The Mullvad Blog

Keep up to date on developments at Mullvad. New versions of our app, security updates, job posts – find it all here.

News — 2015/07/09

Third-party clients affected by OpenSSL security advisory

A security vulnerability in the cryptographic library OpenSSL was just disclosed. OpenVPN clients that use vulnerable versions can be tricked into accepting a man-in-the-middle attacker as a valid VPN server.

Read more

News — 2015/06/29

Version 50 released

Version 50 is now available for download.

Read more

News — 2015/04/15

USA available again

The first new server in the USA is up and running. More are on their way.

Read more

News — 2015/04/03

New Canadian servers, no US servers

We now have servers in Canada. For now, we don't have servers in the USA. We just lost two suppliers that do not want to relay anonymous traffic in the USA. We hope to remedy ...

Read more

News — 2015/03/05

Version 49 released

Version 49 is now available for download. It contains a patch against the FREAK vulnerability. Users of our client for Windows and OSX need to upgrade to the new version. Users of our Linux client ...

Read more

News — 2015/03/05

FREAK OpenSSL bug

The recently disclosed vulnerability in OpenSSL named FREAK can be used to attack OpenVPN clients. We have released a new version of the client with a patch, as well as published a blog post explaining ...

Read more

News — 2015/03/05

[OLD] FREAKing OpenVPN

[THIS IS AN OLD BLOG FROM 2015-03-05]

Read more

News — 2015/02/25

Version 48 released

Version 48 is now available for download. It primarily solves an issue with Stop DNS leaks on systems with a non-english Windows install.

Read more

News — 2015/02/20

Version 47 released

Version 47 is now available for download. It solves a few DNS leak issues and uses AES-256 as the default encryption cipher.

Read more

News — 2015/02/20

AES-256 encryption

The default OpenVPN stream cipher in new clients and new configuration files is now AES-256. When encountering certain connection problems the client program will fall back to Blowfish 128. To use nothing but AES, set ...

Read more