They run Leta on diskless servers, just like the VPN:
>We run the Leta servers on STBooted RAM only servers, the same as our VPN servers. These servers run the latest Ubuntu LTS, with our own stripped down custom Mullvad VPN kernel which we tune in-house to remove anything unnecessary for the running system.
>
>The cached search results are stored in an in-memory Redis key / value store.
This is surprising given that they try to cache results for 30 days:
>Each search that has not already been cached is saved in RAM for 30 days. The idea is that the more searches performed, the larger and more substantial the cached results become, therefore aiding with privacy.
That's surprising because presumably they lose all results if they have to reboot the server.
With a VPN service, there's not much they have to store past the lifetime of the VPN session, but if they're storing search results for 30 days, I wonder how they deal with this? Maybe best effort is fine because they don't strictly need to cache the results, as it just provides marginal privacy improvements.
KoolKat23 · 19h ago
yes, they state in the FAQ, any updates to the system clear the cache. Caching is due to query cost.
bravetraveler · 12h ago
Cost that's external, too: Brave or Google are behind the results. Things would be terrible without the cache... but that doesn't mean every request needs to be cached. Can't - gotta source it.
Wouldn't want to hang onto things too long, current events run out of currency :)
kikokikokiko · 19h ago
"That's surprising because presumably they lose all results if they have to reboot the server."
Strictly speaking they only lose all results, FOR SURE, if they have to reboot ALL the servers at the same time. If they implemented a system where the cached results are shared and replicated among all their servers, it can in theory be kept cached indefinitely.
vvillena · 17h ago
From the FAQ:
> Each time the Leta application is restarted (due to an upgrade, or new version) server side, a new secret hash is generated, meaning that all previous search queries are no longer visible to Leta.
If I read this correctly, the cached data is per-instance, there would be no way to share cached data among instances if each one has its own secret hash and they are cycled on each start.
mtlynch · 19h ago
Oh good point. I didn't realize redis syncs data across nodes.
treve · 19h ago
For this kind of application, they would likely distribute the data across nodes, not sync.
xlt · 17h ago
If they are running in a VM they could live migrate the VM to a different machine if they need to reboot. That or a cluster of Redis caches.
ignoramous · 19h ago
> This is surprising ... as it just provides marginal privacy improvements.
Diskless does not mean SSH-less or network-less. The "data" can be pulled / pushed just the same, which is to say, Diskless, in this case, is no better than verifiably read-only partitions (like on ChromeOS & Android, for example).
mtlynch · 19h ago
Sorry, I don't know what you mean. When I said it provides marginal privacy improvements, I meant the caching, not the disklessness.
Diskless does provide privacy improvements, as it drastically reduces the odds of something accidentally persisting to storage.
kees99 · 19h ago
Diskless (edit: with OS in initramfs) is indeed a golden standard against local persistence, but requires quite a bit of extra RAM - few GB for "latest Ubuntu LTS".
With regards to preventing accidental persistence, disk with only dm-verity partitions is as good, with extra advantage of only adding a little bit of extra RAM usage (/tmp, /var/run, ...)
For that matter, even something as sloppy as booting with rootfs wich can't be remounted rw (iso9660, squashfs, etc..) and is the only mounted fs, is also perfectly good against accidental persistence.
toast0 · 19h ago
You could run from NFS and not need much extra ram. Plus you save like $25/node by not having a local disk.
ChocolateGod · 3h ago
You could go the extreme and boot off Google Drive (or any other fuse FS).
Mullvad swinging for the fences suddenly. They have a billboard in South San Francisco, too. Did they get a cash infusion? Why all of the sudden are they expanding? Honestly, I'd have changed the name by now...
NalNezumi · 2h ago
I really hope they don't change the name, I like the name "Mullvad" (Mole in Swedish) and "Leta" (Search in Swedish) and everything doesn't need to be Anglo centric in the appeal :)
Although the society is almost zero privacy, it have historically had some funny IT figures for privacy and digital issues so people searching up for the background of the name might stumble upon it.
I'm guessing they won't change the name. It's a similar branding strategy as ikea, with "funny" nordic (specifically swedish, but other brands have done it with norweigan and danish too) names that for some people makes it sound quaint and quality.
kfreds · 4h ago
> Did they get a cash infusion? Why all of the sudden are they expanding?
No cash infusion. We've been growing for years, just like many other VPN services. We're still quite a bit smaller than e.g. Nord and Express though.
As for our choice of advertising, we don't run an affiliate program, nor do we want to track our customers through online ads, so we're trying this instead. It's cheaper than you might think.
// Fredrik (cofounder of Mullvad)
prophesi · 19h ago
They prefer outdoor ads over targeted online advertising
In (American, at least) English, there's a very common pattern of vowel reduction on unstressed syllables, resulting in "schwa-ification" [0][1] where all such vowels become indistinguishable from each other.
