I love that Proton bots/fanboys always get pretty nervous when someone just points out the facts 🤣
this post was submitted on 12 May 2025
61 points (96.9% liked)
Privacy
37753 readers
796 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
I like that you don't have to provide an email address to mullvad.
Has anyone used Mullvad vpn with a media server? I’m currently using AirVPN, but it’s not that good speed-wise. I’ve been looking at Mullvad for a while, but they’ve abandoned port forwarding, which I’m not sure how big of an impact that is.
Depending on how you're accessing this, and how many people you're trying to set this up for, it would probably be easiest to learn how to deploy your own Wireguard network. In my case, my phone automatically connects to my own Wireguard on my server (an 11 year old laptop) and whenever I'm on the go I have full access to my LAN + PiHole DNS filtering.
So, what's the point? The point is that you will be able to securely connect to your media server without exposing it directly to the internet, all without paying for a service to do what you can already do yourself, provided your ISP allows you port forward.
I like Mullvad better
Mullvad is much friendlier to privacy, but their proxies get blocked by A LOT of stuff, they also have a very small number of proxies. Mullvad collects literally nothing about you, but that's a double edged sword. not having any way to verify exactly who paid money into which account number means they can't help you if someone steals your account. I also have it on good authority that mullvad isn't very reliable at getting past more aggressive censorship firewalls. the one in china for example won't allow you to use mullvad unless the sim you're connecting from is a US one.
Proton doesn't record anything you're doing with their VPN and they've had to prove that many times and their "sentinel" program and the 2FA and double password you can enable make it very hard if not impossible for someone to mootch off your account. I very rarely get blocked by anything when I use proton VPN, if I ever do get blocked I just have to change the proxy I'm on. I don't even have to change the location most of the time because proton VPN has a huge number of proxies at each location.
Proton also gives you the ability to save recovery phrases and recovery files if you lose your password(s) or your 2FA
ente auth and ageis auth are great for storing your 2FAs and they allow you to back them up to a file if your account with ente fails in some way or if you forget the password to get into your ageis
as for those recovery files and phrases I talked about. save them in text files on a small capacity flash drive that you don't use for anything else
I prefer Mullvad. Regularly audited, can pay with cash if preferred, everything runs on RAM, and hasn’t had any controversies so far. The only issue for some is no port forwarding. I also like the multi-hop and DAITA features.
Mullvad. Their servers run on RAM, and they don't have any information about you no email, no username you can even pay with cash. However, Proton has port forwarding, while Mullvad does not.
Mullvad does have split tunneling on Linux and Android. I don't know about Windows.
I don't know why I wrote split tunneling, I meant port forwarding. Thanks😀. Windows also has split tunneling.
servers run on RAM
What's the different with zego logs alternatives, e.g. https://openvpn.net/as-docs/tutorials/tutorial--turn-off-logging.html
Mullvad. It's cheaper than Proton. But Proton has more servers. Like Proton even provies Indian IPs, but the servers are hosted in Singapore, which may be something people need, as Mullvad do not have any servers with Indian IPs.
You can also try IVPN, it is almost same like Mullvad, no email for account, pay using Monero etc, but you can get a one week subscription for $2.
100% Mullvad
Mullvad.
Proton has a Trump ass kisser working in their C-suite.
Okay, but how does the political stance of Proton workers affect my privacy?
At the moment, it doesn't. He could decide to violate Swiss law and turn data over to Trump.
That would certainly affect your privacy.
Andy done some bootlicking... I guess whoring for the regime is supposed to print generally but I don't think he understands his user base lol
Imagine
Mullvad hasn’t yet shown themselves fed- friendly.
Proton has.
Mullvad is the answer.
Source please, we in the /privacy community genuinely want to learn so when such things do happen, we all benefit from factual information. Please do not assume we all know what you are referring to. It is particularly in this kind of cases when, for example with Signal what was "shared" with authorities is basically irrelevant, cf https://signal.org/bigbrother/ so we must be precise.
Proton has cooperated with subpoenas on multiple occasions leading to the user’s arrest.
While they may challenge them, the point is that they have cooperated and thus are not reliable. There are no reported cases of Mullvad doing the same.
There are ample links from multiple sources that describe this with a simple search.
That's because no one running a service will go to jail for you. None.
Not ProtonVPN, not Mullvad, not IVPN, not Lemmy Instances.
Imagine you run one of these, and you received a lawful order in your jurisdiction.
Turn over data or go to jail for a long time.
Would you go to jail to protect user privacy?
The only thing Proton does better is because they are under Swiss Jurisdiction, which has stricter control over when a court order can be issued. But if a court order goes to Proton, they can't ignore it.
Also: Protonmail =/= ProtonVPN, they are under different laws. In Switzerland, Mail providers have to provide IP addresses upon a subpoena, VPN providers do not. If those users had used ProtonVPN to access their Protonmail, they'd be safe.
