452 comments

[ 3.2 ms ] story [ 274 ms ] thread
Very interesting. Mullvad seems to be the most extreme and reputable VPN service out there when it comes to privacy. At least it seems that way.
A VPN will hide you from your ISP, but that's about it, isn't it? Does a VPN really provide that much real privacy?
I mean a properly configured VPN can do a lot more Then hide you from your ISP
Like what? Now you’re just using their ISP.
Some of us have really crappy ISPs (that also happen to be monopolists) that do things like HTTPS MITM (when they try to force you to install their root CA certificate and HTTPS simply doesn't work unless you do it), block DNS requests unless you use their DNS servers, or store all your traffic (this is being done in Russia, but it's close enough). I very much prefer to cover the precise details of my communications from my ISP and 'outsource' that stuff to Europe.
I hope you go for a spying incompetent country in Europe :). Especially one which is not partnered with the US .. like the UK and others.
(comment deleted)
Most allow you to chose where the VPN exit is located, so you can have traffic originating in another country.
This is a nice feature and paying for it is a perfectly sane thing to do if you need the utility. It's not exactly privacy, though.
It also stops sites you visit from seeing your real IP.
Sure but with fingerprinting that's only a minor nuisance to most advertisers and sites who are tracking you.
But the cast majority of users will not care about fingerprinting by surveillance industry but about illegally Dow loading stuff. And there, VPNs are quite comfy.
The newest version of Firefox goes a long way to prevent this with Total Cookie Protection[0]. You’re basically left with fingerprinting as all cookies are site specific - even third party cookies. Combine that with with a DNS that does cname uncloaking like NextDNS and noscript and you’re about as good as you can get without extreme measures.

[0]: https://blog.mozilla.org/en/products/firefox/firefox-rolls-o...

I use Tor for that... it's a bit like a free VPN
Well, yes and no. For most people, they're over-rated. You don't even need a VPN to securely pay your credit card bill on public Wi-Fi.

However, there are two cases where they are useful: - IP address hiding (something like iCloud Private Relay for iOS/Mac users does this at the browser level, VPN brings it to the entire system) - Legal protections - Location simulation

If you want to hide your IP address, this could be to stay more anonymous and less trackable, any system that relays your connection is fine.

If you want to break the law, you'll need something that has safeguards in place against that. Most VPNs do the most they can within the legal limits here.

If you want to simulate your location, you'll need a VPN with servers in those locations.

---

So really, it just depends on what "real privacy" means to you.

You forgot the most important use case, unless you're talking about Europeans and USians only. I use a VPN simply because half the internet doesn't work without it (some guy in a suit decided what you can and cannot read, and there's nothing you can do about it).

Free tiers provided by various "cloud" services work fine for this one (Oracle is the most generous among them).

"If you want to simulate your location, you'll need a VPN with servers in those locations."

While I did omit that justification, it is still just simulating location.

> unless you're talking about Europeans and USians only

Nah. As Europeans we're getting more and more censorship. Just think that most Russian news outlets have been blocked, youtube channels and so on. Plus until recently I couldn't read a good chunk of US news due to them refusing to adapt to GDPR.

Hiding your activity from your ISP is a Huge Deal in the USA. Can't speak to other countries though.
and let me access sites blocked by my country/ISP!
We've had numerous cases of ISPs spying on the domains that you are using and throttling your network usage according to that activity at least in the United States, so a VPN goes a long way towards ameliorating this particular issue.
"That's about it" corresponds to large swathes of the Internet for some of us living in parts of the world with arbitrarily censored and restricted Internet access.
The few times where removing ‘features’ (re: privacy holes) is good news
Great benefit. I also recommend to find a reputable masked card service provider if you plan to use a credit/debit card. Autopay is just another way for banks and providers to circumvent overdraft protection legislation and hopefully new legislation will remove any "perks" that providers offer for autopay services.
I would love to know if there are any of these in the EU – US friends of mine have mentioned privacy.com but I am unaware of a similar service in the UK.
Privacy.com abides by KYC. So it's not very private.
No need, just send them cash in an envelope, which works just as well.

I wish more services supported this, but I understand it adds a lot of hassle for them as well.

How do they handle VAT via cash in an envelope? Do you need to provide a billing address?
Mullvad's advertised pricing already includes VAT is my understanding.
They still have to pay different VAT rates to the buyer's country, even if that is transparent to the customer.
Why would you need to provide a billing address?!? It's cash, and they don't generate bills anymore.
In the EU VAT for online products and services is based on the buyer's location not the seller's location. They need to know something about where the buying is to determine the VAT rate and where to send the collected VAT.

I don't know what the rules are for sellers that are inside the EU, but if they are at all like the rules for sellers outside the EU selling to buyers in the EU they are required to collect two pieces of evidence that support their determination of which country's VAT to collect.

Where I work we use the country the person claims they are in from the country drop down on our cart and what country MaxMind says their IP address is from. This works most of the time. If those don't match we look up the first 6 digits of their credit card to see what bank issued it and see what country that bank is in, and if that matches either their selected country or the IP country we go with that. If the bank is in a third country, we look at their email address and if that is at a service that is mostly just serving one of the three countries we go with that.

How would a company that accepts cash and keeps very minimal customer information deal with this?

Is there such a thing as a truly private “masked card service?” I’m genuinely curious because I use virtual cards supplied by my online bank, but I’m sure they retain records for each virtual card I use. Are there services that do not record this information?
Good question. I doubt any of them are truly private but I think it at least adds a layer of privacy and security from the service provider, but as with most things it probably won't protect you from a court order.
The only real masked card I can think of would be a gift card paid for in cash. Tedious as it is, that seems like the only way to use a debit card privately, and I think some of those are rejected by online pay platforms.
> Is there such a thing as a truly private “masked card service?”

No - there’s no way to support all the anti fraud mechanisms of the major credit card networks without a thorough paper trail. Masked card services help prevent unwanted charges and inconvenience for the customer - they may give a fleeting layer of privacy between the consumer and the merchant but nothing more than that.

Blur (dnt.abine.com) and Privacy provide fantastic masked card services.
I wish more SaaS companies (especially VPN ones) did this, this is a giant win for in the area of privacy. Go Mullvad!
The opposite is sadly still happening in everywhere else and no change for that is probably coming in the foreseeable future. With subscriptions, you guarantee the revenue. And making it very difficult to unsubscribe, such as some unnamed companies, even a little bit more money is collected.
I've always loved that Mullvad wouldn't let you accidentally compromise your own security.

For example, the port-forwarding feature won't work if you have a recurring subscription.

This just extends that kind of thinking to the service in general.

Been a Mullvad customer for a long time now, and it's always been awesome.

> For example, the port-forwarding feature won't work if you have a recurring subscription.

Yep, I had to cancel my subscription recently to get port forwarding working. I've been a customer for a few years now and trusted that they were doing this because it made sense from a privacy standpoint.

What's the exact reasoning behind that? How does paying via paypall impact the privacy of a forwarded port?

Is this something to do with state-level actors?

Presumably there are details linking together payments coming from Paypal and the account number. And obviously there is a link between account number and forwarded port. So following with that, you'd be able to make the connection between the account number and Paypal account, which is definitely not private nor even pretending to protect your privacy.
Maybe but doesn't all of that apply equally to just about any payment method other than sending them cash anonymously?
I think in the case of a one-time payment there’s a record that you paid Mullvad, but there’s no link to an account number.
For a single payment, they can throw away all the metadata once the funds hit their bank account.

They _can't_ do that with recurring subscriptions, since they need something that links to your CC or PayPal details to re-bill it next month/year. They've chosen to not do that any more, possibly as performative privacy, also possibly as having real privacy concerns for their clients, and also also possibly so they can tell law enforcement and courts to stop bothering them when needed. (realistically, it'll be some combination of those three things, and possibly others I've not thought of, that triggered them into this)

but then as a bad actor, you could reverse the credit card charge, and then the company would not be able to tell which customer reversed the charge!
I think the idea is that money reaches the company, the company then increments how much time you have left on the account, then deletes records linking payment to the account

Like you show up and give me $5, tell me it’s for account XYZ, I go into my admin console and increment the remaining usage time, but don’t write that you were the one giving me $5

There’s a window of time where the link exists of course! But you can get rid of it.

(I Hope that they are not storing things like an account start date or too many payment records… it could easily be deanonymized through time stamp correlation and the banks/stripe/PayPal have the data)

As far as I am aware, Mulvad only holds on to the payment details for a few weeks and then deletes it so the idea is that you 'age' the account for that time period and then can Torrent Linux ISO's on the forwarded port to your hearts content with any payment information long since deleted. I don't currently use them but am considering switching to them for this reason.
Monero is a (practically) untraceable [1] cryptocurrency. I figured that I didn't really need the VPN, but when the news came out that they added support for Monero earlier this year, I decided to support them by giving them another 4.5 EUR deposit in Monero.

1. https://www.getmonero.org/

I normally don't use VPNs, so please correct me if I am wrong.

