We have successfully completed our migration to RAM-only VPN infrastructure - Blog | Mullvad VPN
mullvad.net
Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!

Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!

  • eatham 🇭🇲@aussie.zoneEnglish
    47·
    1 year ago

    Full article:

    We have successfully completed our migration to RAM-only VPN infrastructure

    20 September 2023 NEWS SYSTEM TRANSPARENCY

    Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!

    In early 2022 we announced the beginning of our migration to using diskless infrastructure with our bootloader known as “stboot”. Completing the transition to diskless infrastructure

    Our VPN infrastructure has since been audited with this configuration twice (2023, 2022), and all future audits of our VPN servers will focus solely on RAM-only deployments.

    All of our VPN servers continue to use our custom and extensively slimmed down Linux kernel, where we follow the mainline branch of kernel development. This has allowed us to pull in the latest version so that we can stay up to date with new features and performance improvements, as well as tune and completely remove unnecessary bloat in the kernel.

    The result is that the operating system that we boot, prior to being deployed weighs in at just over 200MB. When servers are rebooted or provisioned for the first time, we can be safe in the knowledge that we get a freshly built kernel, no traces of any log files, and a fully patched OS.

      • PeachMan@lemmy.one
        13·
        1 year ago

        You don’t use Mullvad for their performance, you use them for their insanely paranoid security and privacy practices.

        And for the record, I was never impressed with Surfshark speeds. I dropped them when they bundled a virus scanner into their VPN client, that’s sketchy as hell. I don’t want my VPN provider scanning my files.

        • lud@lemm.ee
          4·
          1 year ago

          Mullvad has excellent performance though. I got nearly gigabit, I, unfortunately, had to switch when they removed port forwarding.

        • TrustingZebra@lemmy.one
          2·
          1 year ago

          Yes I agree Surfshark has done some weird things. I find it weird that it’s actually the same company now as NordVPN, but they don’t make it clear.

          Regarding performance, Surfshark is decent speed but still slower than not using a VPN. The more annoying thing is that I get a lot more captchas when using Surfshark. I think these issues are common for all VPNs, though I haven’t tried Mullvad yet (I will when my Surfshark subscription ends).

      • Onii-Chan@kbin.social
        12·
        1 year ago

        I never had any real issues with speed using Surfshark, the reason I made the switch was largely about trust. As another user said, as soon as I saw Surfshark start their YouTube advertising spree, and start to bloat their client with unnecessary features, I started looking for alternatives.

        I’m iffy about any VPN company that uses YouTuber marketing as it is, and while my threat model isn’t overly paranoid, I believe the VPN company someone chooses to use should have paranoid business practices. After I saw the news on Mullvad’s raid, the authorities subsequently finding nothing, and the fact that a user’s account is merely a string of numbers, I decided it was the VPN for me.

        • TrustingZebra@lemmy.one
          8·
          1 year ago

          Funny thing is I started using Surfshark just before they started all the YouTube sponsorships. Them doing so many sponsorships actually made me trust them less somehow, if that makes sense.

          Mullvad “appears” to be more trustworthy but maybe they are just better at marketing that image. They still cost twice as much as Surfshark.

          • candle_lighter@lemmy.mlEnglish
            9·
            1 year ago

            The best piece of marketing Mullvad ever got was when the Swedish police raided them and Mullvad literally had zero data to turn over to them.

          • LucidNightmare@lemm.ee
            3·
            1 year ago

            Usually when a company throws buckoos of money into advertisements, that’s where the money that could’ve been spent on a better product went. I’ve found products that were advertised so heavily, almost always have dog shit quality.

      • lemmyingly@lemm.ee
        1·
        1 year ago

        Mullvad compared to PIA, Google annoys me less with recaptures. I know it doesn’t answer your question but thought I’d throw my 2 cents in since PIA was quite a popular choice with their YouTube sponsor slots and cheap prices

        • TrustingZebra@lemmy.one
          1·
          1 year ago

          It’s good to hear you get less captchas with Mullvad. At least for me, when using Surfshark + Private Browsing, I am basically guaranteed to get a ton of captchas on any Google searches.

  • 👁️👄👁️@lemm.eeEnglish
    17·
    1 year ago

    Mullvad is such a good company. I just bought another month yesterday, but guess I’ll go and add another year to that!

