> Surprisingly, the exit IP you are given is not randomized each time you connect to the server, but deterministically picked based on your WireGuard key, which rotates every 1 to 30 days (unless you use a third-party client, in which case it never rotates).
I'm a little confused on this... what is stopping third parties from doing key rotations like the main app clients if it is detailed in the repo how to do it?
lorenzohess 12 minutes ago [-]
The purpose of a VPN does not include anonymizing users with respect to the sites they visit,so it shouldn't be too surprising that Mullvad doesn't enforce unique exit IPs. Users who want anonymity should use networks like Tor.
7 minutes ago [-]
linkregister 29 minutes ago [-]
Given that Mullvad is basically a bulletproof VPN host[1], it would be great if site operators could rely on this property to enact bans. Given that the solution is simple (add a pseudorandom seed), Mullvad will likely push out a fix within a couple days.
1. It's the preferred VPN of TeamPCP.
JoheyDev888 29 minutes ago [-]
Deterministic exit IPs let any site build a persistent profile across sessions. You're not eliminating tracking, just shifting who does it. Bad trade for a privacy VPN.
GalaxyNova 21 minutes ago [-]
Doesn't matter much as long as it is a pseudonymous identity
stingraycharles 13 minutes ago [-]
It’s also not that difficult to fix, so I expect a fix to roll out soon enough.
gruez 41 minutes ago [-]
>Surprisingly, the exit IP you are given is not randomized each time you connect to the server, but deterministically picked based on your WireGuard key
What's the point of this? This seems more complicated to implement than mapping exit ips at the server level, so surely they must be doing this for a good reason?
arciini 38 minutes ago [-]
I'd guess that this is to ensure one abusive user doesn't get every other user blocked from a large service (say, Google) for botting over the VPN and constantly rotating IPs.
It's a practical measure, but definitely has a privacy cost though.
stevekemp 32 minutes ago [-]
It's possible that contributes, but to be honest most VPN users are split "privacy seeking" and "abusive". Though I grant you paid users are probably slightly more circumspect than users of Tor, etc.
It seems more likely this is just about load-balancing use against their available nodes.
tempest_ 38 minutes ago [-]
I imagine there are a bunch of things on the internet that break if you start trying to connect to them from varying IP addresses. Things like the various CAPTCHA schemes and rate limiting etc, IP reputation etc.
lmm 22 minutes ago [-]
> I imagine there are a bunch of things on the internet that break if you start trying to connect to them from varying IP addresses. Things like the various CAPTCHA schemes and rate limiting etc, IP reputation etc.
Given how much of the world is stuck behind CGNAT now, I would expect any major sites to handle it.
wg0 38 minutes ago [-]
VPNs are snake oil. Exit IPs are a public information.
Cider9986 32 minutes ago [-]
VPNs are not snake oil. They transfer the trust of your internet activity from a place of low-trust, your ISP, to a place of high-trust, ideally a trustworthy VPN like Mullvad, IVPN, or Proton. Among other benefits. If you don't like your ISP creating a profile of you and selling it to target ads to you, you should use a VPN.
>Should I use a VPN?
Yes, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from only your Internet Service Provider.
2. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
3. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
4. Allowing you to bypass geo-restrictions on certain content.
Unfortunately, the largest and most well-marketed VPNs are, in fact, less trustworthy than your average ISP.
SXX 1 minutes ago [-]
This depends on your treat model. If what you worry about is massive collection of Linux ISOs that you download and distribute over P2P then probably shady VPN ISP is what you need.
asdfsa32 12 minutes ago [-]
Exactly. Most ISP are subject to local laws at least; where a lot of these ISP are overseas in shady jurisdictions.
jesterson 25 minutes ago [-]
> place of low-trust, your ISP, to a place of high-trust, ideally a trustworthy VPN like Mullvad
This is highly subjective statement.
Almost all commercial VPN services farm and sell your data. Just by that, my ISP is definitely high trust point while any commercial VPN is a low trust.
applfanboysbgon 17 minutes ago [-]
Your ISP farms and sells your data too.
