> An account-number model like Mullvad's would seem preferable
Thank you! :)
> .. assuming vendor’s TEE actually works
For sure TEEs have a rich history of vulnerabilities and nuanced limitations in their threat models. As a concept however, it is really powerful, and implementers will likely get things more and more right.
As for GPUs, some of Nvidia’s hardware does support remote attestation.
He IS a hacker from the 90s. It’s an assumed name. Plenty of hackers from the 90s have pseudonyms.
> so-called creator of some encryption protocol
All evidence points to him being one of the protocol’s designers, along with Trevor Perrin.
I’ve met both of them. The first time I met Moxie and talked about axolotl (as it was called back then) was in 2014. Moxie and Trevor strike me as having more integrity and conviction than most. There is no doubt in my mind that they are real and genuine.
Interestingly enough, some of the work Trevor did related to Signal’s cryptography was later used by Jason Donenfeld in the design of WireGuard.
> It screams honeypot like nothing else.
As you can see there is plenty of evidence suggesting otherwise.
It’s exciting to hear that Moxie and colleagues are working on something like this. They definitely have the skills to pull it off.
Few in this world have done as much for privacy as the people who built Signal. Yes, it’s not perfect, but building security systems with good UX is hard. There are all sorts of tradeoffs and sacrifices one needs to make.
For those interested in the underlying technology, they’re basically combining reproducible builds, remote attestation, and transparency logs. They’re doing the same thing that Apple Private Cloud Compute is doing, and a few others. I call it system transparency, or runtime transparency. Here’s a lighting talk I did last year: https://youtu.be/Lo0gxBWwwQE
I don't know, I'd say Signal is perfect, as it maximizes "privacy times spread". A solution that's more private wouldn't be as widespread, and thus wouldn't benefit as many people.
Signal's achievement is that it's very private while being extremely usable (it just works). Under that lens, I don't think it could be improved much.
>Signal's achievement is that it's very private while being extremely usable (it just works).
Exactly. Plus it basically pioneered the multi-device E2EE. E.g., Telegram claimed defaulting to E2EE would kill multi-client support:
"Unlike WhatsApp, we can allow our users to access their Telegram message history from several devices at once thanks to our built-in instant cloud sync"
> I think the right course of action should be a political activism, not a technological one. Especially when the company doing it makes a fortune.
We tried that. My cofounder and I, as well as several of our colleagues, tried classic political activism in the early 2000s. It became increasingly clear to us that there are many powerful politicians, bureaucrats and special interest groups that don't act in good faith. They lie, abuse their positions, misuse state funds and generally don't care what the population or civil society thinks. They have an agenda, and don't know the meaning of intellectual honesty.
> The course, when one can just disengage from participating in society by sidestepping the problems by either using VPNs in terms of censorship .. is very dangerous and will reinforce the worst trends.
It sounds like you're arguing for censored populations to respect local law, not circumvent censorship through technological means, and only work to remove censorship through political means.
Generally, the more a state engages in online censorship the less it cares about what its population thinks. There are plenty of jurisdictions where political activism will get you jailed, or worse.
Are you seriously suggesting that circumventing state censorship is immoral and wrong?
> So instead of speaking from the high ground, please, tell us what your solution about mass disinformation happening from US social media megacorps, Russia mass disinformation, mass recruitment of people for sabotage on critical infrastructure.
Social media companies make money by keeping people engaged, and it seems the most effective way of doing that is to feed people fear and rage bait. Yes, that's a problem. As is disinformation campaigns by authoritarian states.
Powerful companies have powerful lobbyists, and systematically strive for regulatory capture. Authoritarian states who conduct disinformation campaigns against their population are unlikely to listen to reform proposals from their population.
I don't claim to have a solution for these complex issues, but I'm pretty sure mass surveillance and censorship will make things worse.
> Tell us, how can we keep living in free society when this freedom is being used as a leverage by forces trying to destroy your union.
Political reform through civil discourse cannot be taken for granted. Mass surveillance and censorship violate the principle of proportionality, and do not belong in a free society.
> Please, give us your political solutions to the modern problems instead of earning a fortune by a performance free speech activism.
I'm not sure what you mean by performance. Please clarify.
> My cofounder and I, as well as several of our colleagues, tried classic political activism in the early 2000s. It became increasingly clear to us that there are many powerful politicians, bureaucrats and special interest groups that don't act in good faith. They lie, abuse their positions, misuse state funds and generally don't care what the population or civil society thinks. They have an agenda, and don't know the meaning of intellectual honesty.
I understand that.
You created a company which allows people to regain freedoms limited by their governments.
My only problem is that it ultimately undermines the government power and makes it weaker.
By creating a technical solutions to subvert government function, you are basically moved into a business of bypassing government regulations for people with money. Obviously when the market becomes large enough, governments can no longer ignore it.
The problem is that it creates reinforcement loops in such ways that political change becomes more difficult.
For example, we may imagine that Russia and China target people through social media. I believe that the effectiveness of this influence cannot be overstated, so naturally some governments may start thinking about limiting it by enforcing bans on some social media platforms or create laws to force them to be more transparent. You may not agree with this personally, and believe in the freedom of choice, but you are still in a business of exposing people to enemy propaganda against their democratically elected governments.
