⭐ Starknet Whitelist Registration is now live. 

 ⭐ https://telegra.ph/starknet-10-10 Claim Your free $STRK. 

 Bummer. Been using em for years but it pretty much makes it impossible to operate so I end up shutting it off most of the time. I tried to use their browser as well but it wasn’t compatible with several apps for work. I need to re-up on all things opsec. Recommendations? 

 We will be posting more on VPNs in the future, but keep in mind that this is more of a philosophical argument than saying Mullvad is unsafe.  If anything, my point is that a lot of these VPNs are commodities, routing to the same data centers, with the same protocols.  And not only is Mullvad okay, but all of the ones mentioned are as well.  It’s just branding, and… customer service. 

 Read a lot of your stuff. It’s a steep learning/implementation curve even for someone who has some low level tech chops. Some constructive feedback from my many years of building custom homes. Folks don’t want to know how the house is built. They just want to know what color it  is. I realize the thoroughness lends itself to credibility among the alpha geeks but most can’t afford to spend 40+ hours to deploy everything you’re throwing down. How can someone who like me that spends 60 hrs running a company just hand someone like you a pile of SATs to create a turnkey solution for my level of security/privacy requirements and ensure it’s always ahead of the curve? 

 Sure, we can mail you:
1) DeGoogled phone completely setup, and recommend a carrier depending on your country
2) Linux laptop/desktop, based on your responses to some questions
3) Potentially: A router/firewall flashed with open source software

And then get on a call with you for an hour and show you how to use it.  The goal is to make the learning curve really easy, and if you ever have a problem, we’re just a text/call away.  If you’re interested reach out.  Nostr DMs, Session, SimpleX, Signal 

 Stellar. Will do 

 Gosh… 

 I was about to switch from Nord to Mullvad.... 

 nostr:nevent1qqs2cjgagytl9lu5l5f8azp65rppjnxfnxlfna93erl5ksxqgk66fdcpvemhxue69uhkv6tvw3jhytnwdaehgu3wwa5kuef0dec82c33v4jxgwtvwqurg73cdf6hxut4dfa8yetrwd6ku6npxfuxxutddfkrqctydfjx5dne8p6kz6mpdgunxvn9dfckzu3cde6ng0mzwfhkzerrv9ehg0t5wf6k2q3qf6ugxyxkknket3kkdgu4k0fu74vmshawermkj8d06sz6jts9t4ksxpqqqqqqzm9ymw9 

 but in terms of communication, i dont trust email at all.
simplex messenger for the win 

 Are there any issues when paying for Mullvad through the App Store? And do you recommend proton as an alternative? 

 Obviously cryptocurrency is better than credit cards, but if that’s the only way to load it on your iPhone, than it’s FAR better than nothing.  Don’t let perfect be the enemy of good my friend.  This post was more philosophical.
 

 @ODELL Be aware 

  @Mullvad VPN? 

 Not making excuses for them but let's be honest here. Mullvad or any commercial VPN provider was never and never will be a solution if your adversary is the US gov. Any VPN provider that says otherwise is a honeypot. 

 I'm sorry but this is really a nothing burger, a pure nitpick.
Who gives a fuck where they host their customer support emails?
You can spin up new mullvad accounts with 0 friction. Even if you doxx your account in an email, you can create another one.

I don't know any service who "self hosts" email for customer support. That's probably a terrible idea since self-hosted email often gets flagged as spam and that's the last thing you want for customer support.

Your note makes it seem like this is some dealbrealer and that "they don't give a shit about your privacy".

I don't think you have bad intentions but you're letting the perfect be the enemy of good and the result is that people who read that will just be discouraged and not improve their setup.

I think we should be vocal about things that matter. A customer support MX record pointing at gmail is not it. 

 I disagree.  Communication is a core principle of privacy.  And it’s not just Mullvad.  My point is that so few companies actually care to not use Google, to the point that it is completely involuntary.  They could have used one of the other providers such as even Proton that isn’t spam.  

And your point that they can’t have emails in their own domain because it’s spam, is exactly the centralization of the internet that I’m talking about.  Because literally everyone… not even you, a privacy “influencer” cares enough.  

Go ahead, bow down and obey Google overseeing all activity on earth.  But I don’t accept that 

 Email is already centralized and captured regardless of what provider you choose. It's a shitty protocol, terrible for privacy.

They provide email support to meet people (normies) where they are.

People who really care about anonimity:
1. Should be using Tor instead of a VPN
2. Should not be contacting customer support in the first place. I didn't even know they had customer support 🤣

You have to think about the impact of the things you are bashing. The internet does not get more centralized because they are using gmail.

You could shittalk so many companies that have terrible privacy practices but instead took that time to write a lenthy rant for something this meaningless...
  