In this case, we say "duh lorr uhss" instead of "do lor ez". The second one doesn't sound like clitoris at all, but the first one.. okay it doesn't sound similar to me either, but it's closer at least.
[1] "schwa" is the name of the mid, central, unrounded vowel, IPA [ə]
trealira · 13h ago
I have to say that, the vast majority of the time, the way I've heard and said the word "clitoris" doesn't rhyme at all with "Dolores," so I wouldn't have been able to guess it either.
oscarmoxon · 20h ago
They're also littering the London tube system with ads - there's definitely been a lottery win or a series A.
parkaboy · 20h ago
They were one of the earliest to adopt bitcoin and monero payments--if they didn't convert all those payments immediately to cash, they're probably sitting pretty right now.
dijit · 19h ago
They also have a partnership with Tailscale that can't be undersold.
I'm not sure how much it adds to their bottom line for each sale, but my corp was using the Mullvad VPN addition to tailscale to do global testing by our developers.
IE; "is something blocked, do we detect GEOIP properly" etc;
haiku2077 · 15h ago
The Tailscale integration is super handy while traveling. One app to access my home server and my home region.
george_perez · 18h ago
And Mozilla VPN as well.
kfreds · 4h ago
> there's definitely been a lottery win or a series A
We have neither won the lottery nor taken on outside investment. We've been growing for years, and we've reached a point where we can afford campaigns like this. It is an interesting experiment by our marketing team. Still, I think people on HN overestimate the cost of campaigns like this.
noir_lord · 17h ago
Now’s a good time since the online safety bill kicks in towards end of July.
UK use of VPN’a outside the office/work environment is gonna skyrocket.
unfitted2545 · 19h ago
And whole buses!
JCattheATM · 15h ago
My concern is that when they can advertise to the extent they do, to what extent can they really be trusted? Anything that popular is going to be a target by law enforcement, and we really have no way of verifying any of their claims.
sillyfluke · 12h ago
Yeah, this advertising to the masses push makes me queasy. It has the reverse effect on me than was intended. Weird brand self-harm for a privacy/data hygiene oriented company.
Barbing · 20h ago
Yes, it’s gotta be something catchy. Like “Rakuten”!
bosse · 20h ago
I noticed their billboards and bus ads in New York City a year ago, so it’s not entirely new that they are marketing like this.
al_borland · 12h ago
Same, but on the train at the DC airport. I liked that they align their actions with their mission. Physical ads like this are perfect way to advertise a privacy tool, as their ads respect user privacy.
tomxor · 18h ago
I had to switch to iVPN last year (similar ethos), because Mullvad became pretty much unusable due to blacklisting and laggy DNS servers.
I'm assuming it has something to do with the push in recent years to expand their userbase, but they don't seem to be able to keep a clean enough pool of IPs like the big popular ones to cope. I know all VPNs struggle with this but it was getting ridiculous, where every single server in a country would receive infinite re-captcha.
INTPenis · 17h ago
iVPN is a great choice in terms of security, they also use STboot, but I think you're just flying under the radar with their IPs because they struggle with the same problems as Mullvad.
tomxor · 17h ago
Yes, it only works better because the obscurity to IP ratio is good. It could easily be as bad as mullvad if they became more popular. But as I understand it the really popular VPNs address this with huge pools of servers and IP cycling?
One other issue I had with Mullvad that put the nail in the coffin for me was randomly laggy DNS resolvers, they would get fixed just by the time I start investigating it, but it kept happening... I say this as a mostly happy user for probably 7 years, but then found myself having to turn it off more than on to be able to access most sites.
lysace · 18h ago
Not quite my experience.
> where every single server in a country would receive infinite re-captcha.
What does that even mean? Have you also disabled cookies?
Typically it's a Cloudflare captcha if you're doing that, not a re-captcha. And afaik pretty much everyone gets this treatment with zero history. Welcome to the modern web.
zargon · 18h ago
They’re referring to the situation when a service has blacklisted you, but will pretend they haven’t and give you captcha after captcha to keep you busy.
encom · 18h ago
>Welcome to the modern web.
Cloudflare recently started holding stackoverflow hostage as well. "Weird" OS + "weird" browser + cookie autodelete = www is hell, even on clearnet. I hate cloudflare so much it's unreal, including everyone who works for them, for enabling this nonsense.
RemainsOfTheDay · 17h ago
I've been seeing Mullvad billboards for years, including in Paris.
holysoles · 20h ago
based on their company about page, looks like Leta has existed since 2023
This thing has been advertised EVERYWHERE in London the last few weeks.
But the adverts didn’t make a lot of sense and I had no idea what the product actually did.
diggan · 18h ago
I think it's a new/old marketing strategy. Make it interesting enough that people see and notice it but don't understand what it is, with the hopes that you go out to figure out what it is. A brave strategy, but since it's still around, I guess it works sometimes.
