Hey guys,
i am using Mullvad and I don’t have problems with it, I even recommend it and I like it.
I have a question concerning the no-log policy. Today I read this on a german site. I translate it:
One of the main criticisms we had in our test was that Mullvad VPN recommends itself as “anonymizing” and pretending not to use log files. But unfortunately that is not the reality. In our test, we were able to demonstrate the use of central databases that are also intended to prevent use on unlimited devices at the same time. In addition, Mullvad saves user log data, which includes the real IP address as well as the VPN IP addresses used and the start and end times. In addition, the amount of data that is transmitted. In practice, this information is sufficient to satisfactorily answer requests from authorities. Therefore, the reports that log files are stored, which indicate the identity of the user, are simply lies.
Source: https://vpntester.org/mullvad/
Do you think that is true/legit ?
Greetings
EDIT:
I have to say that I don’t think that Mullvad needs to safe the IP addresses to prevent unlimited devices at the same time! Thats for me not plausible!
Well this page makes my skeptical of their site as they are recommending VPNs that they have affiliate links to which really does make you wonder what the real reasons they have for recommending them, maybe because they really think they are the best, or maybe it’s because they get paid for everyone they sign up.
They also say this
No own apps or applications, you have to resort to standard clients
Which isn’t true
They also don’t detail what “testing” they did to come to the conclusion that a central DB must be used.
All in all I’m gonna need some solid proof before I take anything on this site seriously.
Realistically this site has zero credibility, is just a VPN affiliate seller and should be ignored
In this area, I think no VPN can be safe. They have to keep track of how many devices you have, so they are keeping that data. Although they have access to that information, they might not log it. We need to trust VPN providers to be telling the truth, there is no other way.
But, one thing I like about Mullvad is that it’s not KYC, so they don’t know any information about you per se from their interface at least. But, from your payment method, they could deduce your information unless you pay via Monero from your own private local wallet.
And they could crawl your traffic as it goes out. All VPNs have this vulnerability. The same is with the Tor network. Mr Robot has a good episode where he controls a Tor node and he reports someone to the police. It’s realistic, because it is possible to happen.
But once a VPN violates your privacy, and it gets leaked out, they will lose all their business. So, usually they won’t do that. But they always could do it if ever they want to kamikaze or they aren’t smart about their decision making.
How could they possibly determine that “Mullvad saves user log data, which includes the real IP address as well as the VPN IP addresses used and the start and end times”?
It is absolutely possible to limit the number of simultaneous connections without keeping such logs. Here’s Mullvad’s description:
Question: How can you limit the maximum number of simultaneous connections if you’re not logging that information?
Answer: Each VPN server reports to a central service. When a customer connects to a VPN server, the server asks the central service to validate the account number, whether or not the account has any remaining time, if the account has reached its allowed number of connections, and so on. Everything is performed in temporary memory only; none of this information is permanently stored to disk.
Of course, like with any VPN provider, it is impossible for the user to know with certainty whether or not logging takes place. But I’d trust Mullvad a lot more than some Russian VPN test site we know nothing about making claims without any evidence. There are tons of shady players in the VPN market, and tons of VPN “test” sites that are anything but independent …
At least Mullvad has independent audits from a company willing to put their name behind them to support Mullvad’s claims.
What do they base these claims on? How do they verify that these logs store this information? Mullvad is transparent about some logs being kept No-logging of user activity policy
I tried a few VPNs and stuck with IVPN.
Thanks for posting your question to /r/PrivacyGuides! Just so you know, we’ve opened a new forum outside of Reddit to ask questions and get advice from our community; as well as to share privacy news and articles, cool software, and suggestions for our website.
Our forum has a very active and knowledgable community who will likely be able to provide you with more detailed and higher quality answers than on any other platform. Consider posting your question there to make sure you find the answers you’re looking for! You can also check if your question has already been answered on our website.
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.
/r/VPN has a comprehensive list of vpns
https://www.reddit.com/r/VPN/comments/m736zt/vpn_comparison_table/
I use private internet access, they have lots of servers, recently audited by a 3rd party, and have been challenged in court where the only thing that had to show was a user logged into the vpn.
Think of it like this… you are a government wanting to hover up internet traffic. Anonymous VPNs suddenly start popping up. Put 2 and 2 together. You can never be sure of a provider.
“Unfortunately, this is not the reality. In our tests we were able to prove the use of central databases that are also supposed to prevent usage on unlimited devices at the same time.”
How were you able to prove this?
“So Mullvad stores log data of the users, which includes the real IP address as well as the used VPN IP addresses and the start and end times.”
Again, assuming you have no access to their servers, how ere you able to prove this?
OP dont search for recommended VPN and best VPNs on google. 99.99% chance is that you will find a page that has some serious SEO and that has every single VPN affiliate links and sponsored content.
Use mullvad/ivpn. They are actually good. Dont trust these sponsored sites and youtubers who say “Nord VPN/Express VPN”
The site says: “Relatively low equipment and rather expensive service in the long run”
But Mullvad is one of the cheapest VPN providers that I know.
With one of the best price-performance ratio.
Thank you.
Yes, Tor traffic analysis is a thing. But this depends on your Threat Model.
Yeah, you should buy the sub with monero and keep opsec-wise everything clean.
In VPNs we (have to) trust 
Especially for the dns over https support that I can use my nextdns with. Love IVPN
The table says that mullvad doesn’t own servers. That is not true.
You are right
There’s far too much nonsense on that site to list every problem, best just to ignore it
Honestly thanks for asking this; it’s good seeing all the weirdo answers.
I wouldn’t know, maybe you can create a post there and that can explain it