I understand that there will be no ip logs or anything to be turned over. If the court approves, is it then possible for Mullvad VPN to be mandated to set up a live connection sniffer, allowing them to capture the user’s IP address upon reconnection? This aspect seems rarely discussed. I’m curious about the legal and technical nuances involved in this scenario.
so far, mullvad has shown it is secure, and, has had warrants show, they have zero logs, nothing to give, hopefully it stays that way
In Finland there is right now going on the biggest hacker case and he used Mullvad VPN and the law enforcement didn’t get any info about the user. Only info that they got was that he was using Mullvads IP’s but the real user stayed hidden.
I think Mullvad is probably as secure as you’re able to find. Nor do I think in any way, shape, or form they can or will be mandated to utilize some sort of connection sniffer. However, if some government agency is really looking over your shoulder in particular, and out to investigate you, I’d say the safest conclusion is that they can and will likely find a way to learn who you are and what you’re doing. No system is perfect, and you must assume any company faced with substantial problems over an issue like this will eventually bend. I don’t expect any company to face going under over my 5 bucks a month. After all, Mullvad did see the possibility of significant concerns and then ended port forwarding. *Lesson learned 
mullvad is trustworthy.
check out airvpn if you need the same but with port fucking.
sweden = UE , so police can go the datacenter , and record the connexion live , and register the real ip of the user
Even if Mullvad keeps no log, the data centre hosting their servers or their ISPs are not under any such restriction and they may have to keep log depending on the law of country. If a server is only used by a few users, they can get those logs and run traffic correlations to trace back the actual IP. Choosing a server which is likely busy makes their job a bit difficult. It all depends how willing they are to go after someone.
It’s about as secure as a von can get but nothing is full proof. If said person is doing things against the law they can and will find you.
I’m sure you’re asking for a friend
Would be cool if they could also release transparency reports like some other VPNs do where they list all the data requests they’ve gotten and from which countries. Right now we have no idea how many they receive or how they respond to them, with the exception of the one case where they got raided.
Like OP said, live traffic analysis is a possible way for them to deanonymize users if they wanted to, but they can’t be forced to do it. If they ever did comply with law enforcement and decided to spy on someone it’s not unlikely that we would never find out because sometimes the courts don’t reveal the exact methods used to catch someone in public documents.
The FBI found that out the hard way when they tried to get an order telling Apple to make a custome iOS to install on a locked phone to unlock it without the owner.
That was different than a Wiretap order. Two very, very different kinds of warrants.
Which country would be the “safe-est heaven” to connect to when using mullvad vpn?
I think you’ve also outlined the importance of blending in with traffic by using standard ports. When you use nonstandard ports, you could potentially subject yourself to deanonymization.
Mullvad was raided last year - they went away empty handed. Turning the servers off kills any and all information stored as it’s all in RAM
They can’t find it if it’s not there lol, you also overestimate their competence level.
Then you can’t read. I am very obviously asking for myself and have very good reasons to do so due to heavy censorship on freedom of speech in my country.
It’s not like u have much of a choice anyway. There’s 3 private VPNs that stand out, IVPN, Mullvad, Proton. Of those only Mullvad has fully RAM servers, and only Proton cannot be paid for with Monero (bitcoin is not anonymous to governments). So naturally one would use Proton VPN on the router, IVPN on your host machine, Mullvad in the VM inside the host machine. Now they have to get your IP from Mullvad, but instead of seeing your real IP they will only see IVPN’s IP. Then they have to get your real IP from IVPN, but instead of seeing your real IP they will see Proton’s IP, and finally they have to get through proton to get your real IP. Since proton is the least private thanks to no option to pay with monero, it’s the last defence against your real IP revealed. Of course, i wouldn’t use all those, it’s way too overkill, but if you are an actual criminal or activist that can get 15 years in jail, that’s what i would do. Now they have to get through 3 different providers. What is the chance that all 3 have enough logs to figure out the IP address? Clearly even mullvad itself doesn’t have enough logs, but it never hurts to double and triple safeguard yourself.
non 14 eyes countries, that show disdain for said 14 eye countries, and especially for the 5 eyes
Could you please share the link about the news? Thank you!
Thank you for providing this highly informative video report, which was particularly enlightening for someone with my level of understanding. I believe I gained valuable insights from it. However, I am now curious about the effectiveness of their Tor layer or using tor in general. Despite their mention of the hacker group using Tor at the start, they never addressed the aspect of “cracking” it in the subsequent slides. This raises the question of whether their Tor layer was essentially ineffective or if it was so easily traceable that it wasn’t deemed significant enough to discuss.