Sammi · 17h ago
It incentivises people to ask each other about it. But you need high pervasiveness of the ad for two people to both have seen it and ask each other about it.
throw432196 · 8h ago
I still didn’t know what it was. Went to the headline link and had no idea, typed in “what is this”. Still no idea. I had to read the hn comments to discover it is a search proxy..
smallerfish · 18h ago
So how do they make money? Are they hoping to convert users to their VPN service? Or are they just trying to stay under the free tier Google API limits?
haiku2077 · 18h ago
Leta is the supported search engine of Mullvad Browser which is a privacy-centric version of Firefox that integrates with Mullvad VPN. Think Mullvad Browser:Regular Internet as Tor Browser:Onion websites. So this is part of an ecosystem for their VPN subscribers.
(I'm a Mullvad customer, not Mullvad directly, but that's how I use their browser and Leta.)
prophesi · 18h ago
In the past, Leta was a service that was only accessible to paid Mullvad users. I'm unsure when they started allowing general access, but that's initially how it made commercial sense.
mmooss · 11h ago
Where does it say how it handles user information - what it collects, how long it's retained, what it's used for?
I would expect Mullvad to say they collect none, but is that said anywhere? Is there any privacy policy?
Edit: All it says is that they protect us from Google and Brave:
> When a search isn't in the cache, our server (leta.mullvad.net) queries the search engines on your behalf. Only the search query is sent; no personal data is shared.
and
> Returned search results contain only direct links to the final destination. All tracking elements and third-party content are removed to protect your privacy.
taco_emoji · 20h ago
Unfortunately, this is blocked at many places of work because of the domain, unlike DDG
freehorse · 19h ago
I am curious, why would a workplace block the mullvad.net domain? Or is it rather a whitelist thing?
hypeatei · 19h ago
"proxy avoidance" is the listed reason on my corporate network.
npteljes · 17h ago
Many workplaces use a corporate firewall, and on the admin panel, they can enable-disable categories of websites, like "Porn", "Adult themes", "Gambling", "Social", "Video streaming", "AI", etc. One of the categories could be "VPN", *.mullvad.net can fall into it, and it could be that they disabled that category. At many workplaces, it's against the rules to circumvent the company's monitoring, and so, many of such technologies are banned.
0cf8612b2e1e · 17h ago
Which is a killer because so many developer tools are on “naughty” domains (eg .dev and .ai) which are automatically blocklisted
npteljes · 14h ago
I don't think that .ai is automatically filtered in this case, it's more of a case by case basis. But it's killer nevertheless. "Adult themes" for example is a large umbrella at OpenDNS, and for example I wanted to check the lyrics of a song I was listening to, and it was hosted on darklyrics.com. Nope, couldn't visit, because it's Adult Themes.
Lol doesn’t matter, my company won’t let me install anything not whitelisted anyway.
The whitelist:
The blacklist: *
skyyler · 19h ago
People use VPN services at workplaces to circumvent web filters.
FirmwareBurner · 19h ago
IDK, why do some workplaces ban Steam domain? Or block Mozilla but not Chrome?
IT people are weird.
taco_emoji · 17h ago
Because they block VPNs
pugworthy · 18h ago
Yes blocked at mine I now see. Guess I've moved up a bit more on that "watch this guy" list.
I don't know how you'd exactly handle it, but an NSFWCP (Not Safe For Work Cybersecurity Policy) tag for some links would be nice.
jeanlucas · 19h ago
I'm sorry for being negative, but it feels to me just as a publicity stunt.
No serious product, just a proxy for Google, while it is interesting not a real solution.
But as a marketing tactic to promote your VPN it is an interesting move.
lolinder · 18h ago
A caching proxy for Google is a real solution for a real problem. It might not be a solution to a problem you have.
jeanlucas · 17h ago
It solves a problem for a niche that you assume I don't have.
But it has no real way to monetize and is likely to be shut down as soon as the marketing/publicity objectives are not aligned anymore.
That's what I was trying to point out.
mmooss · 11h ago
Maybe Mullvad has other interests too?
skeaker · 18h ago
Not sure what you mean by this, it is a real thing you can actually use so obviously it's not "just a publicity stunt."
jeanlucas · 17h ago
I mean I don't see it as a viable product and as soon as costs go high and/or the publicity expectations are met it will be shut down.
INTPenis · 17h ago
It's not a publicity stunt when they're using the technology they helped develop to run their search servers completely securely and without any stateful data.
jeanlucas · 15h ago
Hmm, that makes more sense, framing it like that. I still don't think this is a viable product
No comments yet
mmooss · 11h ago
It's been running for two years, if I understand correctly.
xlt · 17h ago
A proxy for Google is a product if it provides additional features Google alone does not provide... in this case: Privacy
xnx · 19h ago
These alternative search engines really feel like they're fighting the last war. Web content is so reader-hostile that you need a tool to extract the answer/information you're looking for and not just give you a link to the page.
