://mullvad.net/en/blog/2023/8/9/infrastructure-audit-completed-by-radically-open-security
Other ran the audits how do you know that their running an implementation of what the open sourced? what are the orgs that run the audits?
These auditors specifically are Radically Open Security out of Amsterdam, their website lists their team with names, pictures, and descriptions, I picked one at random and they had a realistic web presence.
There is no way to prove what they are actually running, other than audits. Anything a legit system could send, a malicious one could send too.
Bit concerned you’re asking questions that aren’t just answered by the webpage oscardejarjayes linked to, but by the link itself “completed-by-radically-open-security”.
I 100% get the skepticism, but VPNs inherently require trust on the other side, it’s literally impossible to actually “prove” it’s legit. But this is also true of any means whatsoever to connect to the internet. You cannot be truly anonymous online unless you rely on SOMEONE to obscure your identity for you.
Mullvad have done the best means of building up evidence, if ever got found out as lying, they’d immediately lose 90%+ of their customers.
And to be honest, allowing and actively encouraging customers to pay by cash would make them a pretty shit Fed honeypot, too.
Bit concerned with your VPN evangelism steering people away from actually secure solutions like I2p
Only thing I hear about them is that they got raided and police walked away empty handed since they genuinely had nothing, but I’d love to hear more what else specifically makes this provider more trustworthy tbh
The source for the lack of evidence retrieved being the police themselves?
tinfoil hat on but great way to set up a honeypot
As another poster mentioned, after a raid the police had nothing.
I have an acquaintance that works there also and my impression is that they are very serious about the task at hand. Hence why there are no user names, no subscriptions and the option to pay with crypto or even mailing cash in an envelope - apparently quite a few people do this, some using newspaper clippings for the user ID.