I'm not sure how much it adds to their bottom line for each sale, but my corp was using the Mullvad VPN addition to tailscale to do global testing by our developers.
IE; "is something blocked, do we detect GEOIP properly" etc;
UK use of VPN’a outside the office/work environment is gonna skyrocket.
We have neither won the lottery nor taken on outside investment. We've been growing for years, and we've reached a point where we can afford campaigns like this. It is an interesting experiment by our marketing team. Still, I think people on HN overestimate the cost of campaigns like this.
> Mullva?
(for people wondering, it's clitoris).
In this case, we say "duh lorr uhss" instead of "do lor ez". The second one doesn't sound like clitoris at all, but the first one.. okay it doesn't sound similar to me either, but it's closer at least.
[0] https://en.wikipedia.org/wiki/English_phonology#Unstressed_s...
[1] "schwa" is the name of the mid, central, unrounded vowel, IPA [ə]
https://mullvad.net/en/blog/advertising-that-targets-everyon...
I'm assuming it has something to do with the push in recent years to expand their userbase, but they don't seem to be able to keep a clean enough pool of IPs like the big popular ones to cope. I know all VPNs struggle with this but it was getting ridiculous, where every single server in a country would receive infinite re-captcha.
> where every single server in a country would receive infinite re-captcha.
What does that even mean? Have you also disabled cookies?
Typically it's a Cloudflare captcha if you're doing that, not a re-captcha. And afaik pretty much everyone gets this treatment with zero history. Welcome to the modern web.
Cloudflare recently started holding stackoverflow hostage as well. "Weird" OS + "weird" browser + cookie autodelete = www is hell, even on clearnet. I hate cloudflare so much it's unreal, including everyone who works for them, for enabling this nonsense.
One other issue I had with Mullvad that put the nail in the coffin for me was randomly laggy DNS resolvers, they would get fixed just by the time I start investigating it, but it kept happening... I say this as a mostly happy user for probably 7 years, but then found myself having to turn it off more than on to be able to access most sites.
No cash infusion. We've been growing for years, just like many other VPN services. We're still quite a bit smaller than e.g. Nord and Express though.
As for our choice of advertising, we don't run an affiliate program, nor do we want to track our customers through online ads, so we're trying this instead. It's cheaper than you might think.
// Fredrik (cofounder of Mullvad)
Because there are VPNs with good censorship circumvention tech, and there are VPNs with good privacy guarantees, but I know none which can provide both. What Mullvad offers now is either a decade old stuff which is blocked even by subpar DPI solutions, or a set of (more modern) protocol bridges which are painful to setup and sometimes IP-banned.
Having said that we have clearly prioritized privacy for a long time. For what it's worth we have several censorship improvements on the roadmap. Stay tuned.
On the other hand we ran a very political advertising campaign one-two years ago when we protested a new EU law proposal. We plastered Stockholm's airport in billboards targeting EU politicians and journalists. We published a book and sent copies to several hundred politicians. It was quite a success. Incidentally our office was raided by the Swedish police a month later - the first time in 14 years.
I really appreciate your feedback. Are you able to pinpoint more exactly why you feel that our advertising undermines trust in our brand? Is it simply the fact that we're advertising at all?
Our marketing team works hard to ensure that our advertising doesn't make security guarantees we can't keep, or sell the product through fear-mongering. I feel that we've found a set of advertising messages that work, but clearly it still causes some unease and skepticism.
Perhaps it's simply a worry that we'll change because Mullvad is growing up and is no longer an obscure underdog?
Although the society is almost zero privacy, it have historically had some funny IT figures for privacy and digital issues so people searching up for the background of the name might stumble upon it.
[1] https://youtu.be/rHVVpNRwLk0?feature=shared
[2]https://en.m.wikipedia.org/wiki/Bahnhof
[3] Peter Löthberg https://www.reddit.com/r/todayilearned/comments/1d8056g/comm...
IT people are weird.
https://support.opendns.com/hc/en-us/articles/360061439112-R...
