Ad-blocking adblock.dns.mullvad.net DNS[2] is quite nice for the mobile as well.
[1] https://mullvad.net/en/help/socks5-proxy
[2] every server has its socks proxy address listed https://mullvad.net/en/servers
[3] https://mullvad.net/en/help/dns-over-https-and-dns-over-tls
An error occurred during a connection to mullvad.net. SSL received a record that exceeded the maximum permissible length.
Error code: SSL_ERROR_RX_RECORD_TOO_LONG
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.We’re currently on pub WiFi and it blocks all access to Mullvad, which is frustrating, because it means our web traffic - or at least the sites we’re visiting - are not private and can be viewed by the provider. Potentially they could also MITM TLS traffic, rendering that also insecure. I’m scowling at you Marston’s Inns.
Possibly they also block other well know VPNs.
I’d not be using it at all but for the fact 4G/5G signal around here is so poor.
EDIT: I got the bit between my teeth on this one. So Marston's appear to use a captive portal for WiFi and, it turns out, the issue is typically the MTU (maximum transmission unit). On macOS I can get Mullvad to connect using an MTU of 1280, and can then access the article. However, the MTU setting isn't available on Mullvad's iOS app. Some additional reading suggests that I could use the Wireguard iOS app instead, which would allow me to tweak MTU, but I'm not yet sure how I could set this up to work with my Mullvad subscription. I get the impression it may be possible although I have no idea how many of the additional protections (multi-hop, DAITA, etc.) would be usable going this route.
It's great that they work on these issues, but the organization is a mystery to me.
In my estimation their success is largely due to word of mouth and a perception of being a legitimate company with a serious interest in security and privacy in a market rife with scams and lies. I’d imagine that’s how they attract talent as well.
Anecdatum: I picked Mullvad because of strong recommendations from HN commenters on multiple threads.
Still, I am happy with the service and will continue to use it.
Edit:
[1] As others have written below, Reddit blocks when not logged in. Since I don't have an account, that's a 100% block rate for me.
Some Mullvad locations will cause Google to throw up excessive captchas. Others will cause reddit and imgur to 403 your response.
For most places, not a problem, but some WAFs are explicitely blocking certain known IPs.
Side note: one of Mullvad's Miami servers is blocked by HN, I have to switch nodes if I land on that one because "Sorry" message.
I frequently hit "Sorry" messages when opening a few HN links in quick succession through Mullvad too. I suppose the IPs have been flagged as potentially malicious.
Not sure what it takes for that to happen though; my server that archives every post made on HN has yet to get banned or heavily ratelimited, it just hits a 429 every once in a while.
Enshittification is nearly ubiquitous now [1].
Edit: when not logged in.
It’s just been my experience that when you have to prepay 2 years up front you are giving up any recourse if the service starts to suck, the company goes bankrupt, etc. It makes sense to be a bit skeptical when the discount for 2 years is 74% vs a normal company that gives you a 10-20% discount on a bulk purchase.
Seems like the user base is wider than what would be addressed by the most basic use of VPN. Mullvad would then serve a greater purpose than what many, or at least I, would be aware of.
But honestly I think dragnet surveillance has won, so that's a moot point for usage (just my opinion).
I mainly use it to keep from doxing myself (OpenVPN + socks v5), because for some reason every website you go to now wants to know if you're interested in X at [Your location].
with a footer like `[IPv4] [IPv6] [lat, lon] [First Name, Last Name] [SSN#]` Serving you proudly since 2005!