What VPN have you switched to after the Mullvad situation. I have looked at nym and ivpn. But don’t know if they are any good.
Airvpn… few servers, but reliable on different machines and no problems.
I am also considering either IVPN or Nym. Not sure which is best for best privacy/security. Probably IVPN? Can anyone more knowledgeable help me decide between these two?
I’ve been looking at IVPN as well. Nym seems interesting but seems very new and idk if they offer Wireguard configuration files (I don’t think they’re even WG-based? I could be wrong)
I’m sitting on Mullvad for a week to do research into alternatives. Apparently their support team is handing out full refunds far outside their typical policy because of this shitshow, no questions asked. IVPN so far is looking promising, but I don’t know a damn thing about the company and people behind it.
I have purchased nym last week.
- I got the 1 year plan which came at a great price (price is really important for me atm)
- its apps arent as robust and good as mullvad, use more resources. But still do able.
- They dont offer config files
- It’s speeds seems pretty promising. Better than mullvad
- It takes it a while to connect. Maybe up to 1m. While mullvad connected immediately.
If mullvad wasn’t expensive for me I’d stick with it.
I heard about Nym a couple of months back and #3 was a deal breaker for me. Too bad it’s still the case today.
The recent contact I have had with ivpn suggests the company is genuine, and customer service is good. Unfortunately they do not tick the boxes for me re: linux software, and southern hemisphere servers. Definitely worth considering if in northern hemisphere though, maybe even south for some.
yeah i’m switching to ivpn
I switched away from Mullvad when they killed port forwarding years ago. I have used AirVPN since and it has always been pretty good!
What do you guys use port forwrding for?
Torrenting
one of the few good things about living in a fuckedup country is that I dont even use a vpn for torrenting.
I don’t personally, but generally it’s needed to keep your seed ratio high enough on private torrent trackers.
Also if you don’t have port forwarding you can only connect to those who have. With port forwarding you can connect to every peer, so you get better download rates.
Someone mentioned https://cryptostorm.is/ on another board, but I never heard of them before.
Any experiences here? I know a lot of VPNs like Express VPN or PIA are controlled by Israel/Mossad - so I won’t recommend tbem without a lot of research.
I’m using Cryptostorm for around two years now for seeding and browsing. Some things to know.
- We don’t know who is behind Cryptostorm. It could be a honeypot. I personally think this is unlikely because they basically don’t advertise and their website is way too uninviting for the “casual” criminal user, but who knows.
- PGP-encrypted mail support works well and is (likely) handled by a dev with competence. (Very sure there is no specific “support” person.)
- Server and client code is open source on their GitHub, but they only have an OpenVPN client for Windows. For other systems you need to use the provided WireGuard or OpenVPN configs.
- No PII is required for signup.
- Their blog posts are very good and go into detail about their system and what they are doing.
- IP blocks are somewhat common, and you don’t have streaming servers.
- Speeds are fine (not the best, but good enough) and can vary from server to server.
Generally, I’m quite happy with them. But everyone needs to make sure they are fine with not knowing who exactly is behind the service.
I never got around to changing from PIA when they were purchased years ago. Haven’t found any practical reason to change since, and though I get the backlash over the purchase.
My main use case is keeping my ISP from cutting me off for seeding, and it’s done that reliably.
Just remember that PIA’s owner is kape technologies, which is a British-Israeli company. Their headquarters are in London but development is done in Tel Aviv.
It sounds like you might already be aware but for anybody stumbling by.
That’s why I’m switching when my three years of pre-paid service is over.
I’ve also used them for years without issue.
PIA is part of that group of VPNs all owned by a dubios Israeli entity that keeps gobbling up VPN providers
Mullvad is still the best. For the time being, until the situation clears out, I wouldn’t stop using it.
I use self-hosted on a cloud bought by crypto, but it’s primarily because my relatives living in a country with almost all VPN solutions and protocols blocked, so you always need to figure everything out yourself and try something new.