I don't know how you'd exactly handle it, but an NSFWCP (Not Safe For Work Cybersecurity Policy) tag for some links would be nice.
Make no mistake, Mullvad Leta knows what you searched for and who you are.
/Theater/ has no place in privacy.
The right way to do it, short of FHE, is to encrypt the query client side, pass this to the proxy which does not pass the source IP, which passes this to the search engine for decryption. Search results are encrypted and pass thru in the reverse:
Client (encrypts) -> Proxy (passes thru no IP) -> Search engine (receives, decrypts, performs, and encrypts results) -> Proxy passes encrypted blob of results back to user -> Client privately reviews private search results.
Edit: private.sh tried this in the past but unfortunately was shuttered with the end of gigablast.
Web client side encryption eliminates fully passive snooping on the server side, but of course does nothing for actively subverting the served encryption code. This makes things a bit more dangerous for the snooping party as it's possible that the backdoored encryption code will be noticed by someone, and it's at least possibly a legal defense - the government might have the power to compel you to hand over data on your server but not to backdoor your code.
This isn't a huge technical difference, but it is a difference, and especially with the legal angle I think it's an important one.
I know this should be refined and hardened but you get the idea.
>We run the Leta servers on STBooted RAM only servers, the same as our VPN servers. These servers run the latest Ubuntu LTS, with our own stripped down custom Mullvad VPN kernel which we tune in-house to remove anything unnecessary for the running system. > >The cached search results are stored in an in-memory Redis key / value store.
This is surprising given that they try to cache results for 30 days:
>Each search that has not already been cached is saved in RAM for 30 days. The idea is that the more searches performed, the larger and more substantial the cached results become, therefore aiding with privacy.
That's surprising because presumably they lose all results if they have to reboot the server.
With a VPN service, there's not much they have to store past the lifetime of the VPN session, but if they're storing search results for 30 days, I wonder how they deal with this? Maybe best effort is fine because they don't strictly need to cache the results, as it just provides marginal privacy improvements.
Wouldn't want to hang onto things too long, current events run out of currency :)
Diskless does not mean SSH-less or network-less. The "data" can be pulled / pushed just the same, which is to say, Diskless, in this case, is no better than verifiably read-only partitions (like on ChromeOS & Android, for example).
Diskless does provide privacy improvements, as it drastically reduces the odds of something accidentally persisting to storage.
With regards to preventing accidental persistence, disk with only dm-verity partitions is as good, with extra advantage of only adding a little bit of extra RAM usage (/tmp, /var/run, ...)
For that matter, even something as sloppy as booting with rootfs wich can't be remounted rw (iso9660, squashfs, etc..) and is the only mounted fs, is also perfectly good against accidental persistence.
Strictly speaking they only lose all results, FOR SURE, if they have to reboot ALL the servers at the same time. If they implemented a system where the cached results are shared and replicated among all their servers, it can in theory be kept cached indefinitely.
> Each time the Leta application is restarted (due to an upgrade, or new version) server side, a new secret hash is generated, meaning that all previous search queries are no longer visible to Leta.
If I read this correctly, the cached data is per-instance, there would be no way to share cached data among instances if each one has its own secret hash and they are cycled on each start.
The cache is per-instance. A cluster of Redis caches would also limit the whole cache to the RAM size of one machine, so that is a non-starter.
Interesting, does DDG have plans to switch or start their own index?
I use it for all but my retro machines, which is a shame. I know Mullvad is a 'privacy' company but I really wish they'd acknowledge that HTTP+HTTPS is more robust to governments' censorship than centralized CA TLS only. HTTP+HTTPS would allow my non-bleeding edge TLS retro machines to search again.
Mullvad Leta: A search engine used in the Mullvad Browser - https://news.ycombinator.com/item?id=36402162 - June 2023 (142 comments)
Mullvad Leta (Search Engine) - https://news.ycombinator.com/item?id=35964397 - May 2023 (32 comments)
Screw mullvad. I'd have to be a damned fool to to ever trust them again.
