Step up your privacy game with encrypted email (not just for techies)

Mullvad

As a kid, did you also assign each letter of the alphabet to another and write secret messages to your friends, perhaps even invisibly with lemon juice?

Caesar or Atbash cipher is a great start, but it isn’t very secure, online. Making the leap to communicating with encrypted emails isn’t very difficult, and it’s a great way to improve your online privacy game.

Full article

Making ourselves more instantly available in central Europe

Mullvad

Hallo Deutschland, Österreich, Nederland en België! Coucou la Belgique ! Witaj Polsko! Announcing Mullvad’s biggest payment method expansion ever: now you can top up your account with either giropay, EPS, iDEAL, Bancontact or Przelewy24.

With our ambition to be easy to use and after payment suggestions from customers (thank you!), we happily announce the addition of five European payment methods.

We reserve ourselves from any bugs and welcome you to send feedback to support@mullvad.net. Please save your cryptocurrency payment requests for another time; we are doing our best to investigate potential additions to that payment section as well.

Full article

Unfortunate port shortage

Mullvad

That’s it. We are officially out of ports. We knew this day would come; that 16 bits of memory in the TCP packet simply wouldn’t be enough to provide port forwarding for everyone.

That’s why, from now on, it will no longer be possible to request a port that will forward inbound traffic through whichever server you are connected to. However, we didn’t want to abandon this feature entirely, so we came up with a compromise: Allocate ports on a per-city basis. This means that in order to request a port, you have to select a city and as long as you are connected to a server within that city, inbound traffic to that port will be forwarded as usual.

If you currently have port forwarding set up with “global” ports assigned to your account, they will keep working on all servers for the time being. They will eventually have to be reclaimed however and we will give you a heads up before that happens but to guarantee a stable service, we recommend that you replace your current ports with city-specific ports at earliest convenience.

Full article

Why we don’t have servers everywhere

Mullvad

Whenever you or our other dear customers reach out asking if we could please, please, pleeeease, set up a server in your country, those pleas do not go unnoticed.

As with most choices in life, there are always upsides and downsides, and choosing where to put servers is no exception.

Since we’re a company built on the trust of our customers (we’re a VPN provider, in case you randomly stumbled upon this article), we need to trust everything along the VPN supply chain, including the hosting providers of our servers.

If we could wave a wand and have servers magically appear wherever they’re needed, we would! But in reality, we have to take many factors into consideration: network performance of the location in question, cost of the server, and if the provider has IPv6 or allows peer-to-peer networking are just a few. Many hosting providers don’t even want to deal with VPN providers for fear of network abuse or DMCA requests.

Full article

No PII or privacy leaks found in Cure53’s Infrastructure audit

Mullvad

We invite you to read the final report of the first security-focused audit on Mullvad’s infrastructure, completed in December 2020.

As Mullvad exists to protect users and their data, we are rather happy with independent auditor Cure53’s statement, “The security awareness and overall security posture should be regarded as rather good, as expected Cure53 were not able to discover any Personally-Identifiable-Information attached to Mullvad’s end-users.”

The audit report is available on Cure53’s website.

Full article

Three signals of a more privacy-friendly messaging app

Mullvad

Does your messaging app truly respect your privacy? Here are a few simple questions to ask to get a helpful answer. Plus, we tell you which messaging tool sends us all the right signals.

When a friend visits your home, you probably take for granted that your conversations are private. And the idea of someone keeping track of when you come and go, who visits, and how long they stay is something only found in a gripping thriller, right?

Now that most of our interactions have gone online, how do you know that your digital communications and encompassing habits are also private? Here are few ways to tell if a messaging app is privacy-friendly.

Full article

Linux issues resolved in latest desktop release (2020.7)

Mullvad

The newest version of the Mullvad VPN app for desktop fixes a number of bugs experienced by Linux users.

What’s new

This release is also available for Windows and macOS but it only contains bug fixes for Linux.

Download the app

Download the Mullvad VPN app. If needed, we’ve got help guides for installation and usage.

Know of someone unable to access our website? Point them to Mullvad’s onion address on Tor or to Mullvad on GitHub.

Full article

Big no on Big Sur: Mullvad disallows Apple apps to bypass firewall

Mullvad

Despite Apple’s changes to macOS with the release of Big Sur, we can confirm that the Mullvad app still performs as intended by not allowing Apple’s own apps to bypass our VPN firewall.

Starting in Big Sur, the latest version of macOS released 12 November 2020, Apple excludes its own apps from the content filter provider APIs. As a result, any network monitoring and security software using these APIs is unable to detect and block traffic from Apple apps.

Mullvad does not use content filter provider APIs to secure the device. Instead, we use the Packet Filter (PF) firewall which is built into macOS. This is a packet firewall, not an application firewall, which means that it does not exclude packets from any apps, including Apple’s own apps.

In other words, our usage of the PF firewall does not allow Apple apps to leak when Mullvad VPN is blocking the Internet. We have verified this by observing the network traffic from outside of the Apple machine.

Full article