I know multiple people who worked / working at Mullvad and they take their business, security and privacy _very_ seriously. Not surprised to see them shine here.
I'm a bit curious about how that works. I love Mullvad but routinely I find sites like Reddit completely block it. Even yesterday someone posted a Debian wiki link[0] and I was blocked. It's not all of them but Reddit is a big killer. So I thought China would block all of them (aren't they known?)
Use the Tor Onion Service [1] for Reddit instead. You never leave Tor so you don't have to deal with the usual exit node problems. No need for a commercial VPN.
Reddit blocks basically everything - since the 2023 API meltdown it's gone full 1984 censorship and opinion manipulation mode. There are two target audiences for Reddit: propagandists (who are given moderator status, even in subreddits they didn't create) and targets of propaganda (only if Reddit can verify their physical location). You're not in the first group and you don't want to be in the second.
The Tor service does not work. It's been unmaintained for years.
I've found the "visit anonymously" functionality offered by Startpage gets around the problem in a pinch. It tends to break the site you're visiting a little, but masks your IP, allowing you access without shutting down your VPN.
I'd also like to ask people not to block this way. It creates LOTS of false positives. There's much better ways to handle bots and this tactic seems particularly dumb for Reddit given they want users from places like China or elsewhere where a VPN might be required. Not to mention people using public WiFi. It's not like VPNs are uncommon these days.
If you must ban IPa then do so with a timeout and easing function. So that each hit results in a longer ban time. Bots want to move fast so even a few seconds ban time will make them switch IPs while not impacting most users (who will refresh)
Any proof or articles you could link to backup that claim seems unlikely given their size/reputation also would be surprised they’d get blocked this often using botnet traffic
There's a corollary to that question: why would China choose not to block Mullvad? We know every large nation with a capable online force maintains a fleet of ORBs, so maybe they consider Mullvad more useful for them as a functioning system?
Some of their own contractors may well depend on Mullvad. Perhaps as long as the overall "civilian" volume and user count remains acceptably low, the cost-benefit estimate may well be in favour of letting it slip by. (And for the civilians that do use a working variant, subject their connections to fine-grained traffic analysis.)
When they wrote that 3 providers were honest about all locations I have to admit my first thought was "Mullvad, and who would the other two be?"
With their reputation and trackrecord they really can't do any shady tricks. Imagine if they weren't among the 3 honest providers? That would be HN frontpage news.
While I pay for Mullvad directly through my bank, their account number approach built a lot of trust for me. "Here's your number, use whatever to fund it. 5 euro a month, no sales."
At risk of sounding sale pitch'y. Mullvad is the only VPN the longer I use the more I like it. I've tried MANY competitors first and all the other ones so far seem to only get worse over time.
I love that I can pay directly with a crypto wallet and have true anonymity.
I do really wish they still provided port forwarding, I understand why they don't but that was really useful and the only competitors that seem to don't exactly seem trustworthy to me.
That depends how you obtained the crypto in the first place.
In any case, its certainly better than visa, but if you dont trust your vpn provider the real issue is they have your IP address and at best just a pinky-promise they dont log.
I went in on Monero (which Mullvad accepts for now...)the only early crypto that had a viable usage plan from the beginning. That was of course before I realized that crypto would of course just be turned into a massive scam wheelhouse and any coin with real utility value to challenge fiat currency would of course be regulated against. (not salt its still worth a lot)
I am aware most crypto is not anon without extra effort.
Has anyone else from Europe noticed how Mullvad's speeds and latency have becoming worse and worse during peak times in the recent months? I now have to change servers regularly, which was never the case ~2 years ago.
> Mullvad ... security and privacy _very_ seriously. Not surprised to see them shine here.
? TFA reflects on dishonest marketing on part of public VPN providers more than privacy / security.
That said, VPNs don't add much security, though, they are useful for geo unblocking content and (at some level) anti-censorship. In my experience, the mainstream public VPNs don't really match up to dedicated censorship-resistant networks run by Psiphon, Lantern, Tor (and possibly others).
Advertising a VPN endpoint in country A which in reality is in country B is a security concern for users trying to reduce their visibility to country B’s authorities. You’re right about the more fit to purpose tools, of course, but they’re more of an impediment to normal internet usage.
> Advertising a VPN endpoint in country A which in reality is in country B is a security concern for users trying to reduce their visibility to country B’s authorities.
Mullvad in their Terms of Service say they'll abide by Swedish and EU laws. This, among other things, means a VPN is in no way going to save your bacon from "authorities".
