![]() ![]() Mullvad flaunts an air of transparency throughout its website and communications, yet the company doesn't issue an annual transparency report or have a warrant canary. Mullvad employs the industry-standard AES 265-bit encryption, which is virtually uncrackable and in line with the encryption used by the top VPN providers. When you want to jump from one server to another using ExpressVPN, for example, you get a pop-up warning that says "your internet traffic may be unsecure during reconnection." That's a much more secure solution than what most other VPNs offer. I was impressed that the kill switch automatically kicked in as I switched between server locations in the app, meaning that my connection was properly protected even as I jumped from server to server. Mullvad's kill switch worked flawlessly during my testing. The built-in kill switch is also enabled by default and cannot be disabled. Exodus similarly found zero trackers and just four permissions, none of which were deemed dangerous. Mullvad says in its cookie policy that its website only uses cookies essential for providing certain services. When I opened Mullvad's website using Brave, the browser identified zero trackers or ads. The servers that Mullvad owns are labeled on its server page, so you can decide if you want to use a Mullvad-owned server or a rented one. Out of Mullvad's current server fleet of 836 servers, 163 are fully owned and maintained by the company, meaning they're out of the control of any outside entity. This will help prevent user data from being stored on Mullvad's servers because there's no disk on which to save it. The company is in the process of transitioning its fleet of servers to a RAM-only diskless infrastructure. Mullvad tells me a new audit is scheduled for this year, but didn't offer a specific ETA on its release date. "Mullvad does not deem it a sensitive leak given the overall access needed to a device, in order to leverage and extract the log files." ![]() "This issue was discussed with Mullvad and there is no meaningful mitigation for this issue because Android OS itself logs this metadata," Cure53 said in its audit report.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |