Mullvad Review 2017 - Torrent Anywhere & Everywhere - BestVPN.com
NordVPN

Mullvad Review

Mullvad review

Few, if any, other VPN services can match Mullvad\’s dedication to privacy. It backs this up with cast-iron technical security and a wealth of sophisticated anti-censorship technologies. If you are a more casual user, however, don\’t let any of this put you off. Mullvad\’s software is very easy to use and works flawlessly.

OUR RATING

4 / 5

What is Mullvad?

Mullvad is well-known as the only Virtual Private Network (VPN) provider to accept payment in cash sent by post. As we shall see in this Mullvad review, this Swedish VPN provider more than lives up to the reputation this suggests.

PROS:
  • Private: No logs at all
  • Secure: Excellent encryption
  • Family Friendly: Five simultaneous connections
  • Anti-censorship technologies
  • Peer-to-peer (P2P) torrenting on all servers
CONS:
  • Limited number of servers
  • Slow support

Visit Mullvad »

Mullvad is one of the most privacy oriented VPN services on the market. It is also one of the most technically sophisticated, and offers a range of advanced anti-censorship technologies.

For all that, its software is simple to use. This means that more casual VPN users will also be happy with the service, although somewhat slow support is an issue.

Mullvad’s Pricing and Plans

Mullvad’s pricing could not be simpler. It costs €5 per month (approx. $5.75 USD at the time of writing), and that’s it. Unlike most VPN services, there are no discounts for buying longer subscriptions. The only kink is that payment in Bitcoin gets a 10% discount “due to lower fees and less administration.”

A rather short, three-hour free trial allows you to check that the service works as it should. In addition to this, Mullvad offers a 30-day money-back guarantee (except for payments sent in cash, due to anti-money laundering regulations).

Mullvad accepts payment via credit/debit card (via PayPal), Swish, bank wire, and Bitcoin. It is also unique among VPN providers as it accepts cash sent by post. In addition to this, Mullvad accepts vouchers that can be purchased from certain stores, which can be paid for in cash.  This means that Mullvad has no direct contact with the purchaser.

These almost unique payment options alone give Mullvad a good claim to be the most privacy-oriented VPN service out there.

Mullvad’s VPN Features

Mullvad offers the following features to all users of its service:

  • Five simultaneous connections
  • SOCKS5 proxy connections
  • Port forwarding
  • Port selection
  • OpenVPN protocol
  • P2P torrenting permitted
  • Obfsproxy and Shadowsock bridges (anti-censorship technologies)
  • Secure Shell (SSH) and Secure Sockets Layer (SSL) (stunnel) tunneling (anti-censorship technologies)
  • Multi-hop VPN
  • Full Internet Protocol version 6 (IPv6) routing
  • Severs in 22 countries

Most servers are in Europe, but Mullvad also has servers in North America, Australia, and the UK. Compared to other, more commercial services, this is a somewhat limited, and may restrict Mullvad’s usefulness for users in places such as Asia.

On the plus side, all Mullvad’s servers are bare-metal servers (not Virtual Private Server instances) under the close control of Mullvad. You can connect up to five devices to Mullvad at once, which is generous.

It is also worth highlighting the fact that Mullvad is the only VPN service I know of to properly route IPv6 connections through the VPN tunnel. Most other good VPN services simply disable IPv6 in order to prevent IP leaks. This is not a major problem at present, but kudos to Mullvad for looking to the future here.

Port Selection and Port Forwarding

It is rare for VPNs to be blocked, but it happens in places such as China and Iran (although this is usually only partially effective). Mullvad allows you to counter such measures by running the VPN over almost any port (a few ports are blocked to address spam and security issues).

The most common use for this is to run OpenVPN traffic over Transmission Control Protocol (TCP) port 443. This is the port used by HTTPS, the encrypted protocol that secures websites. Without HTTPS, no form of online commerce, such as shopping or banking, would be possible. It is therefore very rare for this port to be blocked.

As an added bonus, VPN traffic on TCP port 443 is routed inside the Transport Layer Security (TLS) encryption used by HTTPS. This makes it much harder to spot using deep packet inspection (DPI). TCP port 443 is therefore the favored port for evading VPN blocks.

SSL and SSH Tunneling

If switching to TCP port 443 is not enough to evade censorship or otherwise hide the fact that you are using a VPN, Mullvad offers SSH and SSL (stunnel) tunnelling. This wraps your VPN data inside an additional layer of SSH or TLS/SSL encryption.

As DPI techniques are unable to penetrate this “outer” layer of encryption, they are unable to detect the OpenVPN encryption “inside.” For more details about this technique, please see my guide on How to Bypass VPN Blocks.