SirHumphrey · 18h ago
I don’t actually. I have read far too many AI summaries where the llm combines data about two different people with the same name creating a biography of someone that doesn’t exist.
And once the use of chatbots in this role becomes widespread- don’t think for a second that companies won’t sso the thing until it’s about as useful as current search.
haiku2077 · 18h ago
I had an issue where Slack AI combined multiple people I work with into a summary that was negative in tone. And of course there was no way to provide feedback on this harmful behavior.
hart_russell · 16h ago
If the dead internet theory comes to fruition, I wonder if there will be "curated internets" where only good actors will be allowed to participate.
idlip · 18h ago
Why not embrace searxng^1. But sure I know brave and other would rate limit for it.
What would be the difference from duckduckgo lite?
I don't care much about that anymore because their VPN service has really gone bad. They are great in terms of privacy, but in every other aspect, they suck. Their VPN randomly disconnects again and again, once even without the killswitch being activated. They are getting blocked from websites much more often than other VPNs, making the service barely usable while costing a lot more. Plus, there are many other minor issues. I really hope they improve because I want to keep using them
DavideNL · 3h ago
> their VPN randomly disconnects again and again, once even without the killswitch being activated.
I have no idea which OS you are on, but for me it has been working flawlessly for many years, on iOS (using WireGuard.)
One exception: Apple blocking their services when using a VPN IP-address, on macOS. But that's an Apple issue of course...
Even years back, when Proton still had frequent connection/App issues, my phone using Mullvad was very reliable, and hasn't failed even once.
chvid · 19h ago
Fast, no ads, reasonable results. Well done!
bitpush · 18h ago
and stale.
dangoodmanUT · 19h ago
Aren't these APIs absurdly expensive? How are they justifying these costs, or are they using "unofficial" APIs?
jdpedrie · 18h ago
Brave has a subscription tier that offers storage rights. But it's ~9x the cost of their normal Pro subscription. I have a hard time imagining that the cost works out in their favor (discounting the possibility of a special arrangement) with how long the query stream tail is in web search.
Zefiroj · 19h ago
I wonder how well the caching works. The FAQ says 30 days, so you might be getting a pretty stale result. That combined with Google's "fun fact: 15% of all Google searches have never been searched before", makes me wonder how identifying these queries can be.
alcover · 12h ago
> Leta is also useless if your browser blocks all cookies, tracking pixels and other tracking technologies.
Err.. it would still be useful to mask your IP ?
napolux · 19h ago
I'm using startpage.com, guess this is gonna replace it as soon as it matures a bit
reustle · 11h ago
A simple explanation of what this does, shown somewhere on the page, would go a long way.
worldsavior · 18h ago
I don't understand why Google or Brave are cooperating with this, they don't earn anything. And if they're not, what prevents Google blocking Mullvad IPs?
o_m · 18h ago
Mullvad is paying to use their API's, like Kagi does. Google is making money on this
Then how does Mullvad earns? This surely costs a lot of money to pay for Google search results.
fr4nkr · 18h ago
Google likely just doesn't care. They know most people won't bother using privacy-oriented services out of inconvenience or apathy.
DrZeina · 20h ago
I am extremely excited about this and thus far it seems to work well.
mrweasel · 19h ago
Interesting solution to let the user pick which search engine to use. Sadly Bing is shutting down their API, it would have been great to be able to use that as well.
DaSHacka · 19h ago
> Sadly Bing is shutting down their API
Interesting, does DDG have plans to switch or start their own index?
I'm surprised this is created using NodeJS. Given how critical performance is in a proxy, and that RAM is precious running Redis.
jxjnskkzxxhx · 17h ago
If people search CSAM, do they serve it? Isn't that criminal?
freehorse · 13h ago
You mean if google serves it?
jxjnskkzxxhx · 13h ago
I'm talking about the search engine in question.
areyourllySorry · 5h ago
there is no image search.
38 · 17h ago
You must be fun at parties
superkuh · 19h ago
Pretty much the only way to use google search as an HTML webpage instead of a JS web application these days. It's great. It reminds me of the scroogle.com proxy days.
I use it for all but my retro machines, which is a shame. I know Mullvad is a 'privacy' company but I really wish they'd acknowledge that HTTP+HTTPS is more robust to governments' censorship than centralized CA TLS only. HTTP+HTTPS would allow my non-bleeding edge TLS retro machines to search again.
thunder-blue-3 · 18h ago
This would've been a great product 10 years ago. I've unapologetically not had to use a search engine in almost a year (or at least can count on 1 hand having to use it) since GPT models have come out.
npteljes · 17h ago
What do you use to look for products, and businesses? I also use chatbots much more, but these are two categories where I found search engines to be much better. But I haven't really looked for an alternative either.
whizzter · 18h ago
More than once people at work have asked me for help after not solving their problems with ChatGPT, and the solution was to google and hit some stackoverflow answer.
homebrewer · 18h ago
The situation hasn't changed for most of us. None of the people I've talked to over the past couple of years have stopped using Google, none are using LLMs for anything other than translation (or helping proofread their English) or simply for wasting time.