  • Hubi@feddit.de
    8·
    1 year ago

    Wow, that is very impressive. I’ve been a subscriber for a few years and I couldn’t be happier with their service.

      • Hubi@feddit.de
        61·
        1 year ago

        That didn’t effect me much personally and I could understand their reasoning. Still, it’s understandable that it lead to some frustration among other users.

      • far_university1990@feddit.de
        1·
        1 year ago

        Someone in this thread mentioned that was abused so much that hosting providers cancelled them. So they needed to remove it to be able to continue to operate.

      • Ado@lemmy.ml
        01·
        1 year ago

        I’ve been a subscriber for 5+ years and have zero issue with the loss of port forwarding. I use my devices for everything from gaming to torrenting, and haven’t run into something cause a problem that required me to use port forwarding on mullvad.

        what has been an incredible source of frustration as a user of Mullvad tho is when websites block me or hit me with repeating captchas. I’ve also had a huge uptick of spam coming in from weird domains. Obviously not sure if thats mullvad-related, but sounds like the issue of “individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers”.

        The removal of this feature seems to be a better of two difficult options.

        • lud@lemm.ee
          21·
          1 year ago

          Torrenting works better and faster with port forwarding.

          • Ado@lemmy.ml
            26·
            1 year ago

            dogs need about one ounce of water per pound of body weight per day

  • mnmalst@lemmy.zip
    81·
    1 year ago

    I find the “Mullvad VPN scratch cards” interesting. If a store near you has them you could buy one and be totally anonymous. What I find a bit odd is that you can buy them on amazon as well but sold directly by mullvad. Doesn’t that defeat the purpose? The idea of the card is a decoupling of your real identity from the vpn user but when you buy the card in their store doesn’t it negate that?

    I am probably just missing something here. Does anyone have more insight?

    • Leraje@lemmy.blahaj.zoneOPEnglish
      12·
      1 year ago

      The code on the card is covered so Amazon might know you use Mullvad but they have no way of knowing what your account is.

      Mullvad know your acct but they have no way of knowing how it is you paid other than maybe it being a scratchcard which they don’t track anyway.

      • mnmalst@lemmy.zip
        01·
        1 year ago

        I am not talking about amazon knowing it. Amazon offers shops for businesses, where a business directly sells goods to their customers using amazon as a transaction platform. Those shops send the goods directly to their customers (Sometimes it comes from an amazon warehouse as well tho). If the first case is true, mullvad would send me the card directly, so they would know I bought it, which makes the card obsolete in my view.

        But maybe they don’t send it themself and the cards are all just sitting in a big warehouse. Either way, to me it’s not 100% a given that they couldn’t at least in theory know who bought it.

        I am just playing devils advocate here btw, I am not really concerned about it.

        • imgonnatrythis@lemm.ee
          41·
          1 year ago

          You are buying access to a VPN not a nuclear warhead for the black market. The link between buying a VPN card and the code used in that card to link to said vpn activity which is also pretty well protected on Mullvad is not easily discoverable. Seems like a pretty reasonable privacy gap to me.

        • Leraje@lemmy.blahaj.zoneOPEnglish
          41·
          1 year ago

          If you’re a Mullvad customer then they already know your IP and from that they could identify you pretty easily. But that’s true of all VPN providers, but they claim they don’t log and I seem to recall them saying they don’t keep a record of scratch off card numbers (why would they?). Either way you have to trust them and based on the fact they’re totally open I do.

    • 👁️👄👁️@lemm.eeEnglish
      6·
      1 year ago

      Better yet, they employ a guy you can find in an alley who has a bunch of redemption cards in his trench coat. He takes cash or crack.

    • Simran@lemm.ee
      03·
      1 year ago

      Well the biggest selling point of VPNs is easier piracy not privacy. Most VPN customers just want to protect themselves from anyone watching their downloading habits. Yeah technically there would be a trail but no one is going to follow it to catch someone downloading inception.

    • Leraje@lemmy.blahaj.zoneOPEnglish
      8·
      1 year ago

      Didn’t really have a choice:

      …Regrettably individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers. This has led to law enforcement contacting us, our IPs getting blacklisted, and hosting providers cancelling us.

      Blog post

      Big issue there is hosting providers cancelling them. Can’t operate a business without that.