Shadowsocks

Mullvad also supports Shadowsocks. This “is an open-source proxy application, widely used in mainland China to circumvent internet censorship.” It is an open source anti-Great Firewall tool/protocol/server created by a Chinese developer. Basically, it’s a special Socket Secure (SOCKS5) proxy.

It is also worth noting that by connecting to one of its bridging servers, Mullvad users can multi-hop their VPN connections. This is primarily useful in complicating traffic analysis attacks.

Again, for more information please see my guide on How to Bypass VPN Blocks.

SOCKS5 proxy

Please see What Is a Proxy Server? for a full discussion on what a SOCKS5 proxy is. They are particularly useful to P2P torrenters, as you can either configure just your BitTorrent client to be protected (rather than using a full VPN connection), or you can use both SOCKS5 and VPN together for “double protection” while torrenting.

Mullvad also uses SOCKS5 to pull off some neat tricks, such as enabling stunnel connections and for split tunnelling (setup guide available).

Privacy

Privacy is an area in which Mullvad truly shines. It basically keeps no logs at all, and its no logging data policy is the most clear and comprehensive such document I have ever encountered. Crucially, there is no logging of:

  • traffic
  • Domain Name System (DNS) requests
  • connections, including when one is made, when it disconnects, for how long, or any kind of timestamp
  • IP addresses
  • user bandwidth
  • account activity except total simultaneous connections and the payment information detailed in the policy

The website also includes no tracking or analytics scripts whatsoever.

Mullvad is based in Sweden. This is not ideal from a privacy standpoint, as Sweden suffers from some government surveillance issues. Critically, however, VPN providers in Sweden are not required by law to keep any logs.

As I have already mentioned, Mullvad accepts anonymous payment via Bitcoins or cash sent by post. As we shall see in a moment, Mullvad is also the only company I know of that doesn’t require an email address at all!

This is great, and speaks a great deal for Mullvad’s commitment to privacy. Always remember, though, that as with any VPN service, Mullvad will still know your real IP address.

One final point I think worth mentioning is that Mullvad is very open about who owns and runs the service. The physical address of its parent company (Amagicom AB) is prominently displayed on the website, as are the real names of its owners and team members.

This level of transparency is very refreshing in an industry where VPN company owners and operators like to keep to the shadows. It also helps to inspire a great deal of trust in Mullvad.

Visit Mullvad »

Is Mullvad Secure?

The real test of a VPN provider’s technical security is in the details of the OpenVPN encryption it uses. By default Mullvad uses the following settings:

OpenVPN Encryption
Cipher
AES-256-CGM
Control hash auth
HMAC SHA-1
Handshake
RSA-4096
Forward Secrecy
DHE-4096
Logs & Legal
Connection
none
Traffic
None
Country
Sweden

Control channel: an AES-256-GCM cipher with RSA-4096 handshake encryption and HMAC SHA-1 hash authentication. Perfect forward secrecy is provided by a DHE-4096 Diffie Hellman key exchange, which is re-keyed every 60 minutes.

Data channel: an AES-256-GCM cipher. HMAC hash authentication is not required because GCM ensures both confidentiality and integrity. GCM attaches a so called authentication tag instead of a HMAC hash.

Hash authentication on the control channel can be upgraded to SHA-384 by manually editing the configuration files. Even at default levels, however, this is an extremely secure setup

All custom software is fully open source and is digitally signed, which is great.

Want to know more? Please check out my VPN encryption guide and  5 most secure VPNs for 2017 (which will probably include Mullvad the next time I update it).

The Website

I would describe the Mullvad website’s aesthetics as functional. The layout is clean and information is presented in a clear, easy-to-access manner. The information itself is informative, well-written, and covers most questions I had about the service.

The various guides, in particular, are very useful. This includes both setup guides and more general guides to things such as setting up split-tunneling, configuring pfSense, and how to get the best performance from your BitTorrent client.

Mullvad also publishes interesting blog articles on a monthly basis.

Mullvad Support

Other than the great setup guides, support is limited to an email address. When I contacted Mullvad I had to wait three days for a reply. It must be said, though, that when it eventually came, the reply was excellent. Many VPN services are extremely vague or are completely unable to answer when pressed on details of the encryption they use. Mullvad, by contrast, provided a very detailed  and knowledgeable response to my questions.

The Process

The Mullvad signup process is very unusual, in that you do not need to supply either an email address or a password.

All you need do is prove that you are human with a CAPTCHA, and you will be issued with an account number.

This number is the only way in which Mullvad identifies your account. It is used to sign in to the client, to manage account payments, and so forth.

The Windows Client

Once you have generated an account number, you can download Mullvad’s software.