FWIW, since we're exchanging anecdotes, LLMs have been completely useless for me. I try them every 3-6 months and always return to Google disappointed.
ranguna · 17h ago
I think both you and the OP are ends of the same spectrum.
benbristow · 18h ago
Did a search for 'test', says results are cached from 6 days ago.
When we've got LLMs with real-time search now this seems a bit... backward. Not that the results for that specific query would change much.
> Leta aims to present a reliable and trustworthy way of searching privately on the internet.
> Leta is also useless if your browser blocks all cookies, tracking pixels and other tracking technologies.
Huh? This needed better clarification because the two points seem to be at odds with each other.
jsnell · 13h ago
What they're saying is that if you had already closed off all possible methods of being tracked, you'd gain nothing from this service, since whatever other search engine you choose to use instead would by definition not be able to track you.
freehorse · 13h ago
I assume if you block all tracking technologies it does not offer anything more than what you already have? Because then your queries cannot be tracked?
> However, Leta is useless as a service if you use the perfect non-logging VPN, a privacy focussed DNS service, a web browser that resists fingerprinting, and correlation attacks from global actors. Leta is also useless if your browser blocks all cookies, tracking pixels and other tracking technologies.
In other words everyone can benefit from it. I don't know any browser (not talking about obscure browsers like lynx) who can completely resist fingerprinting.
haiku2077 · 15h ago
Mullvad makes a fingerprinting resistant browser. It uses tricks like displaying the content inside a smaller window to mimic popular laptops and phones.
It's not perfect (it's firefox based so that already sticks out) but better than could be done otherwise.
VTimofeenko · 18h ago
Using an obscure browser that is not hiding its user agent is arguably worse for fingerprinting.
nalekberov · 16h ago
Ironically yes.
DbigCOX · 19h ago
This is incredible actually.
tiffanyh · 19h ago
How is this different than using DDG with the “!g” ?
toast0 · 19h ago
Doesn't !g just redirect you to Google? From comments, this is proxying and potentially caching from Google. Having an intermediary is potentially of value.
SergeAx · 15h ago
Wait, Google doesn't have a Search API!
pipes · 17h ago
What is it?
rasengan · 20h ago
This isn't really privacy or security focused unless 'trust' is a component of security architecture.
Make no mistake, Mullvad Leta knows what you searched for and who you are.
/Theater/ has no place in privacy.
The right way to do it, short of FHE, is to encrypt the query client side, pass this to the proxy which does not pass the source IP, which passes this to the search engine for decryption. Search results are encrypted and pass thru in the reverse:
Client (encrypts) -> Proxy (passes thru no IP) -> Search engine (receives, decrypts, performs, and encrypts results) -> Proxy passes encrypted blob of results back to user -> Client privately reviews private search results.
Edit: private.sh tried this in the past but unfortunately was shuttered with the end of gigablast.
huslage · 19h ago
Mullvad has built trust over many years. There is always someone who knows what you are searching for. The search engine will not accept an opaque blob of encrypted data as a search term, after all.
bitpush · 18h ago
The trust comes from them being a small player. The moment they get big, govt will come knocking, and they'll be just like anyone else.
Kbelicius · 17h ago
The govt already knocked and Mullvad had nothing to give them.
abtinf · 19h ago
If the encryption library is loaded over the web, then it provides no added security. You are still trusting them. Web client side encryption is theater.
miloignis · 19h ago
This is a bit of an aside, but I see this take a lot and I think it's subtly wrong.
Web client side encryption eliminates fully passive snooping on the server side, but of course does nothing for actively subverting the served encryption code. This makes things a bit more dangerous for the snooping party as it's possible that the backdoored encryption code will be noticed by someone, and it's at least possibly a legal defense - the government might have the power to compel you to hand over data on your server but not to backdoor your code.
This isn't a huge technical difference, but it is a difference, and especially with the legal angle I think it's an important one.
rasengan · 19h ago
Agreed, it requires something more significant like an auditable (non obfuscated code) extension or better.
alcover · 12h ago
What if browsers supported a property like <script hash=64192876> ?
They would store the hash on first connection then verify on subsequent ones.
I know this should be refined and hardened but you get the idea.
mettamage · 18h ago
I'd rather have some people in Sweden know what I've searched for than whatever I'd find abroad.
esafak · 20h ago
Mods: Consider adding to the title: A privacy focused search engine
Right, one that by my understanding “pools” searches, in a way. As their blog put it in 2023:
“Mullvad Leta uses the Google Search API as a proxy, caching each search. These cached results are shared amongst all users, reducing costs and improving privacy. This service is user-supported and doesn't rely on ads or data selling.”
blibble · 20h ago
I thought the google search and bing API terms explicitly forbade you from caching the results for more than a short period of time
exactly to stop people doing this
lcnPylGDnU4H9OF · 19h ago
That short period of time is likely to pool a group of users. Even if not, using Mullvad as a personal proxy for Google is a better privacy-conscious decision than using Google directly.
brewdad · 18h ago
Just call it AI and there are no rules.
thayne · 19h ago
It seems like the Google Search API quotas would be a problem, unless they have some special deal with Google.