I think from a law enforcement/accountability standpoint, if an "actor" is accused of wrongdoing while using Mullvad's port forwarding service, Mullvad might have some evidence linking the "actor" to an actual identity, since they have the payment information. Depending on the laws of whatever territories, Mullvad may be compelled to leak that info to a judge. Without that information, then there's no information they can ever be forced to leak.

If you're familiar with the sizeable benefits of the subscription model for a business you'll recognize this is a big deal.
They still use a subscription model it's just a non-recurring one.
Part of the advantage of the recurring subscription model is having predictable revenue every month due to it being recurring. And many businesses count on that "gym membership" effect, where people who don't use a service also don't take the time to cancel it for a while.
that's me and my audible subscription. i should cancel it, but before that i have to use the credits.
Holy cow, that’s evil.

https://help.audible.com/s/article/do-i-keep-my-credits-if-i...

Do I keep my credits if I cancel my Audible Premium Plus membership? No. If you end your Audible Premium Plus membership, your credits will be lost with your other membership benefits.

I wind up pausing my subscription when I get too many credits. It’s not a full cancellation, but I don’t have to pay.
IIRC problem is the option of pausing subscriptions is well hidden & revealed only when you have fully made up your mind to cancel & drop all your credits. most folks would not do that instead maybe defer the decision another month in the hope they'll 'catch up'. then they'll forget about it for a few more months.

Dark patterns all over.

Incredibly evil. That's why I used up all my credits and then cancelled my account. I briefly flirted with "gift subscriptions" because I was still wanting new audio books a lot, but that has its own problems. So I gave up on them.
thats why I raced to buy up a bunch of books with my points and then cancelled immediately (you can keep the books). its one dark pattern after another, good riddance.
If you sign up on iOS in app, you get to keep your credits after cancelling. One of the things Apple does right imo in regards to consumer protection.
It’s exceptionally evil! I had the same issue and couldn’t understand why I was losing credits I thought I had “bought”.

This and other privacy-related issues (see my comment history) is why I won’t consciously use Amazon again.

Hint: OpenAudible backup before you terminate.
Hmm, that might be illegal in Washington State
This is why I hate Audible and have never been tempted by their many attempts at entangling me in with their endless 'trials'. By comparison, Downpour.com had an easy on/off function for the monthly fees and the credits remain active for up to a year, with a prior warning, for one to use even after canceling the monthly subscription. Edit: also like the fact that the audio books are drm-free/downloadable and I am not beholden to their app to listen to them.
(comment deleted)
Just contact customer support and ask if you can get a refund. I've done this a few times when I was just accumulating points with nothing I wanted to buy, and it's always been quick and easy.
Are these benefits not eroding? Pressure on subscription models comes from both the public getting herd immunity against the underlying dark pattern and competitors chasing a diminishing supply of people to trick as world + dog has adopted the tactic.

In this particular case, with a privacy tailwind, it will be unsurprising if it ends up increasing their sales.

I think saying subscriptions are a dark pattern is going a bit far. In the case where you're offering an ongoing service that requires a cost to service, a subscription model is completely appropriate and in the best interest of both the subscriber and the issuer.

For sure there's some abuse of the model where you're selling something that should be a one-time item, but that's not the case here, and Mullvad is providing an ongoing service (and still billing by month / year / etc. for the service, just without automatic renewals).

Yeah, I'd say the term dark pattern only applies when services make it unnecessarily difficult to cancel your subscription. cough cough...NY Times
To me, a dark pattern is when the service doesn't announce in advance when the subscription is going to renew.
These emails always annoy me. To each their own I guess.
I'd be willing to say that subscriptions are a dark pattern when they don't automatically stop if you stop using them.

A fundamental part of healthy business relationships is value for value. E.g., you give me money, I give you a sandwich, you take the sandwich, eat it, and are happy with it. If you keep paying me for sandwiches but I don't give them to you, that's not healthy. Ditto if I put them on the counter but you stop taking them.

Personally, I think there should be a law that all service/software subscriptions auto-suspend after 30 days of non-use. Because right now there's a big incentive for businesses to get you to sign up for things they think you're not going to use, and to keep on charging you even though they know you're not using it.

What you're asking for is a la carte access while still getting discounted subscription pricing, pushing all the risk onto the business. Consume as much as you want, but pay nothing when you don't. Sounds like a crap deal for the business.
And what businesses are hoping for are users that are paying without actually using their service. Produce nothing, but get paid every month. Sounds like a crap deal for the users.
> And what businesses are hoping for are users that are paying without actually using their service

All of them, from the local gym to Dropbox to Spotify. Subscription businesses can't make money if every consumer costs more to service than the revenue they generate. There's even an official accounting term for it, breakage.

> Produce nothing, but get paid every month

Failure to consume and get value from a subscription is your fault, not the business that fulfilled its obligation.

I am amazed that you can't see that approach as exploitative, and that your last line is victim blaming.

If a company can't exist without tricking people into paying for something they get no value out of, maybe it shouldn't exist.

> can't see that approach as exploitative

You're getting all-you-can-eat from the business for a fixed price in exchange for predictable revenue as opposed to pay-as-you-go. That you think that's exploitative just tells me you don't understand the business model. You want to have your cake and eat it, too.

Ah yes, the old "people who disagree with me must be ignorant" routine. Not a good sign, but I'll take one more swing at it.

An all-you-can-eat restaurant where customers don't eat anything and you still keep charging them until they notice months or years later is indeed exploitative.

For something like an apartment, there's reasonable justification for long-term contracts and continuing to charge people without regard to use, in that it's an expensive good that has exactly one user at a time and where it can take a while to find a new tenant.

But that entirely vanishes with most internet-based subscriptions. If I stop watching Netflix, they stop experiencing marginal costs for me. If I get excited about a NYT subscription but then stop reading, it's the same deal. Nobody went out and bought another server just because I signed up. I could cancel at any time and they'd have to let me go. If they keep charging me when I'm not getting any value, then it's not a mutually beneficial relationship; they're just exploiting me. And indeed, maybe they were exploiting me from the get-go if their intent was to just get my money in without regard for whether I was going to get anything out of it.

People who take money without providing value are at best economic parasites, but quite a lot of them are just scammers, grifters, and frauds. Which is exactly why a law would be especially valuable here, so that their time and attention were devoted to some socially positive activity.

If you eat a buffet and only have one plate, you don't get to complain and ask for a refund.

> keep charging them until they notice months or years later is indeed exploitative.

When is it the customer's fault for not cancelling? You're working very hard to avoid responsibility for the business contract you entered into.

> they stop experiencing marginal costs for me.

Which are a small part of the overall cost structure. So what?

> Nobody went out and bought another server just because I signed up

Absolutely they do. The business is managing its finances under the assumption of subscribers and LTV, and making investments accordingly based on those assumptions and forecasts.

> they're just exploiting me

For charging you for something you signed up for but were too lazy to manage properly?

> just get my money in without regard for whether I was going to get anything out of it

There you go passing the buck again. It's your responsibility to use the thing you signed up for.

> People who take money without providing value are at best economic parasites

You mean the money you're giving them as part of consensual business agreement?

You are an excellent example of how people who are abusive have consistent worldviews that justify the abuse. You are placing 100% of the responsibility on the weaker party in the contract, and 0% on the people who designed the contract plus everything that leads up to and comes after the contract. At the same time you clearly understand the human cognitive limitations that make people susceptible to carefully-designed exploitations, you act as if the people who design the scams are not just innocent but justified in taking advantage because money.

And with that, I'm done. You are very dedicated to both exploitation and victim-blaming as justification. I'm not going to convince you otherwise, presumably because you made or make your living from that. “It's difficult to get a man to understand something when his salary depends on not understanding it," said Upton Sinclair, and I have better things to do with my time.

(comment deleted)
>People who take money without providing value are at best economic parasites, but quite a lot of them are just scammers, grifters, and frauds. Which is exactly why a law would be especially valuable here, so that their time and attention were devoted to some socially positive activity.

Does that also apply to your car/home/health insurance as well?

If you don't have an accident/get robbed/go to the doctor, are you being exploited by the insurance company?

Edit: BTW, I'm an old guy myself.

It of course does not apply, because you're getting risk-mitigation value every month. (If you don't think so, feel free to drop the insurance.)

That said, those are prime opportunities for parasitism and exploitation, because it's hard to measure risk reduction until actual harm comes along. That's why those sectors need heavy regulation.

And so how does that not apply to Netflix or The New York Times?

You said[0]:

"But that entirely vanishes with most internet-based subscriptions. If I stop watching Netflix, they stop experiencing marginal costs for me. If I get excited about a NYT subscription but then stop reading, it's the same deal. Nobody went out and bought another server just because I signed up. I could cancel at any time and they'd have to let me go. If they keep charging me when I'm not getting any value, then it's not a mutually beneficial relationship; they're just exploiting me. And indeed, maybe they were exploiting me from the get-go if their intent was to just get my money in without regard for whether I was going to get anything out of it."

A subscription with them provides access to the services they sell all the time as long as your subscription is current, in exactly the same way as as insurance provides risk mitigation.

You appear to be arguing that it's the subscription model that's the problem and not those who use it in an exploitative manner.