> It sounds like you're arguing for censored populations to respect local law, not circumvent censorship through technological means, and only work to remove censorship through political means.
Yes, in democratic countries I believe population should feel the pressure and resolve it through the process of electing the politicians representing their values, not buying workarounds from the vendor.
I believe that the exact same ads you have on the streets in the cities should be published by politicians or NGOs and not a business.
> Generally, the more a state engages in online censorship the less it cares about what its population thinks. There are plenty of jurisdictions where political activism will get you jailed, or worse.
I agree with that. To be honest, I do care about the EU mostly and I do think that political activism is still possible even when there is additional risk.
> Are you seriously suggesting that circumventing state censorship is immoral and wrong?
There is a very fine line, and I don't know the answer. I do belive that people should have a right for a private communication. I also do not trust law enforcement agencies and people there.
On the other hand, I do know that vulnerable people (teens, minorities, sick, elderly) in my country get recruited by Russia en masses through messengers. I do know that Russia engages in psychological warfare through Telegram, Facebook and TikTok without governments able to do anything. I do see the politicians in the western countries aligns with the psychological warfare of enemies because it helps them to get in power.
I do want for politicians to fight for my rights, but I don't want that from businesses to be honest.
> I'm not sure what you mean by performance. Please clarify.
I mean, activism is clearly a part of your business strategy. The more discussion you create around issues related to privacy and censorship the more users you'll have - that's why I call it performative. Mullvad's business depends on the performance of fighting for the rights at the same time as benefitting from the fight itself.
I do feel that there is a big disconnect between finding a technical solution and finding a political solution, and I feel like the tech sector becoming more and more influential and I also believe this will not end well.
> Thank you for the reply, I really appreciate it.
Likewise.
> You created a company which .. ultimately undermines the government power and makes it weaker.
Undermining the power of governments and other powerful entities has benefits and drawbacks. Our thesis is that making mass surveillance and online censorship ineffective is a net good for humanity in the long term.
You are arguing that censorship is a net good in the much more specific context of disinformation campaigns on social media during war time. Yes, government censorship might be effective and proportional in that context. It could also backfire.
You are also arguing that the dynamics and algorithms of social media is the vector through which disinformation spreads. Wouldn't it then be more effective and proportional to target social media for regulation?
>> It sounds like you're arguing for censored populations to .. not circumvent censorship through technological means..
> Yes, in democratic countries..
What should people in undemocratic countries do?
> I believe that the exact same ads you have on the streets in the cities should be published by politicians or NGOs and not a business.
> .. I do think that political activism is still possible even when there is additional risk.
> On the other hand, I do know that vulnerable people (teens, minorities, sick, elderly) in my country get recruited by Russia en masses through messengers. I do know that Russia engages in psychological warfare through Telegram, Facebook and TikTok without governments able to do anything.
I agree that is a serious problem and I don't know how to solve it. I'm sorry.
> I do want for politicians to fight for my rights, but I don't want that from businesses to be honest.
Why not?
> I mean, activism is clearly a part of your business strategy.
From a cause-and-effect point of view it would be more correct to say that starting a business is a part of our activism strategy. My opinions on the proportionality of mass surveillance and government censorship were formed a decade before I started Mullvad. Running a business is hard work, and if I didn't believe in its mission I would move on to something easier.
> The more discussion you create around issues related to privacy and censorship the more users you'll have - that's why I call it performative. Mullvad's business depends on the performance of fighting for the rights at the same time as benefitting from the fight itself.
I see. I interpreted it as "for show" in the sense of not being genuine.
We have a few partners who use our infrastructure (e.g. Mozilla), but we're not trying to dominate as a white-label solution. In fact, we've said no to a few well-known brands who wanted to white-label our infrastructure.
We want to make online mass surveillance and censorship ineffective. Mullvad is political action through entrepreneurship. We're reinvesting a lot of our profit into open-source software and hardware projects that benefit both Mullvad and the wider community.
I really don't want us to "corner the entire market" because that would make us a single point of failure. I would like to think that our hard work help push the market to keep improving.
I really like the "to plant trees in the shade of which we will never sit" statement. My pessimism only comes from watching trusted giants like Google and Cloudflare turn into critical infrastructure that in turn dictates the web.
May you continue to be the beacon of trustworthiness and hope that we all need right now
- protecting your privacy from your local ISP, WiFi, school, government etc
- protecting your privacy from some forms of online tracking
- circumventing censorship
- circumventing geographical restrictions
If you combine masking of your IP address with a web browser that protects you from various types of browser-based fingerprinting, you are more in control of your privacy online. You get to decide, to a greater extent, who you share very personal information with. That doesn't seem very silly.
(disclosure: I'm one of the deeply silly cofounders of Mullvad)
There's a niche fifth reason. Roaming between upstreams while not having open TCP connections drop. I use multiple ISP's and on mullvad I can swap which wifi/ethernet I'm on and all my connections stay up since wireguard is stateless.