KoolKat23 · 19h ago
I'm curious doesn't outright say whether personal data is logged or kept? Like with the hashed original search or even separately.
The FAQ also mentions user changeable settings for freshness, can't see that.
Still very kind of them :)
microflash · 20h ago
I did add that description but seems like it was edited by mods.
lcnPylGDnU4H9OF · 20h ago
I presume that's because calling it privacy-focused is considered editorializing. I'd at least hope it can have "(search engine)" or similar because I had no idea what it was before clicking.
glenstein · 19h ago
I had assumed it was Mullvad announcing their own LLM.
microflash · 19h ago
Yeah. I usually stick to original titles and don't editorialize them, except when the title itself does not make it obvious what it is about.
voytec · 18h ago
> Mods: Consider adding to the title: A privacy focused search engine
@dang No - please don't do it. This request is plain stupid.
Apple and Google being "privacy-focused" is a silly buzz-phrase at this point. Mullvad is tied to Alphabet/Google.
EDIT (2025 05 28 16:45 UTC): great to see how my recent comments were raided <3
Who the fuck have I annoyed? :)
PufPufPuf · 18h ago
The request is just to add context to the title. The perceived veracity of that title isn't really important, if they decided to call themselves that.
BTW what ties are you talking about? Is there a source for that claim?
dang · 18h ago
> plain stupid
You broke the site guideline against calling names, at least.
Fair. I apologize for my poor choice of words. I however stand by my point in general.
xyst · 19h ago
Search engines are so hot rn. Reminds me of 1990s, 2000s.
AskJeeves, anyone?
\s
I jest, but the focus on privacy is important. I used to use DDG but ended up using (and paying for) Kagi.
dangus · 19h ago
> Did you make your own search engine from scratch?
> We did not, we made a front end to the Google and Brave Search APIs.
So this is pointless, and honestly kind of lazy?
JanNash · 19h ago
Is it pointless though if e.g. there are no ads?
dangus · 16h ago
In a way, yes, because without ads or any kind of revenue source it's bound to be shut down.
areyourllySorry · 5h ago
enjoy it while it still works, then.
deelowe · 19h ago
I feel like the name "mullivad" might present challenges for user adoption.
sakjur · 19h ago
Am I (native Swedish speaker, so perhaps ignorant of secondary connotations here) missing something that should be obvious? Is mullvad inappropriate to some readers or is it just an odd name?
nkurz · 9h ago
No, I don't think you are missing anything. As an English speaking American, it just strikes me as a strange name that I wouldn't immediately associate with a search engine. Note for example that the parent spelled it wrong despite that being the focus of his question. But there is no second level of meaning or innuendo that I'm seeing.
DarkCrusader2 · 19h ago
Totally agree. Everything should be Americanized as much as possible so that it conforms to American sensibilities and is easier to use and understand for Americans.
Who cares about languages and culture of few dozen people who does not live in AMERICA.
PrivacyDingus · 19h ago
current options are google, duckduckgo, bing, I think they'll be fine; what's in a name? and all that
nosioptar · 19h ago
I was dumb enough to buy more than 30 days worth of mullvad once. They changed their terms of service to remove port forwarding. Because I'd paid more than 30 days ago, they wouldn't refund me anything.
Screw mullvad. I'd have to be a damned fool to to ever trust them again.
Cerium · 19h ago
I don't hold it against them, but I got burned by that change too; but it was entirely reasonable, allowing inbound provides abuse opportunities which degrade their primary service reputation.
nosioptar · 17h ago
I wouldn't be mad, had they have been willing to refund since they changed the functionality.
DaSHacka · 19h ago
Really? That's unfortunate, I heard of many people getting refunds back when they removed port forwarding.
nosioptar · 17h ago
I didn't because I'd paid more than 30 days prior to the change.
>We run the Leta servers on STBooted RAM only servers, the same as our VPN servers. These servers run the latest Ubuntu LTS, with our own stripped down custom Mullvad VPN kernel which we tune in-house to remove anything unnecessary for the running system. > >The cached search results are stored in an in-memory Redis key / value store.
This is surprising given that they try to cache results for 30 days:
>Each search that has not already been cached is saved in RAM for 30 days. The idea is that the more searches performed, the larger and more substantial the cached results become, therefore aiding with privacy.
That's surprising because presumably they lose all results if they have to reboot the server.
With a VPN service, there's not much they have to store past the lifetime of the VPN session, but if they're storing search results for 30 days, I wonder how they deal with this? Maybe best effort is fine because they don't strictly need to cache the results, as it just provides marginal privacy improvements.
