Technology

I also like that you don't have to give them any private info at all to make an account. You can just send crypto and they'll give you an account code and that's it, you don't even need an email address.

I haven't tried it but apparently you can even mail them cash. You get a payment token and just send cash in an envelope and they'll activate it whenever the money shows up!

It's basically the gold standard, audited and proven. I hear good things about IVPN as well.

Soooooo many captchas. And some websites just pretend to have weird errors which stop the moment I shut off the VPN

It's the same with Nord. I have to pause my VPN any time I want to access Fextralife wikis

Should I be happy about that or not.

I've just come to accept that constant captchas are a fact of life for browsing on a VPN. Cost of doing business. Worth it for the privacy though imo (VPNs in general, I haven't used Mullvad).

People really abused the option. That's why we can't have nice things :/

Yes, but you lose your save game every reboot.

what do you mean?

I am surprised that they don’t provide UUIDv4’s, feels like what they provide is somewhat guessable

What does “without any disks in use” mean?

• If the computer is powered off, moved or confiscated, there is no data to retrieve.
• We get the operational benefits of having fewer breakable parts. Disks are among the components that break often. Therefore, switching away from them makes our infrastructure more reliable.
• The operational tasks of setting up and upgrading package versions on servers become faster and easier.
• Running the system in RAM does not prevent the possibility of logging. It does however minimise the risk of accidentally storing something that can later be retrieved.
  https://mullvad.net/en/blog/2022/1/12/diskless-infrastructure-beta-system-transparency-stboot/

I'm not an expert but I think : The site you visit only sees the VPNs info. Which is how you maintain some anonymity while browsing. However, if your VPN keeps logs, then you can still be tracked, just at a different place. Some say they don't keep logs, and you'd have to trust that.

RAM is considered volatile memory, so each time the server turns off, it loses all data. This is compared to disk (hard drives of whatever type) which retain memory even if the server turns off.

In theory, this ram only server prevents them from keeping logs (like which user went where) since the server wouldn't even have a place to store it.

Edit: lustrums post is more accurate and has info that this doesn't prevent logging per se, but could prevent accidental logging. I.e. they can't hire a forensic computer specialist to parse through operating system logs to try to find info they didn't otherwise log elsewhere.

A normal computer is usually constantly writing little bits and pieces of data to disk. But data on the disk might accidentally remain on the disk even if it's not intended. Then that data could be read later by someone else who is spying on VPN users .

There's also a common assumption that data on disk storage may leave behind remnants even after it's been overwritten. (Magnetic disks may leave behind some magnetic signatures. Flash drives will stop using sectors that are worn out, potentially leaving data there.) And state actors like NSA might have some capability to recover this ghost data if they get a hold of the actual drives.

There's a general understanding that data on RAM is irrevocably destroyed within a short time after the device loses power. So attacks on RAM data have to occur in real time while the data is in use. (There may be some attacks that preserve RAM after power down using low temperatures and liquid nitrogen).

This can be handled a few different ways.

• You can boot from a HDD and then just not ever write data back to it. This would be the most trivial solution, and it's something people do with their Pi's a lot to avoid SD card failure.
• You could network boot, pull the OS from the network at startup. Fun fact, this is how some rockets fly! No onboard persistent storage needed. Everything boots into and runs from ram the whole 10 ish minutes of operation.
• You COULD do a ROM as you suggested, but that's a LOT of ROM. Seems odd to do imho.

Click the first link in the article, in the older post they talk about their stboot bootloader. It does what you suspect, loads the OS image from a different computer which has signed base images.

PIA and Mullvad should have equal speeds because they both have 10gbps servers and wireguard. Both PIA and Mullvad use ram-only servers exclusively. As for search engine captchas, I never get them with Mullvad. The main issue with PIA is that they were bought by a questionable company that previously developed adware. You can read about that here. Personally, I would never use a privacy tool that is owned by an ad company, even if they claim to have changed. I used them up until the acquisition, then switched and have been extremely happy with Mullvad.

Does it make sense that a privacy VPN has 4 tracking scripts and 5 third party cookies on their website? https://themarkup.org/blacklight?url=privateinternetaccess.com&device=mobile&location=us

Mullvad has 0.

https://themarkup.org/blacklight?url=mullvad.net&device=mobile&location=us

You can send Mullvad cash as payment method