Most VPNs are untrustworthy, but unlike ISPs, you can choose from any VPN provider in the world, not just the two or three that are local to you. And there are VPN providers in the world that have been proven not to retain data by audits + actual court cases where the court determined that the VPN provider did not have the data authorities were seeking. Do your research and choose a court-proven VPN, it's that simple.
sfdlkj3jk342a 18 minutes ago [-]
I can easily pay for a VPN service with crypto anonymously. I can also use a VPN run by a company outside my country of residence and jurisdiction.
Neither of those is possible with my ISP.
dakolli 4 minutes ago [-]
prepaid 5g sim cards and 5g modem.
jojobas 11 minutes ago [-]
Now try saying that wearing some Russian or Chinese shoes.
Cider9986 21 minutes ago [-]
I was just talking to a friend who believes that the feds poison privacy communities by spewing nonsense like this. I don't think wg0 is a fed, and my friend didn't have any proof for his claim. My feeling is that it is probably people acting like regular humans. They hear things, they have opinions and they don't provide proof or adhere to community norms. Eternal september or something. Regardless of if it's federal agents disrupting the discussion or human nature, the response should be the same—push back with proof, and demand proof and avoiding logical fallacies.
>Also. This is how they ruined any meaningful talks about privacy
There is so much noise
"Use braive. Don't use braive. Use vpn. Don't use vpn"
Then the debate spreads to all other aspects
password managers, emails and etc
dewey 29 minutes ago [-]
> VPNs are snake oil
The most generous way of reading that would be the fact that every YouTube pushing for a VPN as an essential tool just to use the internet outside of your house without getting hacked is a big exaggeration or fear mongering but there's good reasons for using a VPN for a lot of reasons and it's not snake oil.
21 minutes ago [-]
avazhi 34 minutes ago [-]
> Exit IPs are a public information.
Yes, obviously.
> VPNs are snake oil
Huh?
Rendered at 03:56:23 GMT+0000 (Coordinated Universal Time) with Vercel.
I'm a little confused on this... what is stopping third parties from doing key rotations like the main app clients if it is detailed in the repo how to do it?
1. It's the preferred VPN of TeamPCP.
What's the point of this? This seems more complicated to implement than mapping exit ips at the server level, so surely they must be doing this for a good reason?
It's a practical measure, but definitely has a privacy cost though.
It seems more likely this is just about load-balancing use against their available nodes.
Given how much of the world is stuck behind CGNAT now, I would expect any major sites to handle it.
>Should I use a VPN?
Yes, almost certainly. A VPN has many advantages, including:
1. Hiding your traffic from only your Internet Service Provider.
2. Hiding your downloads (such as torrents) from your ISP and anti-piracy organizations.
3. Hiding your IP from third-party websites and services, helping you blend in and preventing IP based tracking.
4. Allowing you to bypass geo-restrictions on certain content.
(https://www.privacyguides.org/en/basics/vpn-overview/)
This is highly subjective statement.
Almost all commercial VPN services farm and sell your data. Just by that, my ISP is definitely high trust point while any commercial VPN is a low trust.
Most VPNs are untrustworthy, but unlike ISPs, you can choose from any VPN provider in the world, not just the two or three that are local to you. And there are VPN providers in the world that have been proven not to retain data by audits + actual court cases where the court determined that the VPN provider did not have the data authorities were seeking. Do your research and choose a court-proven VPN, it's that simple.
Neither of those is possible with my ISP.
>Also. This is how they ruined any meaningful talks about privacy
There is so much noise
"Use braive. Don't use braive. Use vpn. Don't use vpn"
Then the debate spreads to all other aspects password managers, emails and etc
The most generous way of reading that would be the fact that every YouTube pushing for a VPN as an essential tool just to use the internet outside of your house without getting hacked is a big exaggeration or fear mongering but there's good reasons for using a VPN for a lot of reasons and it's not snake oil.
Yes, obviously.
> VPNs are snake oil
Huh?