I'm not a fan of subscription models myself, which can be used in exploitative ways, but the fault isn't in the model, but in those who implement/administer it.

N.B.: I do have insurance, but not Netflix or NYT subscriptions.

[0] https://news.ycombinator.com/item?id=31818397

Edit: Fixed formatting, typo.

Your theory is that Netflix isn't selling entertainment, they're selling boredom insurance? That somebody might have a sudden, unexpected, and catastrophic need for sitcom reruns that might cost them hundreds of thousands of dollars, so to mitigate that risk they pay Netflix just in case?

If you really can't tell those classes of product apart, I don't think I can help you.

>Your theory is that Netflix isn't selling entertainment, they're selling boredom insurance? That somebody might have a sudden, unexpected, and catastrophic need for sitcom reruns that might cost them hundreds of thousands of dollars, so to mitigate that risk they pay Netflix just in case?

Don't put words in my mouth. I never said anything even approaching that.

Netflix sells a service (a pretty useless one, in my view) -- video content -- for which they charge a monthly fee.

Insurance companies sell a service (more useful, in my view) -- covering (or at least reducing) the costs of bad stuff happening -- for which they charge a monthly fee.

One is (at least in my view) more useful than the other, but the business model is the same -- pay a monthly fee for some product/service.

As I said, it's not the model that's the problem, it's those who use it in an exploitative fashion.

Please do go ahead and set up another straw man you can knock down for your own satisfaction, but I won't participate further.

Have a great day!

The business models are not the same. Insurance is deeply different in an economic sense than selling videos. Willfully ignoring that distinction is ridiculous, and I tried to make the difference apparent in the comment you're quoting. If you're not getting it, that's fine, you are free to carry on not getting it.
While the business models are different (obviously), the payment model is the same.

I was inexact (business vs. payment model) in my previous comment. My apologies.

But my point still stands: Subscription payment models aren't inherently exploitative; rather they can be implemented/administered (or not) in an exploitative fashion.

Don't like Netflix/NYT and others' implementation of said payment model? I'm not surprised. I'm not very high on them either.

But just because you don't like the specific implementation, doesn't make them a different payment model. That payment model being: "pay a monthly fee, get whatever product/service you've paid (and continue to pay) for.

You appear to be claiming that because different companies sell different stuff, that the payment models are not the same.

Which is akin to arguing that since automobiles with ICEs[0] serve a different purpose than automobiles with electric engines. They don't.

And likewise, subscription payment models are subscription payment models, regardless of the product/service being offered.

>If you're not getting it, that's fine, you are free to carry on not getting it.

And you're free to continue making wildly inaccurate statements. Have fun and a good day!

[0] https://en.wikipedia.org/wiki/Internal_combustion_engine

> If a company can't exist without tricking people into paying for something they get no value out of, maybe it shouldn't exist.

Sure, but this doesn't describe all subscription businesses, plenty of companies have healthy margins even with active users.

No one is saying there aren't subscription businesses that abuse subscription pricing to get recurring revenue from what should be one-time revenue, leave customers locked into something they're not getting value out of, etc. but that's not a truism of subscriptions (even the traditionally shady ones like gyms!)

Sure, and nowhere did I say I wanted to ban subscriptions, leases, and the like. I'm just saying that for online subscriptions, society should reduce the incentives to exploit people by requiring subscriptions to auto-suspend when they're not actually used.
"Failure to consume and get value from a subscription is your fault, not the business that fulfilled its obligation."

On some level yes. But recently banks here in Australia were busted for charging dead people.

https://www.afr.com/companies/financial-services/apra-punish...

Are you going to tell me the dead people are at fault for not taking advantage of services provided?

The point here is the relationship between (business) provider and consumer. It should be fair and balanced. No one is asking a business to provide services for nothing. But when the services aren't being used, the non-consumer shouldn't be charged either.

The only question remaining is - what is a fair way to go about this?

A reasonable time period of non-use before suspension of service seems ok. The business got money for nothing - but can't try to make that into a business plan.

Clearly businesses would rather have more "money for nothing" - so would everyone - but it isn't reasonable.

For sure!

I also think there are systemic reasons to stop it. If you're running, say, a good streaming service, imagine a competitor coming along that makes a lot of use of dark patterns to get people to sign up and keep paying even though the value is much lower than your service. Now you have a choice: try to compete against a better-funded competitor or go for the same dirty money yourself?

As a society, we want companies to devote their capital and brainpower to making things better for customers that can freely choose the best products. And that's what most company founders want too, so that markets are competitive in fair ways and they can focus on the products that got them excited enough to start a company. So I think it's in the interests of everybody except the parasitically inclined to just rule out exploitative business models.

For anybody who offers a month-to-month subscription, I'm not asking for anything other than them not taking money they're not earning. You have a point with, say, annual subscriptions. But for services where there's no cost to the vendor for an unused subscription, maybe that's ok, as there an annual subscription could much more easily be a dark pattern.

I also think pushing the risk of "the customer doesn't actually get anything out of it" onto the business is where the risk should be. Who better to understand and manage that risk than the people making the product and who have great masses of data on how it actually gets used?

Absolutely there's cost to the business even if you don't use the service. There's marketing, salary, healthcare, leases, and any other number of expenses. Gym's pay rent regardless of you showing up. Netflix still has pay for content you don't watch.

The entire point of a subscription model is that a business can offer a steeply discounted price vs. pay-as-you-go in exchange for predictable, recurring revenue. That's the only way the model works.

> Gym's pay rent regardless of you showing up.

In my opinion, that's the industry (at least here in .au) that are the poster-child worst example of dark patterns in manipulative subscription charging.

They are infamous here for doing fucked up things in an attempt to make it as difficult as possible to cancel your subscription. I had one friend who moved overseas, discovered his gym was still billing him monthly even though he'd emailed to cancel explaining they didn't have any locations in his new country of residence, and they tried to claim the only way to cancel his subscription was in-person at the location he signed up at. He had to lawyer up when he cancelled the credit card (and told them he'd done so), and they threatened to send his account to a collection agency. (On single lawyer letter got him a refund of all charges since the date of his original email saying he was cancelling, so they _knew_ they were legally in the wrong and wouldn't have a leg to stand on it of ever got to court.)

That's a really good example of the sort of exploitative thinking I'm talking about. They clearly knew what they were doing. As do all the companies who let you sign up easily, but where cancellation requires filing a form "in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard'" and then spending 30 minutes on the phone with an obtuse and obstreperous call center rep.

And it's all just such a waste for everybody. The first gym I joined was run by a very dedicated muscle-head who was at his gym a fair bit. You signed up for a fixed period, like a week or a month or a quarter. At the end of the period, you could renew if you wanted. And if you weren't coming to the gym often enough, he'd ask why you weren't coming. He believed in his product and wanted people to be successful at his gym.

But I'd guess part of the reason that doesn't dominate is that awful gym companies sucker people in, do everything they can to become credit card parasites, and then spend a lot of the extra money on marketing and on giving people good-looking deals that they know they won't use.

Sorry, I thought you'd understand I was talking about marginal cost. Yes, I understand that software companies have non-marginal expenses. And yes, gyms pay rent, but I clearly said I was talking about "service/software subscriptions".

I also disagree that's the point of subscription models. If I'm on a month-to-month subscription, there's no legal guarantee the revenue is predictable more than 30 days out. That would be just as true if auto-suspend were required for non-use.

> I understand that software companies have non-marginal expenses.

For most subscription businesses and SaaS companies, non-marginal costs are most of the costs. The pennies Netflix saves if you don't stream during the month are a pittance compared to other SG&A expenses like headcount and content production.

> I also disagree that's the point of subscription models.

What do you think the point is? Why would Jetbrain's move to a subscription model? Why does Spotify stream music and not sell tracks and albums? A subscription model is a fundamentally different business than one offering standard transactional sales.

I don't think so. Us privacy and control freaks abhor subscriptions, the mainstream just shrugs and pays what they're told to pay. I can even see them adopting rental models for a lot of stuff we purchase outright now (the "you will own nothing and you will be happy" great reset promoted by the world economic forum). I think this is pretty exploitative but I'm pretty sure I am in a minority. Obviously big business loves this because they have to do almost nothing and still get guaranteed income.

But to me their arguments sound too much like blackmail "With this model there is incentive for us to make longer-lasting products which is good for the environment". Well, sure but if you actually cared about the environment instead of money you'd be doing that right now. Why do we have to pay them more for less in order for them to do this?

To me this really sounds like a "pay us what we want or we'll mess up this environment of yours even more" extortion scheme.

The older generation is more against it but they tend to not trust tech very much anyway. They're not the ones buying a new phone every year, they use it for many years and even get it fixed when it breaks.

> you will own nothing and you will be happy

Too easy and lazy to blame this on some grand conspiracy. Reality is much more complicated, and cuts to heart of human behavior.

Conspiracy no. But I don't like where the world is headed. Investors are demanding ever more markup on products and services. Nobody is happy with a 10% markup anymore in electronics. There seems to be a constant flow of money to the ultra-rich away from the poorer people, and this is something that has been constantly going on for the last decades. Because the squeeze is finally starting to hit the mainstream of the richer countries. Even the US is starting to see instability from this.