As soon as you start to use the software, your three-hour free trial timer starts to tick. As you can see, I don’t have an IPv6 connection.

Note the firewall-based DNS leak protection and kill switch (“Block the internet on connection failure”). You can also tunnel IPv6 connections through the VPN. If this option is not enabled, IPv6 is simply disabled.

If you know what you are doing, you can manually tinker with advanced connection settings to your heart’s content.

While the client is fairly stripped-down, it works flawlessly and has all the features you really need.

Mullvad Performance (Speed, DNS, WebRTC, and IPv6 Tests)

All tests were performed on my Virgin Media UK fiber connection, using the OpenVPN User Datagram Protocol (UDP).

The graphs show the highest, lowest, and average speeds for each server and location. See our full speed test explanation for more details.

Transatlantic speeds are a little uninspiring, but on my connection should still be fast enough to stream content without any buffering issues. Speeds within Europe are excellent. Mullvad runs many servers in its home country of Sweden. As we can see, these actually performed better than servers that are geographically closer to me.

I detected no IP leaks

Please note that Private Use RFC IPs are local IPs only. They cannot be used to identify an individual, and so do not constitute an IP leak. Unfortunately, my Internet Service Provider (Virgin Media UK) does not support IPv6 connections, so I am unable to test for IPv6 leaks at this time. This is a situation that should change in the near future.

Mullvad was blocked by Netflix on every US server that I tried, but worked fine for BBC iPlayer on a UK server.

Other Platforms

Mullvad has dedicated clients for Windows, Mac OS and Linux, which are all essentially identical. The Linux client is worth noting in particular, as fully-featured graphical user interface (GUI) Linux clients are still quite rare.

The Mullvad Linux Mint client

Full setup instructions for the Linux client are available for Ubuntu/Debian, Fedora 23/24, Fedora 25/26, Mint/Debian, and Elementary Freya.

Detailed manual setup guides (mainly OpenVPN) are provided for Windows, Mac OS, Linux, iOS, Qubes OS, and a selection of routers (including DD-WRT and Tomato).

Mullvad is a big fan of the experimental WireGuard VPN protocol.

WireGuard performs significantly faster than OpenVPN,  often 5-20x faster on small consumer routers, and it handles roaming better.

This is not something that I have come across before, but hard-core techies might be interested. Mullvad supplies WireGuard setup instructions for Linux and routers (which requires installing new firmware on your router).

Mullvad VPN Review: Conclusion

I liked:

  • Fantastic no logs at all policy
  • Very privacy-centric
  • Five simultaneous connections
  • An array of anti-censorship technologies on offer (SSH and SSL tunneling, Shadowsocks, port selection)
  • Port forwarding
  • Multi-hop VPN
  • SOCKS5 proxy
  • P2P torrenting allowed on all servers
  • DNS leak protection and kill switch
  • Full GUI Linux client
  • Full IPv6 routing
  • Great guides
  • Excellent European speeds
  • You can pay by sending cash by post!
  • Three-hour free trial
  • 30-day money-back guarantee

I wasn’t so sure about:

  • Limited number of servers
  • Blocked by US Netflix
  • Transatlantic speed results not so impressive
  • Support response was very slow (but great when it eventually arrived!)

I hated:

  • Nothing

All in all, I am a very big fan of Mullvad. Few, if any, other VPN services can match its dedication to privacy. Mullvad backs this up with cast-iron technical security and a wealth of sophisticated anti-censorship technologies.

If you are a more casual user, however, don’t let any of this put you off. Mullvad’s software is very easy to use and works flawlessly. A three-hour trial might not be much, but it is enough to ensure the service works for you. If you still have problems, then the 30-day money-back guarantee should have you covered.

This is just as well, as support seems rather slow. Given the speed test results and server locations, it is also probably worth suggesting that Mullvad is best suited to European users.

If you can live with these limitations, I consider Mullvad to be one of the very best VPN services out there.

Visit Mullvad »

Douglas Crawford

I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. You can now follow me on Twitter - @douglasjcrawf.

