I agree, but IP addresses haven't been used as the main source of tracking for some time.

Advertisers learned how to use much better data points a long time ago due to AOL proxies much like the Mobile proxies a significant amount of mobile providers use today.

> Depending on your threat model this might mean that you should avoid using Android altogether for anything sensitive, or employ other mitigations to prevent the leaks. We aim to partially mitigate these problems in our app, so make sure to keep the app up-to-date.

I don't think companies should give false hopes to people, and that is what is exactly happening here (e.g., "fixing a DNS leak will make you private and that's the only reason you're not!").

I agree with what you're saying, but I don't believe Mullvad push that narrative.

In the article, they warn that "DNS leaks may have serious privacy implications for users".

Looking at their marketing homepage, they say "Using a VPN alone is not enough to achieve perfect privacy. There’s simply too much data being extracted through most browsers."

They also have this expansive analysis of the major threats to internet privacy: https://mullvad.net/en/why-privacy-matters/how-mass-surveill...

I read the threats page, and it covered some of the most glaring topics.

It would be nice if they could address this:

https://en.wikipedia.org/wiki/Internet_in_Sweden#:~:text=In%....

It also seems like there's some misunderstanding about what the internet is in general here or a really bad misrepresentation ("you're not on the internet because your packet traveled over wavelength" wtf):

https://mullvad.net/en/blog/2020/1/24/no-tears-lets-get-carr...

>It would be nice if they could address this: https://en.wikipedia.org/wiki/Internet_in_Sweden#:~:text=In%....

They have. Several times actually. You should browse their literature more thoroughly. Mullvad is not an internet service provider.

"[...] we, as a VPN service provider are not regarded as an electronic communications network nor an electronic communications service."

"[...] This means authorities cannot use LEK nor IHL to request information from Mullvad."

"Since Mullvad VPN by law is not required to collect any data related to our users’ activities online [...]"

https://mullvad.net/en/blog/update-the-swedish-authorities-a...

More thoroughly, see:

https://mullvad.net/en/help/swedish-legislation

> we, as a VPN service provider are not regarded as an electronic communications network nor an electronic communications service

haha

This has been confirmed through the legal process in Sweden. What are you laughing about?

Leased wavelengths are a thing. The phrasing is a bit weird but not wrong.

>"fixing a DNS leak will make you private and that's the only reason you're not!

This is not said or implied anywhere in Mullvad literature. In fact, they say the opposite.

"A VPN isn’t the entire solution for privacy. Here’s the kind of monitoring it can’t protect you against."

From https://mullvad.net/en/vpn/what-is-vpn

> Depending on your threat model this might mean that you should avoid using Android altogether for anything sensitive, or employ other mitigations to prevent the leaks. We aim to partially mitigate these problems in our app, so make sure to keep the app up-to-date."

This statement clearly implies this is the reason that Android is currently not safe.

No, it tells you that this issue warrants a reevaluation of your Android usage based on your threat model.

> This statement clearly implies this is the reason that Android is currently not safe.

I don't see the clear implication, and I don't see the point of going into a deep dive on all the risks in every press release.

I think this was meant in reply to the other person, not me?

Yes, HN doesn't allow replies over a certain depth sometimes.

It's just time-gated. But you can bypass the time-gate by clicking on the "x minutes ago" beside the username to view the comment directly.

Thank you!