All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Mullvad VPN's deterministic exit IP assignment creates a potential fingerprinting vector

By

RGBCube

17d ago· 6 min readenInsight
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Hand-rolled, kettle-boiled, baked to perfection. Worth every minute at the bakery.

Score100TypeanalysisSentimentneutral

Summary

Mullvad VPN uses a deterministic method to assign exit IPs based on a user's WireGuard key, rather than randomizing them on each connection. While this approach helps manage IP distribution across their relatively small server fleet (578 servers) and prevents issues like IP blocks and rate limits, it creates a potential fingerprinting vector. Since the WireGuard key rotates every 1 to 30 days, the exit IP remains static during that period, which could allow websites and services to track users across sessions. The article explores the privacy and security implications of this design choice.

Key quotes

· 3 pulled
Mullvad is one of the few VPN providers that offers multiple exit IPs for its servers.
If two people connect to the same server, they will usually end up with different public IPs.
The exit IP you are given is not randomized each time you connect to the server, but deterministically picked based on your WireGuard key, which rotates every 1 to 30 days.
Snippet from the RSS feed
Mullvad is one of the few VPN providers that offers multiple exit IPs for its servers. If two people connect to the same server, they will usually end up with different public IPs. With only 578 servers (compared to Proton VPN’s 20,000), this kind of vert

You might also wanna read

New FROST Technique Enables Browser-Based SSD Tracking of Website Visitors

A new browser-based tracking technique called FROST (Fingerprinting Remotely Using OPFS-based SSD Timing) allows websites to spy on visitors

wired.com·55m ago

Phishing Campaign Targets Signal Users by Stealing Backup Recovery Keys

A new wave of phishing attacks is targeting Signal users by impersonating the app's support team. Hackers send messages inside Signal claimi

cybersecuritynews.com·5h ago

New phishing campaign targets Signal users to steal chat backup recovery keys

Hackers are targeting Signal users in a new phishing campaign that attempts to steal their chat backups. The attackers pose as Signal's supp

techcrunch.com·5h ago

Wi-Fi Router Beamforming Feature Can Be Exploited to Identify Individuals With 99.5% Accuracy, Study Finds

Researchers at Germany's Karlsruhe Institute of Technology discovered that standard Wi-Fi routers using beamforming feedback information (BF

futurism.com·19h ago

New browser-based side-channel attack uses SSD activity analysis to spy on users

Researchers have discovered a new browser-based side-channel attack that can spy on users by analyzing SSD (Solid State Drive) activity thro

arstechnica.com·2d ago

Researchers Demonstrate How Inaudible Audio Commands in Podcasts and Videos Can Hijack AI Voice Assistants

Researchers have demonstrated a new cybersecurity threat where hackers can embed inaudible sounds into podcasts, YouTube videos, or other au

futurism.com·5d ago