We invite you to read the final report of our third security audit, concluded in mid-June 2023, with many fixes deployed late June 2023. Further re-tests and a verification pass was performed during July.

  • Radically Open Security found no information leakage or logging of customer data
  • RoS discovered 1 High, 6 Elevated, 4 Moderate, 10 Low and 4 info-severity issues during this penetration test.
    • Kata1yst@kbin.social
      link
      fedilink
      arrow-up
      9
      ·
      1 year ago

      Yeah I had to move to another provider over this. It’s sad, I like their policies and services, but it’s a deal breaker.

        • NullGator@lemmy.ca
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I’ve used it to open a local port on my laptop publicly without needing to make any changes to the local network I was on. It can be useful for opening your laptop’s ssh port or to host an http server to send someone a big file you don’t want to pay to upload somewhere.

          One other common use is 🏴‍☠️ which I suspect is why they disabled the service :/

    • rar@discuss.online
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Getting in trouble? It’s more like:

      • Server providers threatening to terminate business with Mullvad because some of its users used port forwarding to host contents that meant legal trouble.
      • Mullvad chose to terminate support for port forwarding in a transparent way and gave clear dates to prepare. This was done instead of selling off their users or collaborating with whatever legal threats they were facing.

      I don’t like it, but at least I understand their business decision. Even if I took my business elsewhere, they have a solid point on transparency.

  • Robboman93@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    ·
    1 year ago

    Mullvad is a great vpn, one of the best for sure. Unfortunately because they don’t support portforwarding the product is not a option for me anymore. I switched to airvpn and am satisfied with it.

    • Mkengine@feddit.de
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      I never really used a VPN, what is your usual use case and what exactly would I need port forwarding for?

      • Robboman93@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        I use it for downloading torrents without leaking my IP. If you can’t portforward you are limited to downloading torrents. You won’t be able to upload, or at the very least your upload speeds will be very slow. If your primary use case is torrents portforwarding is important. It allows you to open a port and be able to upload.

  • Empyreus@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    Cool to see. Does anyone have more context on these types of tests and how mullvad did?

    • Anemia@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      If you read the report there’s both context there and also on their site mullvad have commented on the found issues stating either reasons or what they are doing to fix it.

  • neutron@thelemmy.club
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    Happy customer for years.

    It’s a shame port forwarding is not supported anymore, but I’m thinking of other ways to supply the deficiency instead of switching providers.

      • neutron@thelemmy.club
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Having a VPS and routing all traffic between VPS and homeserver using wireguard. It’s often discussed in selfhosting communities where the admin is behind restrictive firewalls and policies (which means no port forwarding) or cannot afford to reveal their home ``IPs