> We did not, we made a front end to the Google and Brave Search APIs.
So this is pointless, and honestly kind of lazy?
Who cares about languages and culture of few dozen people who does not live in AMERICA.
And once the use of chatbots in this role becomes widespread- don’t think for a second that companies won’t sso the thing until it’s about as useful as current search.
AskJeeves, anyone?
\s
I jest, but the focus on privacy is important. I used to use DDG but ended up using (and paying for) Kagi.
No serious product, just a proxy for Google, while it is interesting not a real solution.
But as a marketing tactic to promote your VPN it is an interesting move.
But it has no real way to monetize and is likely to be shut down as soon as the marketing/publicity objectives are not aligned anymore.
That's what I was trying to point out.
Sure
> However, Leta is useless as a service if you use the perfect non-logging VPN, a privacy focussed DNS service, a web browser that resists fingerprinting, and correlation attacks from global actors. Leta is also useless if your browser blocks all cookies, tracking pixels and other tracking technologies.
In other words everyone can benefit from it. I don't know any browser (not talking about obscure browsers like lynx) who can completely resist fingerprinting.
https://mullvad.net/en/browser
It's not perfect (it's firefox based so that already sticks out) but better than could be done otherwise.
(I'm a Mullvad customer, not Mullvad directly, but that's how I use their browser and Leta.)
But the adverts didn’t make a lot of sense and I had no idea what the product actually did.
> Leta is also useless if your browser blocks all cookies, tracking pixels and other tracking technologies.
Huh? This needed better clarification because the two points seem to be at odds with each other.
FWIW, since we're exchanging anecdotes, LLMs have been completely useless for me. I try them every 3-6 months and always return to Google disappointed.
When we've got LLMs with real-time search now this seems a bit... backward. Not that the results for that specific query would change much.
I have no idea which OS you are on, but for me it has been working flawlessly for many years, on iOS (using WireGuard.)
One exception: Apple blocking their services when using a VPN IP-address, on macOS. But that's an Apple issue of course...
Even years back, when Proton still had frequent connection/App issues, my phone using Mullvad was very reliable, and hasn't failed even once.
Err.. it would still be useful to mask your IP ?
I would expect Mullvad to say they collect none, but is that said anywhere? Is there any privacy policy?
Edit: All it says is that they protect us from Google and Brave:
> When a search isn't in the cache, our server (leta.mullvad.net) queries the search engines on your behalf. Only the search query is sent; no personal data is shared.
and
> Returned search results contain only direct links to the final destination. All tracking elements and third-party content are removed to protect your privacy.
Switched default search in my FF to this.
Not sure why they limit the choice
esafak•8mo ago
I quoted their FAQ; it's not editorializing: https://leta.mullvad.net/faq
microflash•8mo ago
lcnPylGDnU4H9OF•8mo ago
microflash•8mo ago
glenstein•8mo ago
Barbing•8mo ago
“Mullvad Leta uses the Google Search API as a proxy, caching each search. These cached results are shared amongst all users, reducing costs and improving privacy. This service is user-supported and doesn't rely on ads or data selling.”
blibble•8mo ago
exactly to stop people doing this
lcnPylGDnU4H9OF•8mo ago
brewdad•8mo ago
KoolKat23•8mo ago
The FAQ also mentions user changeable settings for freshness, can't see that.
Still very kind of them :)
thayne•8mo ago
voytec•8mo ago
@dang No - please don't do it. This request is plain stupid.
Apple and Google being "privacy-focused" is a silly buzz-phrase at this point. Mullvad is tied to Alphabet/Google.
EDIT (2025 05 28 16:45 UTC): great to see how my recent comments were raided <3
Who the fuck have I annoyed? :)
PufPufPuf•8mo ago
BTW what ties are you talking about? Is there a source for that claim?
dang•8mo ago
You broke the site guideline against calling names, at least.
https://news.ycombinator.com/newsguidelines.html
voytec•8mo ago