Infrastructure audit completed by Radically Open Security - Blog | Mullvad VPN
mullvad.net
We tasked the Netherlands based security firm Radically Open Security (RoS) with performing the third audit towards our VPN infrastructure.

We invite you to read the final report of our third security audit, concluded in mid-June 2023, with many fixes deployed late June 2023. Further re-tests and a verification pass was performed during July.

  • Radically Open Security found no information leakage or logging of customer data
  • RoS discovered 1 High, 6 Elevated, 4 Moderate, 10 Low and 4 info-severity issues during this penetration test.
    • Kata1yst@kbin.social
      10·
      11 months ago

      Yeah I had to move to another provider over this. It’s sad, I like their policies and services, but it’s a deal breaker.

        • NullGator@lemmy.caEnglish
          1·
          11 months ago

          I’ve used it to open a local port on my laptop publicly without needing to make any changes to the local network I was on. It can be useful for opening your laptop’s ssh port or to host an http server to send someone a big file you don’t want to pay to upload somewhere.

          One other common use is 🏴‍☠️ which I suspect is why they disabled the service :/

    • rar@discuss.onlineEnglish
      3·
      11 months ago

      Getting in trouble? It’s more like:

      • Server providers threatening to terminate business with Mullvad because some of its users used port forwarding to host contents that meant legal trouble.
      • Mullvad chose to terminate support for port forwarding in a transparent way and gave clear dates to prepare. This was done instead of selling off their users or collaborating with whatever legal threats they were facing.

      I don’t like it, but at least I understand their business decision. Even if I took my business elsewhere, they have a solid point on transparency.