[hellcow]

You mean the NordVPN that was hacked for god knows how long, knew about it themselves for months, and both deliberately hid that information from their customers and failed to fix the issue in a reasonable timeframe? [0]

With Mozilla you get someone you can hopefully trust (hopefully being the operative word).

[0] https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-ha...

[godelski]

I'm curious about the parent's question, but consider that Mullvad is about $5 on its own anyways. It also already supports international customers and multiple platforms. So I'm not sure why you would buy it through FF and not directly from Mullvad? It just seems like a middleman with no benefits.

[ensignavenger]

I would like to buy it through Mozilla in order to support the Mozilla Foundation, because I want to support their work and help them break their dependency on Google for funding.

[godelski]

I can justify this, but I'm wondering why Mullvad doesn't give them a slightly better deal. It is basically the same deal that you get if you pay with crypto, except you -- the user -- lose all the benefits of that. So why not charge something like $4.50? Or $4? They are bringing bulk to Mullvad. One of them, or both, could eat the cost until the price stabilized. I'm sure at Mozilla's scale they could push Mullvad's operating price down.

But the fact is that this does create more links in the VPN, and thus more security risks. Which isn't a big deal for the 99% of us that are just using them to torrent and prevent Comcast from seeing our data, but there's still a principle thing, which is part of why people are jumping from PIA before the merger has even happened.

[Semaphor]

Mullvad is 5€, slightly more

[godelski]

> Mullvad is __about__ $5

5€ is currently $5.54. I'd call that about $5. It's about the same price as if you paid with crypto too.

[Semaphor]

I just wanted to a) mention the exact price and b) that this might be a reason for some to cut out the middleman.

[LatteLazy]

Again, I'm happy to be corrected, but I thought that affected 1 server out of 1000s? Errors will inevitably happen with any system on that scale. Will Mozilla be more forthcoming or secure? Maybe but surely 1 error per 1000 servers is a manageable known risk vs Mozilla "may be perfect or terrible"?

[commoner]

NordVPN was mainly criticized for how they handled the disclosure. They didn't admit to the server breach until a whistleblower revealed it publicly a year later.

https://www.bloomberg.com/news/articles/2019-10-21/after-twi...

The utility of a VPN is mainly based on trust, and NordVPN's lack of transparency in that incident is a breach of trust.

[arcticfox]

> The breach was done by “exploiting a vulnerability of one of our server providers, which hadn’t been disclosed to us,” according to the company [NordVPN]’s statement.

Laying the blame on an undisclosed vulnerability is pretty ironic of them

[LatteLazy]

Yeah, that's shitty of them...