 I think you're both right. They should probably avoid google AND it probably matters less by comparison than, say, not using a VPN at all. 

What would kill two birds with one stone is having a customer support option like SimpleX so we don't have to use email in the first place. That would keep anyone, including Mullvad tech support, from knowing who you are. 

 Yeah I agree with this.  My issue is a philosophical one, not a genuine privacy risk to the anonymous Tor guru w/ a SimpleX 

 Of course I agree with you that email is not private and awful.  Of course I agree Tor is more anonymous than a VPN..

THAT’S NOT WHAT WE ARE DEBATING.

I disagree with you that I have to accept things for the way they are.  I disagree that have to get down on my knees and obey.  It turns it into a completely involuntary interaction with Google.  This is Mullvad’s only form of contact.  And change has to start SOMEWHERE.  SOMEONE has to crack, and I pick the one who claims to be for privacy.  If we can’t get Mullvad to change, then nobody.

I agree with you that many other companies have worse privacy policies, what I’m saying is that Mullvad can be converted.  They can be changed.  Of course companies using Gmail makes the internet more centralized, how can you even debate this point?  Again, you’re saying, submit and accept the empire.  I don’t submit.  I’m not obeying. 

 Your OP was clickbaity and sensationalized.
It's ok to want Mullvad to move away from gmail for ideological reasons but that was not your tone.
You claimed that because of that "they don't give a shit about user privacy". You thus implied it affected user privacy when that's clearly not true.
Yes a user can doxx all his PII in a customer support email and then reuse the same mullvad account, but at that point, that's more of an L to him than to mullvad. Personal responsibility is irreplaceable. 

 Yes you’re correct that the burden of responsibility falls on the individual for anything in life.  But Mullvad is misrepresenting themselves here.  If they really cared, they wouldn’t do this.  My tone is to purposefully create negative consequences for the use of Big Tech, to force them to change.  As if I worded it in a “wouldn’t it be nice” way, then I would be ignored.   

 People who use Mullvad are not "normies"..normies use Chrome or Edge. 

 People who use mullvad don't usually need customer support either. 

 Who pays for VPN to use it on daily basis? Idiots who don't trust ISP but trust unconditionally VPN provider who knows everything about their traffic.

There is Tor, not great but much better when it comes to privacy.  FOR FREE. 

 The VPN provider knows everything about your traffic except... KYC and PII which is kind of the most important thing.

Using a VPN is like using a no-kyc ISP + you get the added anonimity set of sharing an IP with other users.

A VPN is not the ultimate solution but it's just basic protection. Without is, it's kind of like getting fucked on the internet without a condom. 

 VPN privider knows you very well even if you pay with cash by mail.

They know your connection-patterns on daily basis.

You can always use Orbot Full VPN mode. 

 Using a VPN is not supposed to protect you from the VPN provider.
It's just strictly better than just using your ISP.

No one is arguing that tor isn't superior privacy wise. Why not route everything through tor? Because many types of internet usage are unusable and unviable through tor. 

 Which sites? Some banks?
Maybe use clear (ISP) connection to browse them? 

 It shows much more... Attitude

 

 better options? 

 For clearnet -Tor - it's for free  - full vpn mode (Orbot)

I2p - deepweb

Do not pay for VPN!
Do not use free VPNs like Proton 

 "If you check the servers, they use many of the same 3rd party providers. Mullvad, IVPN, and TorGuard all use M247 for New York and Los Angeles. So if you connected to LA Mullvad, then switch to LA IVPN, thinking you’re getting a “new identity” you’re not. It’s NSA passive surveillance on the size of data packets going in and out of places like M247 that reveal you, and NOT Mullvad backstabbing you."

Wouldn't this actually be positive in terms of privacy by hiding in a larger dataset? While just mullvad traffic can be small for a specific server, if its mixed with IVPN etc. users, that's a larger dataset on the network layer. I would still rather they own their own servers but short of that, it's probably better they use the same provider. 

 Also it's easy to talk shit for using Gmail but they probably don't have much of a choice when half their customers will also use Gmail anyways and their self hosted emails will fall in their spam. Otherwise it's trivial to use a different provider and not much harder to self host.  

 I disagree with this view.  It’s actually very easy to self-host.  Email us at support [at] our domain .com

With a server like Mullvad’s, they can basically host for free in a docker container.  And the spam issue is easy to solve with proper DNS entries which can be learned in a day, then tested using spam testing websites. 

 If you think dealing with spam flaging issues with self-hosted email is "easy to solve with propper DNS config", then you've either never actually tried or sent that much email from it. 

 We do regular email VPS setups for customers.  Mail in a Box, iRedMail, aaPanel.  My friend, if you need help solving any spam issues, I can advise you or other members of the team.  Discount or free because I like you.  Reach out 

 My point was that many of these VPNs are a commodity, routing to the same data center, with the same protocols.  It’s mostly just branding that differentiates them, and…. Customer service.  Which if it’s via Gmail, isn’t worth much.

Regarding your point.  Yes in theory having more people go to the same data center increases anonymity.  But at the expense of heavier scrutiny that’s easier to implement, and having the users banned because it’s a known VPN center.  For example if you go to make a bitcointalk forum account from any VPN with M247, you’re in for some “evil tax” payments.  And they are nice and let you pay, most don’t. 

 I'd say it's more than branding with mullvad. Their actual onboarding is made completely frictionless and unidentifiable. They could run all of the same branding and still have a email login and no one would disqualify them for it, yet they go out of their way to not collect emails and also have crypto payments as an option to bypass the payment rails.

The way I see it, fundamentally the differentiator between vpns is mainly trust that they won't compromise your data, and I haven't seen any that I believe more than mullvad though I am open to suggestions. It also helps that it just works flawlessly as well. I can set it to cycle between various US locations and it's genuinely a better experience than not having a VPN on even while switching servers all the time.  

 I wish companies could use XMPP (if not Session) for customer support.  

 Always been using proton vpn, would recommend. 

 🤣🤣🤣
Proton takes money from official EU entities.

There is no such thing like free dinner. 

 If you never interface with their support, do you still have a problem?

The rest of their infrastructure and practices could be solid, just their support system is poor for privacy. Just don't contact them. Just because part of their stack is weak, doesn't mean the whole thing is, especially if you never have to interact with it. 

If you are still worried, purchase vouchers and that will contain any data for the account to 6 months at the shortest and 1 year at the longest cycle. Every new redeemed voucher starts a brand new 6-12 month account cycle before you dump it for a new one. 

 I have no problem with Mullvad under the conditions you just said.  This was more of a philosophical argument. 

 The point is that they don't give a f. about privacy.
Privacy is a business model.

VPN market in 2022 was valued for over $40 000 000 000.
 

 So don’t give out your account info or make a new one for zero cost…. 

 Well done, and thanks.  

 If a person has never contacted them on their support that means privacy of that person is indeed protected, am i right? 

 I agree they ahould switxh from gmail, but i still feel proton is sus for being featured by WEF 

 Can you elaborate this? What do you mean? 

 Proton, the company, is featured on the World Economic Forum website

https://www.weforum.org/organizations/proton/

Proton says they have nothing to do with that, but I don't buy that one bit 

 Solid detailed breakdown .. thanks. What was Mullvad’s response when you pointed this out? 

 Good job. 
Hypocrisy must be revealed!
VPN market in 2022 - over $40 billions.

Money, money, money 

 Holy fuck.  

 Did not know that, thanks for the info! Which VPN do you recommend? 

 Kek and even if one does use pgp for comms with Mullvad, doesn't seem likely you can trust 'em not to leak their own private key and therefore render "seekrit" comms pointless. 

 -Self hosting email is hell of a challange for individuals. What would vps hosting make difference?
-Are VPSs safe? Privacy oriented? If a goverment siezes physical server hardware would we have a chance?
-I've been emailing with people for more than 25 years and I have never seen a person who uses pgp encryption. This doesn't mean Gmail is safe and private.
-Everyone used Gmail. I had my doubts and I've switched to Tuta. You will also find inconsistencies in Tuta or Tuta like email services. If Bundesamt für Verfassungsschutz raids Tuta data center, will they hide the servers or bury them? No, they will just handover the stuff.
-Mullvad's situation has no excuses. They are a "privacy" company and they should use their own maling solution against possible unlawful interference. Are they evil? I don't know.
-Most important thing: Do you have an alternative proposition? If yes, please enlighten us.
-We need a fully encrypted, nostr (or sthg similar) based, decentralised, email alternative. (Simplex??)
 

 @Ashdraked 

 😳 

 maybe its not too late for people to care! 😊 

 Wowww.. and on Twitter/X, they proudly say otherwise while posting their NY subway ads. Scary to go through the posts under their that and see misinformed ppl & users. 🤔 

 Talk to them...

"We currently use Gmail for our email that's correct.

We always recommend users using pgp as basically any other form of emailing shouldn't be considered safe.
We are working on our own self-hosted email platform utilizing our STBOOT ( https://mullvad.net/en/blog/tag/system-transparency ).
It's currently in internal testing and being audited, so hopefully it should be finalized and released this year."

 

 In fact **they never ask for account number** by mail so your assumption that they can remote login  is false. Plus just  don't e-mail them - or use PGP-. This is a low key issue with shouldn't prevent people switching from other VPN or using a VPN at all.