I think part of this is the free market which only really works on "MORE". More turnover, more customers, more products YoY. If you make a loss or invest in something for the common good a company isn't just frowned upon, they are putting themselves at liability of due diligence lawsuits. Most of the societal and environmental problems we are seeing stem from this, in my opinion. We need to fix the system before it's too late, not pamper to it.

I don't think there is a dark "SPECTRE" style gathering going on at Davos, no. I'm not a conspiracy theorist. However I do see there is zero incentive to improving the status quo if it doesn't make some rich people much richer yet again. This is why I see the WEF as a 'bad' entity, for promoting such things which are clearly undesirable. It's a very one-sided image.

For me as a tinkerer and maker the idea of renting my stuff and not being allowed to improve or repair it, is absolutely unthinkable and something that must be fought tooth and nail.

> mainstream just shrugs and pays what they're told to pay.

But mullvad isn't targeting mainstream!

It's mainstream compatible, as-in not too hard to use, but that's it.

Also mainstream only cares about VPNs because they believe it does magically things, like somehow better protecting all your privacy even if you are logged into Facebook or somehow making account hijacking or banking scams less likely :/

That's why they will go anyway with VPN providers which do a lot of ad advertisement to make them subconscious feel like it's doing all this magical things (even if they never explicitly claim it). Like NordVPN (you probably know what I mean if you use e.g. twitch in the EU ;=) ).

So no point in competing for this users without doing things like a ad powered free plan, free testing month, and tons of dark-ish patterns.

Instead mullvad has I think a good idea about what works with their customers.

I think it still will cost them money (who hasn't forgotten to cancel and abo) but also might save them money (not having to handle anything in support related to subscriptions going wrong). And maybe with things like people pre-paying for a year, but stop using it after a few month it will also not cost them anything. Really hard to say. I mean it was also guaranteed to end up on HN, so free advertisement to exactly the right audience. That's worth some money, too.

> But mullvad isn't targeting mainstream!

I agree, this is precisely why they're doing this. Putting their customers' privacy over their investors' wallets. This is a big ballsy move IMO. They're buying a lot of goodwill here. And taking a risk.

> Also mainstream only cares about VPNs because they believe it does magically things, like somehow better protecting all your privacy even if you are logged into Facebook or somehow making account hijacking or banking scams less likely :/

Also totally agreed lol. I often get questions from friends about VPNs. Always have to explain that privacy really doesn't work if you willingly give up your data :)

And no I don't use Twitch so not sure what you mean there, sounds like an interesting story.

> So no point in competing for this users without doing things like a ad powered free plan, free testing month, and tons of dark-ish patterns. Instead mullvad has I think a good idea about what works with their customers.

Exactly. They're not doing a tunnelbear.

> I think it still will cost them money (who hasn't forgotten to cancel and abo) but also might save them money (not having to handle anything in support related to subscriptions going wrong). And maybe with things like people pre-paying for a year, but stop using it after a few month it will also not cost them anything. Really hard to say. I mean it was also guaranteed to end up on HN, so free advertisement to exactly the right audience. That's worth some money, too.

I agree it's ballsy, this makes me respect the gesture even more. It's not the 'done thing' in this day and age. But they're still doing it and for the right reason.

Subscriptions aren't (in general terms) a dark pattern.
absolutely not. people are wary of signing up for new subscriptions, because cancellation is not clearly protected in most jurisdictions, and people are aware that they can forget to cancel.

People dont forget to renew their world of warcraft membership because their game stops working if they do. if you use a VPN, you likely use it every day, and there will be no lost revenue.

Disagree. If i have per-month subscription that does not have termination notice period, i could terminate it any time, next month effective.

If i have to pre-pay service, while i can still pay on per-month basis, that is usually such inconvenience that i would rather pay per-year or longer.

Considering privacy issues i assume that pre-paid account could not be cancelled and refunded earlier, i am implicitly forced to year-long contract with pay ahead.

> convenience comes at a cost and we no longer think this is an acceptable trade-off.

In an age where dissertations about what color and position to use for buttons go pages long, that's a courageous position that follows a clear strategy. Kudos!

I think its also good for Mullvad, they push people towards the 1y plan instead. No one is going to put their payment info in every single month.
They only have a monthly pricing option I believe

https://mullvad.net/en/pricing/

With one-time payments, you'd send them 5 euros for one month, or 60 for a year, etc.
Nop, you choose how many months you wanna pay ahead for
Pricing yes, but you can buy multiple months in advance. You don't get any advantage except convenience.
(comment deleted)
I've been using Mullvad ever since PIA was bought out. Never had an issue with them (other than when I forget to top up and my VPN connection dies :) ) with speed or reliability. I've always used the top up functionality rather than a subscription, but it's great to see how committed they are to reducing the attack surface for the users that need the most privacy.
Earlier this year I was changing some firewall configs and my torrent jail on my home server stopped working. I spent like an hour debugging, only to realize that my 1-year mulvad subscription had expired in the middle of messing with my firewall. Oops!

Mulvad is awesome and super fast. I reliably get in excess of 300mbps while torrenting.

That's great news and they just got a huge boost in reputation for me. Definitely the go to service if I need a good VPN again.

Especially strong decision since this will certainly cost them a lot of revenue and I don't think the boost in reputation will counter that in the long run.

I guess they'll notice after a month or a year

What'll happen. I suppose there is a "middle" group of users who want a VPN a bit but not super much, and long term now might leave

Anyway I like Mullvad's mindset

Hi Mullvad, I hope you'll post a follow-up a year later :-)

What if you, as part of the payment flow, included adding a calendar reminder X months later

If they don't keep the link between accounts and payments, doesn't that mean they can't revoke an account when a chargeback happens?
Sure, but they can ban your payment method, and they care about privacy enough to eat this (probably small) cost.

Also, they do actually keep a link for 40 days, but it seems like some card card networks allow chargebacks past that.

> In order to provide refunds and the ability to recover lost accounts we need to store some record of a payment, at least for a short time. As soon as we do not need the data to enable refunding a payment we scrub the record of anything that can link the payment or the account to any personally identifiable information kept by the payment processor (this could be your bank, for example).

So they hold your info and link for however long the chargeback period is (or the average one, probably 30-60 days is fine) and then lose it.

If you're more worried about privacy than convenience they offer other payment methods:

Which payment methods do you accept? We accept cash, Bitcoin, Bitcoin Cash, Monero, bank wire, credit card, PayPal, Swish, Giropay, Eps transfer, Bancontact, iDEAL, and Przelewy24.

https://mullvad.net/en/pricing/

And you can pay for a decade in advance.

(What is Pretzel24 I wonder?)

Selecting Pretzel24 as payment method redirects to https://go.przelewy24.pl/ where in turn you choose between different banks. I guess it is a Polish service for direct bank payments?
Wait, does it actually say "Pretzel" somewere, or did you both misspell it?

"przelewy" means "wire transfers" in Polish: https://en.wiktionary.org/wiki/przelew Nothing to do with pretzels. :)

I misread it as Pretzel the first time and couldn't resist, especially after clicking the page gave me a 'NOT FOUND' error. I assumed it was some sort of payment system.
Have Mullvad's privacy guarantees been tested by subpoena?
This does not apply. They’re european, a subpoena from the us government wouldn’t have any effect on them.
Europe has courts, subpoenas, warrants, police, and all that too so I don't see how that affects the question? The US as mutual legal aid treaties with most European countries as well.
that's not true, the USA has agreements to exchange information on citizens with the vast majority of European countries. While a local yokel might have a rough time, the federal government would only have to put in a request and wait a while. The only cost is the effort to file for it.
They are based in Sweden, which could be an issue since they are part of the 14-eyes alliance.

https://www.cnet.com/tech/services-and-software/mullvad-revi...

Yeah I think that's why they're trying to minimize the amount of data they have on store, because they know that a repeat of the TPB raid can happen any time.

If the Swedish courts find sufficient reason to do so, they will go in without warning and seize what they feel like.

If your threat model includes nation state intervention, a 5 Euro VPN isn't going to help you. In fact, no VPN is going to help you. The best you can get is probably Tor + Tails, but even then you better be looking over your shoulder.
That's not necessarily true. A lot of state surveillance comes through having backdoor or legal access to lots of services. Many VPNs have been tested in court on whether they actually have information on you to disclose, and some even have independent audits to verify that such information is not even kept.
At best, you can hope to make surveilling you more expensive or more inconvenient. But if Snowden taught us anything, it's that whatever you needed to do to get yourself tangled up in the 5/14 eyes trip-wire, you've already done, long ago, and continue to do.

VPNs don't mean shit. You're leaking data everywhere you go. Browser fingerprinting, WiFi/BT signals, cell tower signals, GPS. If you own a smart phone and a credit card you're already fucked.

Let's not confuse things for people by making them think if they plop a 5 Euro VPN between them and their yahoo! email account that this does anything at all to deter state level actors.

