undefined | Better HN

0 pointsilliac7861mo ago0 comments

What’s the difference if Mullvad did not have the vulnerability described above?

0 comments

2 comments · 1 top-level

overfeed1mo ago· 1 in thread

The vulnerability enables clustering outgoing Mullvad traffic into user-sized buckets based on metadata analysis alone.

Clustering, in turn, allows time-based deanonymization[1], against the users assumptions of being sufficiently anonymized.

Adversaries who do not enjoy a backbone-traffic MitM vantage point cannot exploit this vulnerability, which makes it appear NOBUS-y.

1. Any *aaS, forum, or board, when given a (Mullvad!) IP address and series of request timestamps, and a subpoena, can yield PII on the real identity (email, phone, billing address)

illiac786OP1mo ago

but, to cluster this traffic, wouldn’t you need equipment between each and every mullvad exit node and each and every server the user access? Or at least a large proportion of it?

Are you talking about a surveillance state?

j / k navigate · click thread line to collapse