What cloud service would you recommend? Maybe I’m over thinking I but I was looking into offshore VPS. But don’t know if I really want to go through it all.
It really depends on whether you care or not about State Surveillance.
If you don’t and only really care about general privacy and things like not getting letters from lawyers demanding money because you torrented something, then any no-logs VPN will do:
- For starters just having a VPN means it’s not just a case of a lawyer claiming to represent a copyright owner demanding from a local ISP the identification of the user of a specific IP at a specific time (which many countries have made laws to facilitate, so they don’t even need a court order) so now they probably need a court order
- Then if the VPN is in a different legal jurisdiction said court order needs to be from a court there, not where you are. Even if said lawyer are there and get that court order, they still need the ISP in a different country to give them the information of the user whose IP is in the VPN logs, so that’s a lot more complex.
- Then if the VPN has no-logs, they can’t even get the user IP address because it’s nowhere to be found. They would need a court order to install what’s basically wiretapping equipment or software in that VPN in order to catch a user whilst they’re actually using that connection to torrent some file or other. No court is going to be issuing a wiretapping order for a VPN provider to catch a non-commercial case of copyright violation.
If, however, you care about State Surveillance, then merely a no-logs VPN isn’t necessarily safe anymore. You see several countries, such as the US and UK, have special surveillance courts (such as FISA courts in the US) which can issue court orders to facilitate data access for mass surveillance WHICH THE RECIPIENTS CANNOT PUBLICLY ADMIT THEY’RE UNDER. In other words, the wiretapping equipment/software to allow bulk tracking of what users are doing might already be installed at the no-logs VPN (and they cannot tell you about it otherwise they’ll literally end up in jail) so it’s not in fact no-logs because the likes of the NSA is actually logging it all. Any VPN hosted in such legal jurisdictions can be the target of it, any company registered in such legal jurisdictions can be the target of it and it doesn’t matter how honest and pro-privacy the people in those companies are - I vaguely remember the case of a secure e-mail provider in the US (forgot the name now), who tried to fight one such court order and ultimately the only way they found to do so was to close down the service and their company.
So if you VPN company is for example registered in Gibraltar (which is a British jurisdiction) or the US and they’re still operating, they’re very likely compromised and even if they’re not, they can silently be compromise at any time.
If you care about avoiding mass surveillance from actual governments, then beyond the usual autocratic nations you’ll want to avoid VPN exit points in and VPN providers based in or registered in at the very least the US, UK and Israel and any of the regions under their jurisdiction (for example Gibraltar and the Channel Islands for Britain, Puerto Rico for the US), probably more broadly all the 5-Eyes nations (so, the first 2 plus Canada, Australia and New Zealand).
So check were that “wonderful no-logs VPN” company is registered and were is based and avoid those in countries with insane civil society surveillance legislation like the Patriot Act and even avoid exit nodes of other VPN companies in such countries.
It was Lavabit. The interview witht the founder about that whole fiasco is legendary I’ll try to find and link it
https://m.youtube.com/watch?v=spW0q-g2BxU&pp=ygUXTGFkYXIgTGV2aWFvbiBpbnRlcnZpZWU%3D
Gibraltar (which is a British jurisdiction)
Do you happen to have more info on that? Which UK government agencies would need to have jurisdiction over their Gibraltar counterparts for this to work?
The English Law Act 1962 stipulates that English common law will apply to Gibraltar unless overridden by Gibraltar law. This means that amongst others the Regulation of Investigatory Powers Act 2000 as well as earlier and later laws around surveillance, apply in Gibraltar by default.
I supposed one would need to find legal counsel in Gibraltar to determine if Gibraltar has passed laws that nullify English laws on surveillance powers, and until proven that Gibraltar has passed said laws the most logical expectation to have is that the same surveillance laws that apply in Great Britain also apply in Gibraltar because that’s the case for most laws.
Got it! I also found this IVPN blog post back from 2016 (keeping in mind that it’s old and may be biased) and this recent Privacy Guides forum thread for further reading.