    • imgonnatrythis@lemm.ee
      4·
      1 year ago

      Agreed. Seems like they were in a super tough spot with that and kind of had to drop it. All the sudden they seem to be doing some new cool stuff to try to keep their edge which I really appreciate / respect. That being said, I’ve dumped them and switched to a service that still port forwards as it gives me better torrenting throughput. Sorry Mullvad.

  • Carlos Solís@communities.azkware.netEnglish
    41·
    1 year ago

    From what I read in the article, there is still one part of the boot sequence that does require some sort of storage: the part where the bootloader fetches the network boot image and verifies it against the checksum signature. But I think that can be performed by booting from a pendrive and then removing it. The problem will come if law enforcement gets a hold of said pendrive…

    • Deconceptualist@lemm.eeEnglish
      13·
      1 year ago

      Why would that be a problem? A boot image should only contain the commands to get the main system started after POST. It shouldn’t contain any kind of logs, traffic data, or user data. In fact it should be read-only.

    • mub@lemmy.ml
      5·
      1 year ago

      Boot Drive could be immutable and not contain any form of log?

    • meseek #2982@lemmy.ca
      2·
      1 year ago

      Destroy the drive. That’s what Apple does and how they get around the whole “we need a backdoor” problem. When no one can access the server, no more problems.

      • Carlos Solís@communities.azkware.net
        0·
        1 year ago

        Something tells me that they have a stack of single-use drives so that each time a server needs to reboot for some reason, they write a boot loader in one from their central headquarters, walk back to the server room, use the device to boot the server, and finally hammer the everliving bejeezus out of the thumb drive juuuuust in case. Hopefully they don’t have to reboot that often!

    • ikidd@lemmy.worldEnglish
      1·
      1 year ago

      PXE boot will TFTP the boot image into RAM and carry on from there. You shouldn’t need any storage on your device.

  • Cookie1990@lemmy.world
    2·
    1 year ago

    Doesnt Matter, if the police wants the data, they come with Auto Batteries and an usp and make User of the multiple Power supplies of modern servers.

    They will carry the whole rack in one piece if they can.

  • AlexisFR@jlai.lu
    2·
    1 year ago

    How does this work? Surely they have backups on some kind of persistent media, right?

    • Leraje@lemmy.blahaj.zoneOPEnglish
      0·
      1 year ago

      I think (disclaimer: not an expert at all) that RAM is much faster to access than a hard drive so if anything it should improve.

  • doublejay1999@lemmy.worldEnglish
    0·
    1 year ago

    Interesting what’s going happening with mullvad. For the best part of 10’years, you hear nothing.

    Does anyone know why they are recently noisy?

    • Leraje@lemmy.blahaj.zoneOPEnglish
      1·
      1 year ago

      Going by rate of blog posts by year they don’t seem any noisier than usual. The opposite if anything. 18 this year and there’s only 3 and a bit months left of the year whereas in 2018 they made 60.

    • PeachMan@lemmy.one
      1·
      1 year ago

      You are incorrect. Look through their blog archive (scroll to the bottom): https://mullvad.net/en/blog/

      They’ve been posting steadily for over a decade, maybe the posts just got more popular this year on whatever sites you browse

  • BaroqueInMind@kbin.social
    12·
    1 year ago

    So now all that needs to happen is a freak solar flare or electrical surge to completely destroy their business?

    • 👁️👄👁️@lemm.eeEnglish
      1·
      1 year ago

      It’d turn the servers off obviously, but that’d be true if it was on disk or not. The source code is stored elsewhere probably on multiple data servers they access with git.

    • viking@infosec.pub
      0·
      1 year ago

      Not at all. Of course their operating system has to be booted from some kind of solid state disk, but all actual operations are carried out in the RAM, meaning that nothing is ever written to the disk. Since the RAM is periodically overwritten and doesn’t hold any data in case of a reboot or power failure, they are de-facto not logging a single thing.

      • 4am@lemm.eeEnglish
        0·
        1 year ago

        I believe the edge devices would use netboot, so they load the kernel and user land into RAM over a network and have no disk in them at all.

        Here’s hoping that image stays clean😉

        • viking@infosec.pub
          1·
          1 year ago

          Right, I mean that the boot image is stored somewhere in a solid state. Whether that’s on a centralized server or locally, no clue. But makes sense to load it remotely, easier to maintain proper versioning that way and ensure cross-compatibility.