Wouldn't want to hang onto things too long, current events run out of currency :)
Strictly speaking they only lose all results, FOR SURE, if they have to reboot ALL the servers at the same time. If they implemented a system where the cached results are shared and replicated among all their servers, it can in theory be kept cached indefinitely.
> Each time the Leta application is restarted (due to an upgrade, or new version) server side, a new secret hash is generated, meaning that all previous search queries are no longer visible to Leta.
If I read this correctly, the cached data is per-instance, there would be no way to share cached data among instances if each one has its own secret hash and they are cycled on each start.
Diskless does not mean SSH-less or network-less. The "data" can be pulled / pushed just the same, which is to say, Diskless, in this case, is no better than verifiably read-only partitions (like on ChromeOS & Android, for example).
Diskless does provide privacy improvements, as it drastically reduces the odds of something accidentally persisting to storage.
With regards to preventing accidental persistence, disk with only dm-verity partitions is as good, with extra advantage of only adding a little bit of extra RAM usage (/tmp, /var/run, ...)
For that matter, even something as sloppy as booting with rootfs wich can't be remounted rw (iso9660, squashfs, etc..) and is the only mounted fs, is also perfectly good against accidental persistence.
https://ersei.net/en/blog/fuse-root
https://news.ycombinator.com/item?id=36402162
https://news.ycombinator.com/item?id=35964397
Mullvad Leta: A search engine used in the Mullvad Browser - https://news.ycombinator.com/item?id=36402162 - June 2023 (142 comments)
Mullvad Leta (Search Engine) - https://news.ycombinator.com/item?id=35964397 - May 2023 (32 comments)
Although the society is almost zero privacy, it have historically had some funny IT figures for privacy and digital issues so people searching up for the background of the name might stumble upon it.
[1] https://youtu.be/rHVVpNRwLk0?feature=shared
[2]https://en.m.wikipedia.org/wiki/Bahnhof
[3] Peter Löthberg https://www.reddit.com/r/todayilearned/comments/1d8056g/comm...
[4] https://en.m.wikipedia.org/wiki/The_Pirate_Bay
No cash infusion. We've been growing for years, just like many other VPN services. We're still quite a bit smaller than e.g. Nord and Express though.
As for our choice of advertising, we don't run an affiliate program, nor do we want to track our customers through online ads, so we're trying this instead. It's cheaper than you might think.
// Fredrik (cofounder of Mullvad)
https://mullvad.net/en/blog/advertising-that-targets-everyon...
> Mullva?
(for people wondering, it's clitoris).
https://seinfeld.fandom.com/wiki/The_Junior_Mint
https://seinfeld.fandom.com/wiki/Dolores
In this case, we say "duh lorr uhss" instead of "do lor ez". The second one doesn't sound like clitoris at all, but the first one.. okay it doesn't sound similar to me either, but it's closer at least.
[0] https://en.wikipedia.org/wiki/English_phonology#Unstressed_s...
[1] "schwa" is the name of the mid, central, unrounded vowel, IPA [ə]
I'm not sure how much it adds to their bottom line for each sale, but my corp was using the Mullvad VPN addition to tailscale to do global testing by our developers.
IE; "is something blocked, do we detect GEOIP properly" etc;
We have neither won the lottery nor taken on outside investment. We've been growing for years, and we've reached a point where we can afford campaigns like this. It is an interesting experiment by our marketing team. Still, I think people on HN overestimate the cost of campaigns like this.
UK use of VPN’a outside the office/work environment is gonna skyrocket.
I'm assuming it has something to do with the push in recent years to expand their userbase, but they don't seem to be able to keep a clean enough pool of IPs like the big popular ones to cope. I know all VPNs struggle with this but it was getting ridiculous, where every single server in a country would receive infinite re-captcha.
One other issue I had with Mullvad that put the nail in the coffin for me was randomly laggy DNS resolvers, they would get fixed just by the time I start investigating it, but it kept happening... I say this as a mostly happy user for probably 7 years, but then found myself having to turn it off more than on to be able to access most sites.
> where every single server in a country would receive infinite re-captcha.
What does that even mean? Have you also disabled cookies?
Typically it's a Cloudflare captcha if you're doing that, not a re-captcha. And afaik pretty much everyone gets this treatment with zero history. Welcome to the modern web.
Cloudflare recently started holding stackoverflow hostage as well. "Weird" OS + "weird" browser + cookie autodelete = www is hell, even on clearnet. I hate cloudflare so much it's unreal, including everyone who works for them, for enabling this nonsense.
https://mullvad.net/en/about
But the adverts didn’t make a lot of sense and I had no idea what the product actually did.
(I'm a Mullvad customer, not Mullvad directly, but that's how I use their browser and Leta.)
I would expect Mullvad to say they collect none, but is that said anywhere? Is there any privacy policy?