I have to say: all legal area is a grey area if you legal hard enough, but British Territories are on another level. I feel like I’m changing their legal system by observing it.
AirVPN does good for torrenting I use it now that mulvad doesnt support port forwarding
I’ve been pretty happy with Windscribe. They are headquartered in Canada, but they have also proven they don’t keep logs. https://cybersecuritynews.com/court-dismisses-criminal-charges-against-vpn-executive-affirms-no-log-policy/
If you’re looking for a good comparison, I found the Techlore comparison table helpful: https://vpn.techlore.tech/
They also threatened to leave Canada if Bill C-22 passes, which I take as a good sign that they’re serious.
Mullvad is still the best. For the time being, until the situation clears out, I wouldn’t stop using it.
I disagree. VPNs is all about trust because you can’t verify they don’t log. I don’t trust a company where one of the people that owns 50% have donated 500k euro to a party that is describe as a racists, fascists and nazis.
Sure, you are free to think that way and I’m not saying I disagree with you. I just know that, if I stop using a product or service from a company, just because I don’t agree with someone working there (even if it is someone that founded that company), it is very likely I won’t be able use anything.
If it was the acting CEO or the company posture, I would do the same, but apparently it is not the case. Until then, Mullvad still provide great service.
There’s a clear difference between a CEO supporting this, and then random employees of a company that you disagree with on more trivial subjects…
In this case neither one nor the other is supporting this. The whole debate is about the action of one of the founders (not the CEO, who already said he doesn’t support those views).
Just the founder whose donation bankrolls the entire party…
Just the founder who holds massive sway in the direction of the company…
Just the founder, who receives a lions share of the profits from our funding who redirects it towards ideologies rooted in inhumanity…
“These fascists make a really good burger. I’ll keep buying their burger and I don’t care where it comes from, I won’t look.”
wow, we really are going to extremes
Just because you don’t like facts doesn’t mean they’re “extreme” lol.
Please, tell me how any of the above is extreme. Please do use facts similar to those already covered in the comments section here which support my claims.
… and I’m not saying I disagree with you.
What facts? Just because I have a slightly more moderate and less radical stance regarding stopping to use some company services than you, you already started throwing the “fascist supporter” card. That’s usually what extremes do.
I used a hypothetical, denoted by using quotations. I never called anyone specifically a fascist supporter. You made that final jump.
But, since you asked about it, let’s look at brass tacks. What, by definition, constitutes fascism?
often Fascism : a populist political philosophy, movement, or regime (such as that of the Fascisti) that exalts nation and often race above the individual, that is associated with a centralized autocratic government headed by a dictatorial leader, and that is characterized by severe economic and social regimentation and by forcible suppression of opposition
At the core of fascism is loyalty to tribe, ethnic identity, religion, tradition, or, in a word, nation. —Jason Stanley
Just to make sure we’re not looking at a singular definition, let’s look at Wikipedia too
Fascism (/ˈfæʃɪzəm/ FASH-iz-əm) is a far-right, authoritarian, and ultranationalist political ideology and movement that rose to prominence in early-20th-century Europe.[1][2][3] Fascism is characterized by support for a dictatorial leader, centralized autocracy, militarism, forcible suppression of opposition, belief in a natural social hierarchy, subordination of individual interests for the perceived interest of the nation or race, and strong regimentation of society and the economy.[3][4] Opposed to communism, democracy, liberalism, pluralism, and socialism,[5][6] fascism is at the far-right of the traditional left–right spectrum.[1][6][7]
And now, let’s look at what the Örebro party’s own stated platform, which recieved 72% of its funding from the Mullvad founder, which also amounted to 10 times their total funding in 2024:
Some of its key issues include strong secularism, a 30-hour workweek with retained pay, lowered wages for politicians, ending taxes on energy and fuel, ending taxpayer funding of what it sees as wasteful sculptures, monuments and art, large-scale remigration, expanded social housing, a stricter assimilation policy, and free dental care.[3][4]
And what’s remigration?