VPNs are good for a few things:

(1) Evading state-sponsored censorship (which uses technology minted in good old Silicon Valley) -- where the state doesn't really care unless you're really bothering them

(2) Marginally disrupting the pan-opticon that is surveillance capitalism by mixing the signals a bit, where your ISP can't sell you out to data brokers. But even then... DNS leaks, etc still happen and still fuck with the plan.

(3) Maybe not getting scooped up as badly in the state dragnet, and maybe not being accused of something you actually didn't have anything to do with.

But brother, if you think you're gonna be the next Ross Ulbrich with your Mullvad VPN, then you better be memorizing your recipe for toilet wine because you're gonna land in a fed pen.

Mate, I don't know if you realize this, but most people here just want to hide due to minor privacy concerns, not a plan to overthrow the government or some shit. Of course if the FBI is after you, no, Mullvad won't protect you. But in the more realistic scenario that Disney might be after you, would Mullvad be a liability or not, that is the question.
There's a big difference between getting caught up in a 5-eyes dragnet vs some local police investigation vs a copyright subpoena.

A VPN headquarted offshore that will only respond to local subpoenas with local legal representation is pretty good protection against the second two.

There's a difference for now, anyhow
or be in a state that is not an ally.
That is true but not relevant to my question of whether Mullvad's data retention policies have been tested in court. One uses a commercial VPN to pirate HBO, not dodge the alphabet boys.
This is a great idea! In practice, how would you go about this e.g. if you're using Stripe? After a few weeks, delete the customer information in Stripe?
That's a very good question. I wonder why companies don't push hard to disallow third-party services from storing their customers' data. I had this issue as an employe. My employer used a third-party service for onboarding. This service had a breach and my data (including my SSN) was leaked. I've been begging my employer (one reason I wish I lived in California) to take action and have them remove my data, because another breach is inevitable. They've finally sent a request to delete all employees' data. Now I am waiting.
If you accept payment, it's very hard not to relay some information to a third party, except if you build your own payment provider service... But I'd love to see Stripe make more effort here and e.g. start allowing EU hosting for EU customers and so on.
I don't mind sending data to the service, but the moment the information is no longer needed, we should have the expectation that you delete the data.
Even if you delete it in Stripe, I very much doubt that stripe or the credit card providers will be deleting the data.

Someone will know that Mr Smith has a mulvad VPN subscription. They just won't know his username on the service.

Probably true. So, how does Mullvad handle this?
Handle what? Of course someone can go to Stripe and get that info, but as OP just said, they won't be able to tie it to a specific VPN account as that link is now broken.

They also mentioned it's about less data, not about zero data. The moment you use a credit card, of course it's stored in a bunch of places. But this won't be stored with them.

I suspect a temporary ID that links the two that lives for just the time of the Payment Request and transmitted as metadata? Once the payment is successful, it removes the ID linking the payment to the account ID & severs the link - just the account has the credit
Mullvad deletes all transactions as soon as they are allowed by law/contract with pay agent. That's 45 days for some things and 60 for others I believe. They have more details on their site. This assumes you trust them to shred that info though. They also supposedly don't keep ip logs, but I assume their ISP does, so I guess that's of limited value.
Why would it matter if their ISP keeps IP logs? Those logs would not be able to link an IP address to anything of value.
sometime just having meta info is enough for 3LA orgs. They would know the user is using mullvad services as the most obvious which is enough to get you multiple year sentences in some repressive countries.
Would it be possible to store subscription data without actually linking it to the account that is affected? Sort of like a one way encryption.
When the subscription was cancelled, you would have no way to know which account to disable.

Perhaps a better model is the client stores the necessary data, and presents it when trying to connect?

You'd have to have some form of connection, but it might be possible to design it in such a way that it could be plausibly denied. Holomorphic?

All the ways I come up with (giving out keys) have the problem of how do you renew the key, and how do you cancel it, without knowing which is which.

Couldn't you give them short-lasting keys, that they can use to sign session keys?

e.g.

1. Connect to Mullvad over Tor, authenticate with real-world user ID

2. Use this to sign a blinded token

3. Use this to connect to Mullvad anonymously after some delay

The first run would be kind of dodgy, but after that you could get new session keys on a fixed schedule and switch them out at a random interval.

If they see that user A authenticates and 10 minutes later, key A comes online, that can be traced, but if you then wait a week, authorize key B, and then wait a few more days to start using it, you should be good.

In practice, this has way too many issues to work in practice. It still requires you to trust them not to e.g. log IPs and correlate it that way, so it's all just snake oil.

It seems like you're trying to solve a totally different problem that doesn't exist. If you have a subscription, that means Mullvad must store information that ties your account to the subscription payment processor. That is the information they don't want to store anymore, because they want their users to be anonymous. Their system is already setup so that users can't be correlated with VPN activity.
At that point the question becomes one of search space and what real-world data that information ties to.

If Eve can determine the basis for which an account is identified, and there is a small number of subscriptions,[1] then the namespace may be exhaustively searched.

Mind that even if the resulting hash space is large, if the key space is small, the search is tractable. Just look for a resulting valid hash.

Even if a payment is required, if $0.01 is accepted, the cost for testing 1 million keys is $10,000. For a sufficiently high-value target, potentially reasonable. More so if you can create your own money.

________________________________

Notes:

1. For computers, any value < 10 billion is arguably small, and quite possibly somewhat larger than that. The present human population is < 10 billion. The Mulvad subscription list is all but certainly <<<10 billion, where '<<<' -> "very much smaller than".

Highly commendable position. Mullvad is leaving a ton of money on the table by doing this, but in the sea of shady VPN providers, having a provider do something proactive like this makes me want to switch.
Wow.

Hadn't heard of Mullvad before reading this, figured I'd give it a try. That is hands down the BEST onboarding experience for an app (let alone a VPN) I've had in I don't know how long. Took me maybe 2 minutes to go from no account to a working VPN connection.

I love that everything is anonymous (down to the account credentials just being a randomly generated token).

I signed up to Mullvad - my first VPN - literally about 12 hours ago, purely because of how simple, yet comprehensively-explained, their 'onboarding' process was.

I also particularly like the flat no-fuss EUR5 a month fee.

Mullvard is behind the mozilla vpn. They're crazy good about privacy. You can mail them cash with account info and they'll set you up.
Mullvad accepts cash as well. In what way are they behind?
Mullvad is the service provider, Moz just resells their service
Behind in the "controlling or responsible for (an event or plan)" sense was meant, perhaps?
Misunderstanding. The Mozilla VPN is Mullvad (rebranded).
Ohhh, I see. I did not know that, thanks.
https://www.ivpn.net/ also generates a random userid and also accepts cash in the mail (only for large purchases unfortunately). I wasn't able to get mullvad's multihop to work on Android, but iVPN Pro does the trick. iVPN also has a nice server status page that helps you optimize for speed (low load server) or anonymity (high load server) as appropriate: https://www.ivpn.net/status/ They have a weird "anti-marketing" homepage which devotes almost equal space to explaining why you should not buy their product :-P

Perfect Privacy accepts a gift card (more convenient than mailed cash IMO) and has a nifty "neurorouting" feature which aims to be better than standard multihop (claims of speed, at least, I can attest to). They do ask for an email address, sadly, unlike iVPN/Mullvad. Also I just saw this and it looks a bit worrisome https://www.security.org/privacy-guide/perfect-privacy/

Both iVPN and PP let you block various trackers / MANGA corps at the network level.

I like Mullvad but it seems good to support a diversity of providers. Curious if anyone has any dirt on either of those two, or if they can make more recommendations.

> You can mail them cash with account info and they'll set you up

If I wanted to self-host a VPN, I would still need to pay for a cloud provider.

Is there an equivalent cash (snail mail) offering for hosting?

nearlyfreespeech.net
NFSN allows you to host websites but last I checked they won't just give you a server for you to run whatever you like.
>I would still need to pay for a cloud provider.

both google and oracle offer small, perpetually free VM instances.

...in exchange for knowing who you are. (If they couldn't de-dup you via some kind of identity verification, they wouldn't be able to offer a free promo, as some asshole could then just come and generate a million free accounts and lash them together to run a botnet/crypto-mining-farm/etc on.)

I believe the GP's question is "is there any public-web hosting platform that I can use entirely anonymously; where they allow me to sign up using a VPN; and where I don't ever have to pass them anything / sign in through anything / link anything that could be linked back to my identity?"

And I believe the answer to that question is "no."

(Well, okay, if you're fine with a static website, you could pin your data using FileCoin, and then set a domain up as a DNSLink pointer to [an IPFS gateway for] the relevant IPFS URN. That's how https://docs.ipfs.io works. But that's not quite what "web hosting" means to most people.)

