Hacker News new | ask | show | jobs
by stef25 1740 days ago
Always wondered why people don't just create their own using something like Outline on a DO droplet (bithost) ? How is Mullvad better?

I don't understand how we should trust a company we know nothing about other than the text they put on their website which basically means nothing.
4 comments
zucker42 1740 days ago
Using a public VPN anonymizes your traffic if you assume many other people are using the same VPN server. A MITM can easily see you're using the VPN but not easily what websites you're accessing. If the VPN provider is truthful about not keeping logs, it's hard to prove that you visited a particular website and not someone else using the VPN. A DO droplet does not provide the same thing. You can visit a website, the website can store your IP for months or years, then LE can subpoena DO for the person with that IP at a given time. Plus setting up a DO droplet VPN sounds like a PITA.

As for why to trust Mullvad in particular, you can't trust them completely but they list all their employees and their ownership structure publicly, they have a good track record, they have documentation which seems like it's written by people who know about security and their customers' potential threat models, and they don't have a suspiciously large advertising budget.

However, I wouldn't trust any VPN if you have to withstand targeted scrutiny from governments.

link
stef25 1740 days ago
> Using a public VPN anonymizes your traffic if you assume many other people are using the same VPN server

Gotcha

> Plus setting up a DO droplet VPN sounds like a PITA

It's actually very easy using https://getoutline.org/ - can highly recommend it if you need a fixed IP. And you can buy DO droplets with cryptocurrency through Bithost

link
geokon 1740 days ago
If you torrent through a DO droplet they will send you a warning. So your traffic is monitored
link
atmosx 1740 days ago
Because the threat model is different than the one you have in mind. VPN providers for 5$ a month will give you multiple proxies throughout the world. Spinning up 70 droplets in different regions is not a viable cost effective solution.
link
jaywalk 1740 days ago
You can use Mullvad without supplying any personal information (not even an email address) and pay by literally sending them an envelope with cash in it. That's as good as it gets when it comes to preserving privacy.
link
craig131 1740 days ago
They’re probably trying to separate their billing information from public IP address which is the benefit of using a service that is crypto friendly
link