23 responses to “Mullvad Review 2017

    1. Hi VPN user,

      Thanks for flagging this up. Our devs are revamping the back end of the website, and this seems to be unintended side-effect. I have notified them of the issue.

    fantastic vpn with fast and clean connections, a lot of servers , great client with killswitch and very useful advanced settings to personnalise the connection (mtu settings for example to bypass vpn detection)
    Not only one disco at all since a year ! The Team is great , they are deeply improved in internet freedom and the service is fast and fiendy.
    You can get a software client under Linux ( very rare) Mac and Windows
    Open Connect for Ios and Android (working really well)
    Mullvad deserve to be better know , and belongs to the top of the cream of existing VPNs

    One of the best vpn that I ever used ! warmly recommended

    One of the best VPN of the market for Linux .
    Great client
    25 countries
    good encryption
    excellent privacy (bitcoin and even cash payment by mail with an anonymous subscription number !)
    Not expensive (5€ per month)
    No leak , Killswitch , adjustable parameters like MTU value , forwarded ports etc.. in client vers 63)
    No blacklisted ip !!! (not the case of most of “big” vpns)
    Possibility to bypass vpn detection
    In one year I’ve never encountered any issue with MULLVAD

    I’ve been using this service for quite awhile now. It’s been very good in terms of features, function and reliability. I can now use my Android device (Nexus 4 and 5X) permanently connected on VPN using OpenVPN with the mullvad.ovpn file on the SD card.

    Price – fine
    Speed – fine
    Features – fine
    Customer service – fine
    Privacy Policy – VERY GOOD! 5/5

    I’ve been using Mullvad for several months now in order to bypass my ISP torrent block and it worked fine without any problems. I also like the fact that one account can be used on up to three devices.

    So far experience has been fantastic for the price. Had all the features I was looking for and sufficient speed (20/40). Had some issues with client but connecting over OpenVPN was easy with provided configuration files.

    Testing from Amanah Tech (162.219.176.251)…
    Hosted by Keewaytinook Okimakanak (Toronto, ON) [1.99 km]: 15.78 ms
    Testing download speed………………………………….
    Download: 17.36 Mbit/s
    Testing upload speed…………………………………………..
    Upload: 40.20 Mbit/s

    Seems pretty nice so far.. the 3 hour trial worked well; the only hitch I ran into was that my OS needed a little tweaking to work with OpenVPN (I needed to disable NetworkManager’s dnsmasq), but the VPN service itself was fantastic!
    I prefer to use my system’s VPN manager, but the program they provide to do it worked really well. Everything was easy to use and pretty fast.

    Now we’ll see if my envelope with $6 can make it to Sweden without being looted by unscrupulous postal workers.. :/

    1. Mullvad is good and fast. I used it for half year. It works well.
      I am using several VPN providers such as vpnbook and airvpn.
      Mullvad is better than them.

    Hi PissedOff,

    I will just chip in to say that BestVPN agrees with you. For European countries where we do recommend you use, see https://bestvpncom.wpengine.com/blog/5653/data-retention-vpn-logging-and-internet-surveillance-in-europe/. You may also be interested in this article: https://bestvpncom.wpengine.com/blog/6571/germany-to-spend-100-million-euros-on-increasing-internet-surveillance/.

    Mullvad now has fully operating servers in Sweden and the Netherlands, which are much better options.

    Do not use Germany server (with this or any other VPN) to do P2P…Germany copyright law is even worse than the US and UK, it’s really like a 3rd world country!

    Hi Symbol,

    As we noted in an update at the end of the review, last time we checked on Mullvad everything worked just fine, so the comments about dead links to the config files can now be safely ignored.

    Referring to your final section,’Setting up OpenVPN for Android’, possibly you were not logged in? This is how it went for me:
    First of all you have to log in to your online account, then when you download the Android config files, they contain your User ID in the file name. I then followed the instructions copying them to my Android device. Finally I opened OpenVPN and steered it towards the copied config files.
    When you then click on to connect with OpenVPN, each time it asks you to confirm the Mullvad config files, and you’re away, for me it’s faster than my W7 connection.
    Hope that helps!

    1. Can you flesh out how you did this a bit more? I am not a beginner but not exactly adept either. Can you maybe make a step by step for beginners to get this set up for android?

      1. Hi Iz. We have a detailed look at how to set up VPN on an Android device in this article bestvpncom.wpengine.com/blog/3783/best-vpn-for-android/.

    Mullvad is the best out there!
    Easy to use client, fast connection, and no bandwidth limits!
    Excellent privacy, and no logs!
    All this for only 5 euro per month!

    Very usefull here in Poland where freedom of speech no longer exists
    and people are put to jail for making jokes of government.

    Less than 1 Mbit/s? Some Windows computers have packet loss problems with OpenVPN over UDP. One thing that can help is to make the tunnel run over TCP instead. Go to Advanced in Settings and set protocol = tcp in the [Client] section.

    been a customer for three months, and this service getting worst for everyday.
    disconnections every day, support doesn’t answer email.
    maassive packet loss, this service only work good if you are on 56k modem or less

    Mullvad is absolutely fantanstic. The guys are quick to respond to problems and the speed is great. 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *

Want to add a star rating to your comment? Click here
Price
Features
Reliability
Speed
Customer Service