The moment a service allows anonymous signup it inevitably gets abused the shit out of itself for spam, botnet C&C, DoS attacks and worse.
This is why I don't see how services like Mullvad can stay afloat forever.
You still have to pay for bandwidth. Free tier provides only 1Gb egress.
I've been a mullvad user for the past couple of years. I only occasionally use them for privacy on open wifi networks or whatever, but the experience so far has generally been excellent. I initially used the official Wireguard iOS app to connect, but their iOS native app is freaking excellent. WAY more reliable and user friendly than the others I've used— ExpressVPN and some other. It's been quite some time since I used the other ones, however, and they may have equally good branded clients by now.
I can wholeheartedly recommend them after using their service the past few months. They offer Linux configs with wireguard (a sore point with other VPN providers, who tend to either not support Linux at all or only offer openvpn), their Android App has worked flawless and it's just 5E/month.
Yes and they even make double hopping easy. Many other VPNs don't like this, presumably because they have to eat 3 times the traffic.
Mullvad has been tremendous and the ease of use is terrific. I use a VPN relatively infrequently, sometimes going months without turning it on, so the one-time payments have been wonderful. The app is simple to use, and it's so, so easy to reactivate for a month when I need it.

I can't speak to their privacy as my VPN usecase is usually just "I need an IP in another region," but to the best of my understanding they are one of if not the best in the business.

As an additional data point, I've been using Mullvad as a long-running VPN for a while now (hint: Linux ISOs) and it has been working like a charm.
You can also utilise port forwarding with mullvad (bound to specific key and location) to make distributing "Linux ISOs" faster.
I also like that they let you download the raw wireguard config files so that you can connect without having to use their client. You can just plop them onto your filesystem and use wg-quick to get going.

Since I'm also a ProtonMail user and I considered switching to them for VPN as well but their python client doesn't seem to work correctly on my Arch Linux install and it doesn't give me anything useful to debug it beyond "An unknown error has occured" so I couldn't be bothered to investigate beyond that.

I think you can also get the raw wireguard config files for ProtonVPN: https://protonvpn.com/support/wireguard-configurations/
I did not know that! Thanks a lot. I'll definitely give it another try.
i just set it up to try it out (on macOS): created a free config on the proton dashboard, downloaded it, stuck it in the wireguard client, and it worked (without downloading their vpn client app). make sure your firewall isn't blocking the traffic though (something that caught me at first).
Been using protonmail on arch for years, you have to setup the configs a tad more manually and do some editing (I forget now); definitely doable and protonmail lets you download the configs (which work out of the box depending what you use).
Be aware, at least Nord clearly does something different with their client than with the OpenVPN files they provide ( https://news.ycombinator.com/item?id=21664692 ). When I dug into this, I found similar cases with other major VPN providers, but my notes are sufficiently out of date, they shouldn't be trusted anymore.

Sometimes the differences are subtle, sometimes they're rather complex like this case. Personally, sketchy stuff like this is why I've moved all of my VPN use to a personal cloud instance running WireGuard.

What cloud do you use? A lot of websites will flag any AWS or data center IP as a bot.
So, I do have two VPN servers running, one on my home connection, and one on AWS, for just the reason you state.

That said, I got back from a week long trip a few weeks ago. I kept my AWS tunnel up the entire trip. For the set of websites I visit for personal and work reasons, it was never an issue. I'm sure I could find some website that doesn't work, but for me, it's just not a problem.

It's also super useful, since I can whitelist my AWS instance's IP on services that demand such things, and never have to worry about where I am as I move from network to network. I've also reserved the Elastic IP so I can stop/terminate my server when I want without needing to whitelist the IP again when I spin it back up

I use whatbox.ca as my global/universal VPN. So far I haven’t seen any issues. It works in places where most VPNs are banned or heavily throttled (like Saudi/Abu Dhabi/Qatar, my workplace, AT&T cellular data, etc)
Isn't whatbox.ca mainly aimed at hosting seedboxes? They are accordingly higher priced than a VPN. Whats the rationale for using them as a VPN ?
1) It’s the only VPN that worked in areas where they work hard to block most VPNs

2) it’s still not very expensive

3) it’s absurdly fast for a “VPN”! Like 400Mbit symmetric.

4) I also use it as a seedbox. Speaking of…does anyone have an invitation a private tracker to replace what.cd because I miss that. Or a no/low compression movie tracker.

Thankfully I never encountered that as an issue with e.g. Amazon Workspaces.
> ( https://news.ycombinator.com/item?id=21664692 )

Is there any proof of this? It seems like the original author was wrong and deleted the article.

I have no idea how right the author was about how Nord got ahold of the residential IPs. I was able to recreate the technical results, and noted at the time that the OpenVPN connection to the same Nord endpoint behaved differently (and, indeed, Disney+ blocked it).

Of course, that was a while ago .. long enough I assume my notes no longer reflect the current state of things. It'd be interesting to try and recreate it with the latest stuff, but all of my VPN providers accounts have lapsed by this point.

"The author deleted this Medium story."
I've read some articles online, but I still haven't managed to understand the hype around wireguard. It's lighter than OpenVPN, but has more obscure primitives? Doesn't seem like a great trade off...
It is also much faster and allows p2p networks
What does "allow p2p networks" mean exactly?
It's not hub and spoke. Any existing network topology can be mirrored essentially 1:1 with wireguard. With hub and spoke VPNs the model constrains your deployment somewhat. Now I'm not saying key distribution with wireguard is easy, that's a different problem. But wireguard is literally like "let's take your existing network interface and give it modern fast impossible to fuck up encryption".
I have no idea what you just said.

Can you dumb it down maybe?

Traditionally you have a server and all clients connect to this server (Hub and spoke). Wireguard can connect clients like you would in your network. You can mesh clients if you like. The hard part is getting the keys to all peers in the network.
Wireguard is your plumbing layer. OpenVPN is an entire application stack. Wireguard is super simple because it's low level. If you wanted to compare something (as a user in terms of feature parity, etc.) to OpenVPN a more accurate comparison would probably be nebula or tailscale (private/mesh network management tools that are built atop wireguard). I'm a wireguard fan and it's true that its crypto is much simpler, smaller, and harder to fuck up than OpenVPN but that is really only something that matters to the security hats.
How is openvpn easy to fuck up? I just run sudo openvpn file, and that's it...

Also, I didn't really understand any of your explanation about layers. How is openvpn an application stack? Surely applications are the applications?

Wireguard is a water pipe, whereas OpenVPN is a water pipe connected to a water bottling factory connected to a bottled water shipping port.

> How is openvpn easy to fuck up? I just run sudo openvpn file, and that's it...

The configuration is what is easy to fuck up, not the command to run it

(comment deleted)
Crazy thing is, it was just as great already many years ago. And yet people fall for absolutely weird fake privacy vpn offers.
> Hadn't heard of Mullvad before reading this

Just the only vpn with any integrity left remaining, no biggie.

Absolutely no way to know they are good and other is bad. The entire VPN industry is “trust us bro”. Which works until it doesn’t.
That is the entire tech industry. No audits, no repercussions for screw ups.
That’s very good. But what do I know about “Cure53” other than they are saying “Yea, trust them bro”.

Is Cure53 incorruptible? Would there be any blip in the world if they were not and Mull was really an NSA op?

I’m not saying I don’t trust Mull over say, Nord. I am saying the nature of the whole thing is non-falsifiable with our existing technologies. We can only determine who was lying by looking back after an incident, and most are kept secret.

So far their track record seems good enough. I mean if you have NSA on your threat model you'll have to take this into account... But most don't.
audits are only valid for that one instant in time when it was performed. anything could have changed after the fact.
You could say the same about all auditing. A restaurant could have changed its food hygiene standards since it was audited. But a company with a history of periodic and successful audits is certainly a good trust marker for me.
Restaurants routinely can't uphold their standards and often get wildly different results on every inspection. But yes I do say the same about all audits.
Why do the other popular VPNs not have any integrity left?
A lot of them have been gobbled up by Kape or otherwise proven to keep logs/data when they claim they don't https://restoreprivacy.com/kape-technologies-owns-expressvpn...
Oh man I thought Private Internet Access was still one of the independent VPNs. I feel duped. :/
They got bought sometime last year. I was a very happy customer until that announcement.
and then freenode had a hard fork! weird week.
PIA continues to prove in court over and over again that they do not keep traffic logs. The extreme fear mongering over Kape has never been backed up by any evidence other than "they used to do bad things under their previous management." As I always say in these threads, all the people who shill Mullvad over everything probably just use them for web-browsing or adjacent activities, and not anything that requires a specialty product like p2p or bypassing national firewalls.
>all the people who shill Mullvad over everything probably just use them for web-browsing or adjacent activities, and not anything that requires a specialty product like p2p or bypassing national firewalls.

On the contrary. Mullvad gives you more flexibility than PIA in that regard and doesn't limit you to whatever features are built into the client like PIA does. You can build tunnels to whatever endpoint in whichever country you want. You can associate multiple ports to your tunnel or separate tunnels for inbound connections. It's very convenient if you want a P2P tunnel where you can get a wireguard interface on the client and then configure your P2P application to only use that tunnel so that there's no chance of leaks (Up to you if you want to also configure the P2P service to use DNS over the VPN or just the system resolver if you don't care) and you don't have to tunnel everything over the same VPN. You can have multiple interfaces going to different applications if you wanted. You have the flexibility to configure your client in whatever way you want without having to deal with proprietary endpoints to request a temporary forwarded port for the connection like what PIA makes you use.