Please do provide a link, especially if it's very easy to find. I'm not saying anything you say is wrong, only that if it's not an opinion, then a link from a trusted source helps other to understand the situation.
It's a somewhat convoluted story. Here are some links
- https://proton.me/blog/climate-activist-arrest
- https://old.reddit.com/r/ProtonMail/comments/ydcek3/what_became_of_the_french_climate_activist/
- https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/
The takeaway is when he logged into his Protonmail they logged his IP address which helped track this individual down. But note that Reddit thread I linked. I also cannot find that much information about "what happened next," or the details of who was arrested and why.
There may be other examples, but this particular case kinda hit the rounds back when it happened.
Excerpts from your third link https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/
As usual, the devil is in the details—ProtonMail's original policy simply said that the service does not keep IP logs "by default." However, as a Swiss company, ProtonMail was obliged to comply with a Swiss court's demand that it begin logging IP address and browser fingerprint information for a particular ProtonMail account.
According to multiple statements ProtonMail issued on Monday, it was unable to appeal the Swiss demand for IP logging on that account. The service could not appeal both because a Swiss law had actually been broken and because "legal tools for serious crimes" were used—tools that ProtonMail believes were not appropriate to the case at hand, but which it was legally require to comply with.
ProtonMail also operates a VPN service called ProtonVPN, and it points out that Swiss law prohibits the country's courts from compelling a VPN service to log IP addresses. In theory, if Youth for Climate had used ProtonVPN to access ProtonMail, the Swiss court could not have compelled the service to expose its "real" IP address.
Proton did not voluntarily log IPs, they were under a lawful court order and were out of appeal options.
Like I said, no one running a service will go to jail for you. None.
Not ProtonVPN, not Mullvad, not IVPN, not Lemmy Instances.
If a legal court order is received, they will conply after they run out of appeals
Imagine you run one of these services, and you received a lawful order in your jurisdiction.
You can choose to turn over data or go to jail for a long time.
Would you go to jail to protect user privacy?
That's why its not only a company's privacy practices you need to worry about, but also the jurisdiction. Choose a service that's is in a privacy friendly jurisdiction.
Also, this is about Protonmail, which is under different laws than ProtonVPN.
To be fair, if your safety depends on whether a particular company cooperates with authorities, you'd better rethink your OPSEC.
When did Proton show themselves fed-friendly? Also what "fed" are we talking about? The Swiss Federation?
I guess he's referring to this
Proton's statement from the linked article
"We are aware of the Spanish terrorism case involving alleged threats to the King of Spain, but as a general rule, we do not comment on specific cases. Proton has minimal user information, as illustrated by the fact that in this case, data obtained from Apple was used to identify the terrorism suspect. Proton provides privacy by default and not anonymity by default because anonymity requires certain user actions to ensure proper OPSEC, such as not adding your Apple account as an optional recovery method."
IVPN imo, just because it offers reverse split tunneling, if you prefer having more countries to choose from you can use Proton.
A VPN is a VPN, having a different IP address is equally effective against those things no matter which IP it is. The issue is whether or not anyone can associate that IP with yours, and what that comes down to is how willing they are to give up their records when the government asks nicely (or, even more importantly: not so nicely.) I'm not familiar enough with either service to be able to speak to that, but everyone else seems to be talking about features, prices, politics, etc when none of those directly address your questions.
False and fake information.
lol, k, I definitely respect the opinion of someone who drops a half-assed comment like that without bothering to offer what they believe to be the correct information.
I can't presume to know what they meant, specifically, but I think they're probably referring to the fact that a VPN provider has access to all of the data you're transmitting through their exit nodes, and a malicious one could harvest and sell it. Or work with LE and hand over all tracking data, all information about your browsing habits for the past year, all of the times you visited PornHub and Grinr, how many times you visited that trans support website... everything LE could get by surveiling your behavior if you weren't using a VPN.
A VPN is only worth how trustworthy the VPN provider is. Mullvad, for instance, claims to keep no logs, so a search warrant for logged data is useless. This is not true of all VPN providers.
If that's the case then both of you failed to read the part of my comment where I explicitly addressed that:
The issue is whether or not anyone can associate that IP with yours, and what that comes down to is how willing they are to give up their records when the government asks nicely (or, even more importantly: not so nicely.)
I admit I didn't include the possibility of the VPN operator themselves being malicious, but it seems weird to call me out for not addressing the issue of record security re:governments/LE when pretty much the entire point of my comment was to address that specific issue because no one else was, no?
You start with "a VPN is a VPN." However you qualify it, it's not true unless you're merely stating a tautology, which doesn't seem constructive or helpful.
They still see source of email and meta data.
I am not sure why they would ban account for getting links tho