Interview with Mullvad VPN
0)Please tell us, what is your role (in the VPN company, where do you stand, owner, marketer, advertiser etc)?
My name is Fredrik Strömberg. I own 50% of Amagicom AB which is the swedish company operating Mullvad. The other 50% is owned by my colleague Daniel Berntsson. I do everything from customer support and economics to penetration testing, security reviews and development.
1) Does Mullvad VPN keep any logs, IP Addresses, Timestamps, Bandwidth caps, Traffic or other data?
No, nothing related to our customers’ usage of Mullvad. Neither their traffic nor metadata such as IP addresses, timestamps or anything like that is logged.
We do log things like how much traffic each server is shuffling so that we can do better load balancing.
2) What type of Encryption do you use?
We use OpenVPN with 128 bit Blowfish for the tunnel, and 2048 bit RSA for establishing it. We also use perfect forward secrecy.
Of course this is not the extent of our traffic protection. Our optional but recommended client also includes things like connection block should the tunnel go down, DNS leaks protection, protection against IPv6 leaks, and Teredo leaks. Furthermore, our client uses obfsproxy for traffic obfuscation when it detects that the tunnel is cut due to handshake matching using deep packet inspection.
3) Where are your servers located and what jurisdiction do you operate under?
Our servers are located in Sweden, The Netherlands, Germany and the U.S. We operate from Sweden, where our company is incorporated.
4) How do you generally handle requests from law enforcement and copyright agencies?
We tell them the truth; That we don’t log our users’ activities, that IP addresses are shared between many customers at every moment, and that anonymous internet is mostly a good thing for society, and is here to stay.
5) Do you have access to all your servers, and does the datacenter you use log?
No, not all of them. We only have physical access to our swedish servers, which we also own and physically handle ourselves. All other servers are dedicated. We don’t use virtual servers. We’re also very careful with where we purchase or place servers. We’ve met all our data center suppliers away from the keyboard.
To our knowledge none of our data centers log our traffic.
6) Does your service support bittorrent?
Yes. We only block tcp port 25 (because of email spam).