Good point. That is indeed a distinct fifth reason.
Here's a sixth one: for some users it can improve latency, bandwidth and/or even cost.
latency/bandwidth: because of weird peering agreements between ISPs / ASes.
cost: there are networks where consumers pay per MB for international traffic, but not local traffic. Consumers can sometimes establish a VPN tunnel to the local data center and get an unmetered international connection, because the data center has a different agreement with the monopolistic consumer ISP.
How about a seventh: in solidarity with people who are facing censorship or oppression.
Like, if only dissidents and malcontents use a VPN (or TOR or HTTPS or E2E encrypted messaging apps) then if you want to reduce dissent, you can just round up all the VPN users and have them shot. If everyone uses VPNs for normal internet use, that becomes impractical.
> Here's a sixth one: for some users it can improve latency, bandwidth and/or even cost.
I find that using a VPN over starlink is quite a different experience than terrestrial. I can VPN through another country and the speed isn't affected nearly as much. My guess is that the route is satellite to satellite, so it is much faster.
Yup, when you're not using a VPN, even with encrypted DNS and HTTPS, you're still sending hostnames (e.g. wikileaks.org) over plaintext in TLS SNI for every HTTPS connection. I believe most firewall appliances now even prefer to use SNI for deep-packet-inspection since it's so reliable.
Hi! Thanks for your deeply non-silly reply; it's nice to (virtually) meet a cofounder.
If you have time, I'd love to hear your thoughts on Mullvad's campaign here in Seattle.
For what it's worth, I suppose my perspective boils down to: the first three issues aren't issues here in town, or can be addressed in more direct ways (we have a wide choice of providers; 1st party browsers and services cover the gamut of tracking concerns; etc). Circumventing geographical restrictions is useful, but -- perhaps understandably! -- doesn't appear to be what Mullvad is advertising on the trains I ride.
Regarding tracking concerns, masking your IP address is a necessary but insufficient first step to improving your privacy online. ISPs typically don't allow their users to do that per-device in a UX-friendly way. Protecting against browser fingerprinting is something that Mullvad Browser does quite well, thanks to it being a fork of Tor Browser.
As for circumventing geo restrictions, you're absolutely right. We make an effort to get it to work, but ultimately privacy and censorship is much more of a priority for us. That's why we don't advertise it.
Finally, the campaign isn't just about getting more customers. We started Mullvad for political reasons, and now we have the resources to spread that message further. Governments around the world are warming up to the idea of mandatory device-side mass surveillance and backdooring E2E encryption. We're trying to build public opinion against that.
I’m surely happy to not live in the UK at the moment. And Indonesia of course. If I would live in one of these countries I’d be using VPN. And maybe in the (not so distant) future this is preferable in the US too.
> We're trying to build public opinion against that.
Good on you!
But to be honest; it seems that it would be in Mullvads interest if the US starts requiring “open encryption” for internet services! Then more people would feel the need for VPNs
Actually, no. Our goal is to make mass surveillance and censorship ineffective, not maximizing profit to our shareholders. If there was a big red button we could push that accomplishes our goal and makes Mullvad obsolete in the process, we'd push it. There's an abundance of problems to solve in the world. It'd be nice if we could figure out how to get rid of some and move on to other problems.
At this point I'm reminded of Tom Scott's honest VPN advertisement, contrasting how VPNs are advertised (on YouTube, at least) with the main features that they really provide.
> I'm one of the deeply silly cofounders of Mullvad
Cool.
Also funny, but it would be nice if you addressed the specific objection. Here are some of the new ads: https://mullvad.net/en/blog/advertising-that-targets-everyon... . Do you think they appeal more to consumers who are seeking "it keeps me vaguely secure", or it helps me watch Venezuelan Netflix and avoid some kinds of targeted advertising personalisation?
Advertisement targeting is a risk. Even just leaking your IP to various services introduces risks and being able to build profiles on your activities online introduces risk.
Usually the risk is you spend money you wouldn't have otherwise spend, but those profiles can also be used for future nefarious reasons. You're basically just relying on everyone running analytics to be good people, forever. Remember, anything on the internet is forever. And, even if they are, you're still relying on them having perfect security, forever. If a database breach happens and people now know everything data brokers and analytics services know... that's a problem.
IMO, nobody should browse the web without a reliable and trustworthy VPN, at all.
> it would be nice if you addressed the specific objection
I'm pretty sure I did. I'll happily answer yours as well.
> Do you think they appeal more to consumers who are seeking "it keeps me vaguely secure", or it helps me watch Venezuelan Netflix and avoid some kinds of targeted advertising personalisation?
Between those two options, definitely "it keeps me vaguely secure". None of the ads you link to are intended for customers that want to circumvent geographical restrictions. We don't market to that customer segment.
Thank you! :)
> .. assuming vendor’s TEE actually works
For sure TEEs have a rich history of vulnerabilities and nuanced limitations in their threat models. As a concept however, it is really powerful, and implementers will likely get things more and more right.
As for GPUs, some of Nvidia’s hardware does support remote attestation.
https://docs.nvidia.com/attestation/index.html
reply