I used to use PIA before the owner hired con artist Mark Karpeles as the CTO and jumped ship when that happened. Even though I only picked Mullvad because it was recommended on HN and wasn't PIA, I much prefer it from a technical standpoint. If I knew how much better it was originally I never would have went for the cheaper more popular option of PIA. People shilling Mullvad are probably doing so because it has many technical advantages over traditional VPNs used by more casual customers. Mullvad also supports bridge servers for shadowsocks. I've never had an opportunity to test it but I'd expect Mullvad to be more reliable in China than PIA.

PIA is cheap, and they don't seem to keep traffic logs. That's basically all they have going for them.

Where can I learn more about this p2p thing?
Anecdotally PIA performance seemed to drop around then, port forwarding was frequently broken and Wireguard wasn't making much progress (looks like maybe they've finally rolled it out now)

Maybe things were already bad before Kape but it was around the same time

PIA before the Kape acquisition was owned by parent company London Trust Media. The owner is Andrew Lee, who was best buddies with Mark Karpeles responsible for the MtGox collapse and defrauding all the users of the exchange. Unfortunately the Japanese government let him out of jail and Andrew Lee decided to make his old friend the CTO of the company. Andrew Lee is also the guy behind the shady "sale" of the nonprofit Freenode that caused everyone to jump ship to LiberaChat.

I feel like it's probably more trustworthy under Kape than a CEO and CTO surrounded by a long history of lies, fraud, and general scumbag behavior.

That's two of us. I used NordVPN for years. Not any more.
Seems more like a reaction to inflation.
Protonvpn?
(comment deleted)
That's just mullvad with a different name
I believe that would be Firefox/Mozilla VPN
Yeah you're right, I'm sorry. I got those mixed up.
Your blanket statement isn't true. OVPN for instance has gone to court to protect its data: https://www.ovpn.com/en/blog/ovpn-wins-court-order

They are a very good alternative among others.

Been a customer since they went to court for TPB and I read about their legal fee insurance and the lot. Too bad both are Swedish (I'm Swedish).

But yeah, I'd say Mullvad and OVPN has proven themselves over the years, met a mullvad employee in IRC discussing wireguard when it was still an earlybird, they're a good team.

How about ivpn or perfect privacy?
Perfect-Privacy still has integrity left.

Someone hacked into their Malmoe server a year ago or so, and found that they indeed run everything in RAM disks and aren't logging at all. Happened via the management interface. But please take this information with a grain of salt, as the write up for this exploitation has been vanished from the internet (or I am just unable to find it). *

However, there are still articles about how they've been raided multiple times [1][2][3] in the past, and the police never found any logs.

[1] https://lists.torproject.org/pipermail/tor-talk/2010-August/...

[2] https://torrentfreak.com/police-seize-two-perfect-privacy-vp...

[3] https://www.ip-insider.de/hausdurchsuchung-bei-erfurter-vpn-...

* Also, I believe that this kind of pwnage could've happened to every VPN provider. Always use VPN chains with multiple locations and always keep in mind that your VPN could have been compromised. Don't just rely on a single hoster which just shifts the liability from your ISP to another single point of failure. But this is probably still better than LE just having to call comcast. :)

Edit: ovpn.to is probably worth taking a look too. I remember that the admin grows cannabis in his basement (still illegal in Germany) and provides all users with access to warez via Usenet NNTP. Do with that info what you want.

> Someone hacked into their Malmoe server a year ago or so, and found that they indeed run everything in RAM disks and aren't logging at all

Hypothetically, without breaking into the network control plane, the hacker could have completely missed the existence of port mirror to a second read-only system that does logging for lawful intercepts.

AirVPN seems to be quite good, and ethical.
I've been using AirVPN for many years now and is has always been reliable and fast for me. Recently they introduced Wireguard support.
Reliable and fast has nothing to do with integrity and anyone can build such a service.
Of all their features, I love that they have an Android TV app so I can watch F1TV on my couch. They're worth more than the 5 euros I give them per month.
Aren't OTT streaming services notorious for blocking VPN IP ranges? How is Mullvad getting around those? Surely, they don't buy / lease / steal residential IP addresses [0]?

[0] https://news.ycombinator.com/item?id=9614993

Probably Mullvad is still unknown to most. They're not the one doing the sponsorships on YouTube.
OH MY GOD. I've had to stop watching F1 in Australia because the only app that has licensing is like $27.50 a month and I don't love it that much.

This is a fantastic idea! Thanks mate!

Be aware: I share an account with someone in a country with F1TV.

If you register from abroad and use your credit card, they'll see you're from AU, block your account and you'll have to contact customer services for a refund.

Exclusivity deals are a cancer.

Best bet is to pay via App Store subscriptions instead of a credit card. It obscures the country so you are free to use a VPN without worrying about being banned.
I tried the Android TV App to watch HBO max though (in a different country vs the subscription's host country) and the HBO app did not even load (not even the splash screen). I had no such problems with some other VPN providers (although to be frank some other VPN providers fail in a different way).
Interestingly I tried to watch HBO Max (from a different country) using Mullvad but it failed me. While some other VPN providers succeeded. So it seems it's kind of a hit and miss what works.
You can also easily pay with better anonymity with the Strike app, https://strike.me, which abstracts bitcoin mainnet and lightning network payments behind USD, so you don't have to worry about actually holding bitcoin or managing tax implications. You just use bitcoin as a globally agnostic payment rail, masked with your local fiat, so the price volatility doesn't affect you.

Mullvad even gives you a 10% discount for bitcoin, bitcoin cash, and monero payments.

I am a bit disappointed that they haven't yet integrated bitcoin lightning network. That would be a huge improvement for reduced transaction fees given the low value of transactions they deal with, as well as instant confirmation rather than 6 block (~1 hour) confirmations. You could even theoretically stream nanopayments for each minute of use with lightning, rather than pay for a whole month.

"Global payments for the internet"

I was intrigued...

Then

"currently the Strike app is only available in the United States*, El Salvador, and Argentina"

I also dismiss a project when it's still nascent. /s

Also, "Global payments for the internet" is really referring to bitcoin, not strike.

Strike isn't doing the magic here. It's just one of many possible APIs that can be built on top of bitcoin and the bitcoin lightning network. If you integrate with Strike with your company, anyone else on the planet with any other kind of bitcoin wallet can pay you.

Okay, however I have yet to see any crypto project that even comes close to solving borderless money transfers, although a lot of them claim to.

This is unfortunate as that market is ripe for disruption

I just paid using Bitcoin Cash (BCH), low fees and simple to integrate ;)
Cool story.

Doesn't scale.

Layer up.

Bitcoin Cash does currently scale up to Paypal's daily number of transactions while keeping transaction fees below $0.01. [0]

Scalability tests are underway [1] to detect bottlenecks for increasing the block size further, which should take it closer to Visa's transaction capacity.

The scalability roadmap aims for eventually supporting 50 daily transactions for each human in the planet, again keeping fees low, which is key for Bitcoin to be used as cash. Check out [2] if you want to read about the technical feasibility of this (even with today's hardware, it will be even easier in the future).

I understand the skepticism about the ability to scale Bitcoin after the Bitcoin Core team has been pushing for years for keeping block sizes low, but please let's consider facts rationally and maintain a civil discussion.

[0] https://news.bitcoin.com/bitcoin-cash-stress-test-goes-beyon...

[1] https://bitcoincashresearch.org/t/assessing-the-scaling-perf...

[2] https://blog.vermorel.com/journal/2017/12/17/terabyte-blocks...

> Bitcoin Cash does currently scale up to Paypal's daily number of transactions while keeping transaction fees below $0.01.

On this here website there was a talk a couple months ago that led me to believe that paying $150 worth of bitcoin costs ... $150 if you want it done at credit card speed. Have things changed?

Without any other information I must suppose you are talking about Bitcoin (BTC), which has limited scalability and therefore high transaction fees when there is high demand. Bitcoin Cash BCH has low fees, below $0.01 as I mentioned.

You can see a graph of historic average transaction fees at https://bitinfocharts.com/comparison/transactionfees-btc-bch...

Credit cards take days to complete the transaction. Much like BTC, there are near-instant checks to make sure the desired transaction _will eventually and most likely_ be valid.
But that's not the user experience.
The UX of BCH beats BTC and ETH by very far.
Careful! I used BTC and the processing time was absurdly long.
What is "absurdly long" mean here? They say it can take up to 30 min, I didn't time it but I reupped for 1 year twice and it was right at or under 30min both times.
It depends on current network conditions.

If the bitcoin network is currently congested, your transaction can potentially take hours before it's included in a block. Mullvad would wait at least until this point.

From my comment...

> I am a bit disappointed that they haven't yet integrated bitcoin lightning network. That would be a huge improvement ... as well as instant confirmation rather than 6 block (~1 hour) confirmations.

This is a known problem with blockchains and why naive projects like bitcoin cash that try to just pump up the layer one transaction volume for everyday merchant payments are doomed solutions.

The bitcoin lightning network payment experience is instant and magical, and constantly getting better.

