i have used mullvad with my usb150.
it did work very well.
keep in mind the fatal flaw with mullvad, in my opiion.
when you join, they give you an account number.
to accees your account for billling and generating wireguard keys and so on,
you goto their website, type in that account number to access your account.
but there is no password login at all. repeat, no password is required to login,
so that means, if anyone can just type a random account number, if that account exists, then the person has 100% access to your account
when i emailed them about it they gave me a very lame repsonse.
“If for some reason you suspect someone has guessed your account number we can of course change that for you. This is practically impossible”
of course, i would never know if someone guessed my account, no passsword login or tracking.
This is the correct way of doing things. Having your own remote server gives you full control of all configs and only you has that IP address, not shared with anyone else. I have multiple VPS boxes around the world for this, with different providers and with kill switches.
Basically you have a few scripts set up, and a web server or a custom program to receive the kill signal. Once the page is accessed that will start the kill or the command is received by your program, you basically create a temporary in memory copy of the system and chroot to it (a basic copy with only what you need). You wipe the disks one by one. You can do a simple one pass overwrite, or military grade multipass, as much as you need. Once it’s done, all the data on the drive (preferably an ssd on the VPS) will be securely erased, and you just have to issue a shutdown of the machine. This takes just seconds since VPS systems are usually very fast, and have SSD’s. The smaller SSD the better for speed. A 20gb SSD for example is more than you need to store any VPN server, and will wipe, with multiple passes, in under a minute.
To set up the VPS, you can create a docker container to deploy them quickly with any programs and configs you need:
How advanced you make it after that is up to you. I have seen some kill switches react to multiple bad SSH logins, intrusion detection of common exploits and so on (to notice if your VPS is being targeted). With the docker images its easy to kill the VPS, and deploy a new one. Most VPS providers have API’s to generate new VPS’ on the fly. Here is the DigitalOcean API for example:
Sadly, Firefox does not share the account number or other details about the server, so I can’t set it up manually.
It seems unsafe not having a password, but as long as they have the same protections against brute-force attacks as regular accounts, I don’t see the issue, particularly if the attacker can’t gain anything but a free account, and still can’t access your traffic.
@Johnex’s approach sure is better, but it’s more effort and beyond a normal citizen’s abilities, which makes it hard to recommend to f&f.
The way that keys are generated each time makes it that the only danger is someone using your account, your actual communications will not be compromised.
The benefit is that, unlike other services you don’t really have an account, so mullvad has much less information about you.
The main inconvenience for me is with the openvpn configs, you have no idea that someone is using your account - unlike with wireguard where they would need to generate a config and you will see the key in your account page.
The solution to this is to just generate a new account number from time to time.
Overall, it is a much cleverer solution than the traditional account with payment details and linked email addresses.
If you don’t understand all this then I can understand that you might find it disturbing.
Yes. Some people might forget, register their VPN using a common email they use in other services and boom, now you are being tracked. A random user id, where the only link is the payment (that can be bitcoin or a prepaid visa card) is much more secure. And yes, just check the account every now and then to make sure it has not been accessed by someone else. With wireguard it’s not an issue as you can only have 1 config linked per device, if someone links your config, wireguard will instantly not work and you will know what happened.
i guess what i find distrutbing is that mullvad is an excellent service at a very good price.
given that moziila choose them, i guess i am being over paranoid
in my testing, there is no way to know if someone else has accessed or is using my account.
the idea of not adding a password to protect an account is just stupid lazy.
how can a company run a secuity service when the front door can be opened without a key.
sure the door is not easy to open.
the fact that mullvad choose not to do that makes me think their mind set if not focused on security as much as they claim to be.
that perhaps in other ways, they are, behind the scenes, making other shortcuts.
I think that you’re still missing the point. With mullvad you don’t really have an “account” per se - your account number is actually more like a password… It doesn’t need to be kept quite as secret as a regular password though because their infrastructure is built in a way that the account number only gives you access to the service and not to any other parts of your “account” (because there is nothing to your actual “account” - no information - nothing).
In your own “account”, each wireguard key is treated like a unique user so even your own connections are very much segregated from each other.
At worst, someone could use your account for free to access mullvad service if they find your account number. As nothing is logged, the only thing that will affect you is your devices limit is reduced the time that you keep the account open.
All you have to do is just make a new account the next month.
One real benefit is that mullvad is a great VPN to share with friends and family because of how segregated the connections are. I would not want to share an account with my email registered to it and with a user name and password.
I think it’s such a brilliant way of doing things I wish that more services cottoned on.
of course, i missed the point, i always do, at first.
my paranoia closes my mind to the logic of it.
that somehow a service can be so secure, that no password is needed.
that the door does not need a lock, that someone can open the door, i would not know and i would not really care in the short term.
and i would not have to wait to the end of month, tho i guess i would not care too much if someone did you my account for a short period of time and i guess i would not realize someone was using my account, as no logging.
i pay per month, bitcoin via paper wallet from a bitcoin kiosk.
that koisk sends a code as a sms message, and i have to type that code for the kiosk to send the money to the paper wallet. so i use https://www.receivesms.co/ for that.
i was really confused as to why mozilla, which could have chosen any vpn provider to work with, chose mullvad
Well you need to think of it as a room with a door, that anyone can open. People go by it every day, some people open it, and there is nothing inside. You only see what is inside, if you know what you are looking for.
On the other hand, if you have a titanium door, with a lot of locks on it. People will understand there is something of importance there, and you will attract unwanted attention even.
You can read about honeypots and how they are used.
In the sense of Mullvad, as @modumb already mentioned, there is also the usual protections against bruteforce and rate limiting, as well as detection.The account number is also long enough to take a long time to crack on its own, and with the protections, almost impossible, so nothing really to worry about. If you check your account every now and then, you will see if a new wireguard config was generated, and as covered before, they are isolated from each other and can’t be used at the same time, so no data leaking that way. For the paranoid, you can request a new account number whenever you like. You can see their information about protection here:
is there a way to run the cli on my router?
if yes, and i generate a new key pair, how will my router react?
i think that this is the file that has the keys in it, correct?
if so, at mullvad.net, i could generate new keys and do a search and replace in this file, correct?
i think that i would only need to search and replace the private key, correct?
and which of these two files would i edit?