We have successfully completed our migration to RAM-only VPN infrastructure - Blog | Mullvad VPN
mullvad.net
Today we announce that we have completely removed all traces of disks being used by our VPN infrastructure!
  • @[email protected]English
    812 years ago

    What does “without any disks in use” mean?

    • If the computer is powered off, moved or confiscated, there is no data to retrieve.
    • We get the operational benefits of having fewer breakable parts. Disks are among the components that break often. Therefore, switching away from them makes our infrastructure more reliable.
    • The operational tasks of setting up and upgrading package versions on servers become faster and easier.
    • Running the system in RAM does not prevent the possibility of logging. It does however minimise the risk of accidentally storing something that can later be retrieved.
      https://mullvad.net/en/blog/2022/1/12/diskless-infrastructure-beta-system-transparency-stboot/
    • @[email protected]English
      282 years ago

      While mostly true, there are ways to preserve ram if the device is confiscated.

      Your local PD likely couldn’t pull it off, but if one of the larger abbreviation agencies were to get involved, data on RAM isn’t a huge hurdle. Assuming no one flips the power switch, at least.

      • @[email protected]English
        192 years ago

        Yeah, freezing and dumping RAM is a well known attack, even happening at some airports with laptops. But it still requires very recently powered ram, basically still in operation before extraction. It’s a big step toward security at least.

      • @[email protected]English
        122 years ago

        I guess it’s going to stop any standard agencies with a warrant. Confiscating the machine for it to sit in a warehouse until some forensic techs get their hands on it.

    • @[email protected]English
      32 years ago

      There are devices that allow moving and confiscating computers without powering them off.

      The rest are true.