You can literally just mail them cash if you want absolute anonymity.
Even with that though you'd still have to worry about them identifying you by your IP address. Are there any other VPN providers which support anonymous payments? It occurs to me that you could get some pretty decent anonymity by stringing two or three independent VPNs together, Tor-style, while avoiding many of the performance issues associated with Tor.
> I love that everything is anonymous (down to the account credentials just being a randomly generated token).

How did you pay?

I wish their scratch cards were available in Australia. Sounds easier than shipping money halfway across the word. I would just pay by card, threat level is not high enough to worry about that but their scratch card is a great idea. Must not be a popular enough option though, even a google search doesn't give you much information on them.
That's amazing. When so many companies go in the opposite direction, it's incredibly refreshing to see a company make strides toward reducing their customer's identifiable data footprint.
FYI they take monero, the most private cryptocurrency.
That's a pretty sweeping statement to make with no evidence.
Monero has the largest anonymity set of any cryptocurrency, so the statement is true.
It's not just about the anonymity set, there are more factors than that. That said, I concur with the conclusion.
there is irrefutable evidence that they take monero
And we both know that wasn't the point of issue here - "the most private cryptocurrency" was
Tor -> buy mullvad for xmr -> use it for clearnet ip after Tor Best for privacy, best for abuse. Arent there any problems like captchas everywhere because the ip was overused? Or CP distribution lawsuits towards mullvad?
For customers who don't go to great length to protect their own privacy when paying (i.e., all subscribers, I assume) Mullvad should persuade them to replace their subscription with the "bill pay" feature of most checking accounts -- maybe even offer tutorials for common banks. I'm not an expert in the implications of a subpoena and if banks get involved, but it seems like it would at least be a way to keep the revenue stream nearly as healthy (recurring automatically) while also meeting their goal of not maintaining subscription data.
Banking is highly national. It does not even work very uniformily in SEPA (Single European Payment Area). Of course there are mandatory SEPA features that every bank in every country must support. But there are other national features which are used in some countries by practically all businesses basically making everything incompatible again.

And of course there are many countries completely outside of SEPA.

I'm in the US and I'm not familiar with banking elsewhere, but the "bill pay" feature I'm talking about will try some electronic system first, and if the recipient doesn't support it, the bank simply mails a check. The recipient could be as small/offline as any person at a residential address. I assume writing a check and mailing it is a fairly typical thing everywhere, and having the bank do this on a repeating schedule doesn't seem like a huge hurdle, but I could be wrong.
> I assume writing a check and mailing it is a fairly typical thing everywhere

It absolutely is not. The only time I've seen a check was a gift from my grandfather in the 00s, and I don't think paying bills by mailing checks was ever a thing here.

Checks also often become very difficult and expensive to cash when going cross-border. E.g. most banks here (Finland) refuse to cash foreign checks altogether.

So if you wanted to give money to another individual (not a company which offers card payments) and you didn't want to use the internet, is cash the only option?
You call your bank, or go into a branch, and transfer it to their bank account.
You fill-in in a bank transfer form and mail it to your bank (if you don't carry it in person to a branch office). The money gets transferred from the account of the receiver to the account of the recipient within a day. That's a standardized service every bank has to offer in the SEPA area and the price must be same regardless where the recipient's account is. No difference whether business or individual on either end. You need to know the recipient's account number (IBAN). Of course banks prefer that customers use the internet to initiate such transfer, but other methods exist (often at a higher price).
Frankly, this sounds like a long-winded way of saying "you write a check," with a technical difference being that the transaction is a push from the sender rather than a pull from the recipient. If this form has an option for recurring on a (e.g.) monthly basis, then it's what Mullvad could suggest subscribers switch to, if both parties have a SEPA presence.
Yes, monthly SEPA payments (with a static amount and static reference/message) are a commonly used service at least in Finland, for e.g. paying rent between private individuals, and it works as-is with Mullvad wire transfers.
It is my understanding that checks are pretty much only used regularly in the US at this point. Elsewhere, they are reserved only for special cases outside the norm.
My only concern with Mullvad is that, as their profile and reputation increase, they become a bigger target. That’s mostly a vote of confidence, though the concern is a real one.
Perhaps a Swede can chime in, but I'd imagine Sweden has a lax regulatory approach, e.g. compare the fates of PRQ and Megaupload. It's, admittedly inexplicably, concerning that we've driven people to foreign companies (from American ones) due to government surveillance. It begs the question: under what conditions would a consumer be fine ceding privacy? Transparency? Remuneration?
Not really. See the trial against the founders of The Pirate Bay for example, and the controversies surrounding it. Also, the FRA surveillance. Also, according to the ISP Bahnhof, the police at least used to submit lots of data requests without a court order and for non-serious crimes.

AIUI, Bahnhof and other VPN providers stay in the clear by avoiding storage of data in the first place. They can be compelled to hand over any data they have, but not to log any additional data. (ISPs etc are forced to log more data IIRC.)

At least there's nothing like the Australian laws for forcing and gagging developers.

Could you elaborate on the Australian laws?
As an Australian, I may or may not be able to discuss said laws.

This should or should not tell you enough...

There are two major pieces of legislation [1][2] that have been enacted in the last few years that have eliminated any expectation of privacy and security in Australia.

The AABill introduced warrants that can be handed down without judicial oversight that compel the recipient (individual or institution) to grant (or, critically, develop the means to grant) read access to any system to the government; while simultaneously acting as a gag order preventing disclosure of the warrant's existence. Violating this gag order would incur jail time.

The IDBill introduced warrants that allow the government to "disrupt data by modifying, adding, copying or deleting data in order to frustrate the commission of serious offences online" and further allows them to impersonate the online profiles of a person deemed significant to a criminal investigation.

Both of these bills were rushed through parliament with minimal opportunity for public comment. Where public comment (from the legal, tech, and human rights arenas) was made, it was universally negative. We have just ousted the government that drove these bills, but the new government (supposedly considerably more left leaning) supported both these bills with minimal opposition and has made no public plans to repeal or amend this legislation.

A previous Prime Minister once said (not in regards to these particular laws): “The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia.”

[1] Assistance and Access Bill (2018): https://www.aph.gov.au/Parliamentary_Business/Bills_Legislat...

[2] Identify and Disrupt Bill (2021): https://www.aph.gov.au/Parliamentary_Business/Bills_Legislat...

> At least there's nothing like the Australian laws for forcing and gagging developers.

Actually I'm not so sure that's true. I'm pretty sure similar gag orders have been mentioned in episodes of P1's Gräns. Might want to double check that...

If I'll ever use a VPN I will check out mullvad, this kind of attitude is almost non existent now
Been using Mullvad for a year, give or take, and I'm very happy. Zero care to find another VPN provider. Simple, fast, and anonymous sign-up. The apps function perfectly. Never experienced a bug in the Android or Linux apps. And the Wireguard profiles work perfectly. Connections are fast and not throttled (IME). And the UI of the website and apps is minimal and to-the-point.

I hope Mullvad keeps on its current course. It's one of the most respectable companies right now, with a respectable product, and its one of the few I care to pay for on a consistent basis.

The only issue I have is on my phone. Whenever I leave my home wifi, it gets slow as hell and I have to do a reconnect to get to a new server. Usually the reconnect speeds things up a LOT.
Another happy Mullvad customer. Been using them for a couple years now, and couldn't be happier with the ease, speed, and privacy.
I like this a lot even though my primary reason is unexpected subscription renewal. I started a membership site and tried to use every single thing I would want as a customer. One of the things was a reminder that my yearly membership was about to expire, and by doing nothing this would indeed happen. No automatic renewal (but keeping the account in an inactive state). Confident customers can renew for 3 years with a discount, but nothing will automatically renew. Turns out, customers love this attitude and happily renew when it's time.
This is a nice approach. Have you considered giving customers the option to turn on automatic renewal?

There are certain specific things that I would want always to auto renew (like domain names, hosting related stuff etc)

If I ever get round to building a subscription SaaS I might consider “off by default” auto-renewal and leave it to customers to turn it on if want it… though this does add a bit of complexity I guess.

Have considered and have been told many times this is costing me revenue (which I think might be true). But I've never had a customer ask for it. Which is an important signal for me to consider a feature. Online payments are very easy for my target audience (mostly Dutch retail customers) with iDEAL so the benefits of automatic renewal is low.
In some circles that'll count against you if you try to sell the product/company. Investors are interested in recurring revenue and will value it very differently than your loose-relation clients. Not saying it's a thing you should always do, but worth keeping in mind.
Right, if your product is your company, this is the wrong attitude. But if you product is your product, then it's fantastic.
I use Stripe to manage payments for a subscription site with both monthly and annual options. I have renewal reminders turned off, because it seems like overkill for a monthly renewal – no option to only have it on for yearly plans. I worried about issues with yearly renewals, so I set up my own service to send a renewal reminder for yearly subscribers. I would rather have more customers not renew on friendly terms than deal with surprise charges. And I figure it may prompt some to check and update payment methods or spur them back into actively using the service more.
Wonder how this affects MozillaVPN subscriptions.