Edit: All it says is that they protect us from Google and Brave:
> When a search isn't in the cache, our server (leta.mullvad.net) queries the search engines on your behalf. Only the search query is sent; no personal data is shared.
and
> Returned search results contain only direct links to the final destination. All tracking elements and third-party content are removed to protect your privacy.
https://support.opendns.com/hc/en-us/articles/360061439112-R...
IT people are weird.
I don't know how you'd exactly handle it, but an NSFWCP (Not Safe For Work Cybersecurity Policy) tag for some links would be nice.
No serious product, just a proxy for Google, while it is interesting not a real solution.
But as a marketing tactic to promote your VPN it is an interesting move.
But it has no real way to monetize and is likely to be shut down as soon as the marketing/publicity objectives are not aligned anymore.
That's what I was trying to point out.
No comments yet
And once the use of chatbots in this role becomes widespread- don’t think for a second that companies won’t sso the thing until it’s about as useful as current search.
https://docs.searxng.org/
I have no idea which OS you are on, but for me it has been working flawlessly for many years, on iOS (using WireGuard.)
One exception: Apple blocking their services when using a VPN IP-address, on macOS. But that's an Apple issue of course...
Even years back, when Proton still had frequent connection/App issues, my phone using Mullvad was very reliable, and hasn't failed even once.
Err.. it would still be useful to mask your IP ?
https://leta.mullvad.net/faq#made-from-scratch
Interesting, does DDG have plans to switch or start their own index?
I use it for all but my retro machines, which is a shame. I know Mullvad is a 'privacy' company but I really wish they'd acknowledge that HTTP+HTTPS is more robust to governments' censorship than centralized CA TLS only. HTTP+HTTPS would allow my non-bleeding edge TLS retro machines to search again.
FWIW, since we're exchanging anecdotes, LLMs have been completely useless for me. I try them every 3-6 months and always return to Google disappointed.
When we've got LLMs with real-time search now this seems a bit... backward. Not that the results for that specific query would change much.
> Leta is also useless if your browser blocks all cookies, tracking pixels and other tracking technologies.
Huh? This needed better clarification because the two points seem to be at odds with each other.
> However, Leta is useless as a service if you use the perfect non-logging VPN, a privacy focussed DNS service, a web browser that resists fingerprinting, and correlation attacks from global actors. Leta is also useless if your browser blocks all cookies, tracking pixels and other tracking technologies.
In other words everyone can benefit from it. I don't know any browser (not talking about obscure browsers like lynx) who can completely resist fingerprinting.
https://mullvad.net/en/browser
It's not perfect (it's firefox based so that already sticks out) but better than could be done otherwise.
Make no mistake, Mullvad Leta knows what you searched for and who you are.
/Theater/ has no place in privacy.
The right way to do it, short of FHE, is to encrypt the query client side, pass this to the proxy which does not pass the source IP, which passes this to the search engine for decryption. Search results are encrypted and pass thru in the reverse:
Client (encrypts) -> Proxy (passes thru no IP) -> Search engine (receives, decrypts, performs, and encrypts results) -> Proxy passes encrypted blob of results back to user -> Client privately reviews private search results.
Edit: private.sh tried this in the past but unfortunately was shuttered with the end of gigablast.
Web client side encryption eliminates fully passive snooping on the server side, but of course does nothing for actively subverting the served encryption code. This makes things a bit more dangerous for the snooping party as it's possible that the backdoored encryption code will be noticed by someone, and it's at least possibly a legal defense - the government might have the power to compel you to hand over data on your server but not to backdoor your code.
This isn't a huge technical difference, but it is a difference, and especially with the legal angle I think it's an important one.
I know this should be refined and hardened but you get the idea.
I quoted their FAQ; it's not editorializing: https://leta.mullvad.net/faq
“Mullvad Leta uses the Google Search API as a proxy, caching each search. These cached results are shared amongst all users, reducing costs and improving privacy. This service is user-supported and doesn't rely on ads or data selling.”
exactly to stop people doing this
The FAQ also mentions user changeable settings for freshness, can't see that.
Still very kind of them :)
@dang No - please don't do it. This request is plain stupid.
Apple and Google being "privacy-focused" is a silly buzz-phrase at this point. Mullvad is tied to Alphabet/Google.
EDIT (2025 05 28 16:45 UTC): great to see how my recent comments were raided <3
Who the fuck have I annoyed? :)
BTW what ties are you talking about? Is there a source for that claim?
You broke the site guideline against calling names, at least.
https://news.ycombinator.com/newsguidelines.html
AskJeeves, anyone?
\s
I jest, but the focus on privacy is important. I used to use DDG but ended up using (and paying for) Kagi.
> We did not, we made a front end to the Google and Brave Search APIs.
So this is pointless, and honestly kind of lazy?
Who cares about languages and culture of few dozen people who does not live in AMERICA.
Screw mullvad. I'd have to be a damned fool to to ever trust them again.