Remigration is a far-right concept referring to the ethnic cleansing[1] via mass deportation of non-white minority populations, especially immigrants and sometimes including native-born citizens, to their place of racial ancestry.[2][3]
So fascism is about racial and national purity and hierarchy, as we defined, and the Orebro party supports remigration, which is a concept of forcing immigrants out of countries to preserve the purity of “culture” and the race of the nation.
But yeah, keep eating that burger my guy. I’m the extreme one. I bolded the throughlines to make it easier for you to connect the dots.
Mullvad has been audited over and over again and found to not be logging.
Before they dropped port forwarding a police raid famously found nothing and confirmed that they were not recording any user information and operating as advertised, that is to say, operating in a way that not only didn’t log, but precluded the possibility of logging.
A raid where they get nothing is like an audit but it’s the real thing.
They dropped port forwarding because, in concert with an Interpol investigation, all the big content delivery networks and lots of websites to boot started blocking their endpoints.
There is not any vpn I’m aware of that has been physically raided by cops with a court warrant in hand and shown to have nothing and also dropped their possibly most popular service, port forwarding, in order to not have to comply with an investigation.
I used ivpn in the past and see it as basically an untested mullvad from ten years ago. Who knows how its people and technology would respond under the same circumstances? Could be good, could be bad.
Audits don’t prove they don’t keep logs when a company do a audit on them Mullvad give them access to what they can audit Mullvad can just delete the logs from the servers when the audit is taking place it don’t prove anything.
But the raid where the cops don’t find anything is a really good sign.
Yeah there’s a lot of questionable stuff in the vpn service security auditing “space”.
That’s why I think it’s important to look at the raid outcome to see how their systems handle a real world situation (interpol tries to get logs and install logging in order to bust an alleged global csam ring using mulvads port forwarding, user privacy and anonymity protections to trade files over windows cifs (yes, network neighborhood, pedos apparently have a reputation for lack of opsec) sharing). The raid was unsuccessful because there were no logs and the police were unable to install logging capabilities.
After that failed operation, Interpol began requesting cdns and hosts block mullvads endpoints by ip. The point of that operation was to either force mullvads compliance with the investigation, to get them to drop port forwarding, or to force them to close down.
Because at the peak even cloudflare was blocking mullvad, it became very hard to use the service when browsing or for pretty much anything that relied on internet like rss or podcasts, shoutcast or even updating your computer.
Mullvad dropped port forwarding after rotating servers for months to attempt to beat the block and giving users lots of warning.
In the months after the block request was lifted, using the service for normal browsing went back to usual.
I remember all these details so clearly because I was a user of mullvad then and it was a relatively high profile and well publicized test of a vpn services’ capability to withstand government pressure.
As it turns out, even having no logs and no ability to add logging into your system doesn’t stop government from telling everyone else to make your system unusable.
It’s also pretty much the best possible outcome someone could expect of a service.
The point of this long ass reply is not to defend a company, although I think a person who was doing so could be forgiven for it in this case, the point is to help you understand what happened to make users of that service put their trust in it and why people like me are saying “maybe consider not ditching mullvad” when you ask what to use instead.
I switched from Mullvad before this because they thought I was paying 5 EUR each month to solve a captcha on their website. Proton VPN is what I’m using rn.
Tell me more, are they asking you to authenticate often?
Not OP but I solve a ton of Captchas…
I use AirVpn as they allow port forwarding and are reasonably priced. They are no logs and allow payment through non-bank methods
AirVPN is great, I am using it right now. Paid with crypto and signed up with an anonymous email address
Host one yourself on a cloud host that accepts cryptocurrency and asks no questions, if you want true privacy. Otherwise if you’re just trying to get around stuff for piracy reasons, a digital ocean droplet or a hetzner instance running OpenVPN is plenty.
maybe a dumb question but isn’t a hetzner instance directly connected to one’s identity? I remember when setting up mine, they asked for ID verification. If so then the outgoing IP which is public is linked to my ID and would be a bigger risk of itself. Correct me if I’m wrong.







