Mullvad has partnered with Obscura VPN

ph00lt0 · February 11, 2025, 7:01pm

That is a good question. That really depends how it works but i would think they use their own IP and given dns is not encrypted it is fairly likely they could read it. If it is encapsulated packets to mullvad it could be encrypted but i am wonder how that initializes then.

jonah · February 11, 2025, 8:34pm

What makes you say this? The team is completely different, I don’t see anything to indicate any sort of relationship here.

This is the entire point of the service, yes.

Encounter5729 · February 12, 2025, 7:11am

I just used their public info from this.

Github org is Sovereign Engineering
Their Copyright header says this.

obscura-copyright2496×866 194 KB

ph00lt0 · February 12, 2025, 8:05am

Well get that but would that work for the DNS? I really would like to see some technical standard on how that would work.

Prismatic · February 12, 2025, 8:40am

https://sovereignengineering.io/ links their github as https://github.com/soveng (compare to the obscura VPN repo you linked: https://github.com/Sovereign-Engineering)

Gavin · February 12, 2025, 8:46am

Better question, why not just use SPN from portmaster, who safing is now owned by IVPN, and in turn, Portmaster / SPN.

I don’t really see the point in this service, as its doing something portmaster does pretty well. And SPN has been around for a lot longer.

ignoramous · February 12, 2025, 9:19am

From what I can tell from the code,^[1] the DNS config is sent by Obscura’s API endpoint, and is set with macOS’ Networking APIs.

I imagine that depending on macOS’ documented behaviour (default or desired), either the DNS is sent back into the VPN tunnel (in which case the DNS query should be relayed over Obscura to Mullvad) or not (as in, sent out the underlying network, outside of the tunnel; which tbh seems unlikely to have skipped app developer’s attention).

I used Sonnet to explore the codebase. Search terms: startTunnel, jsonTunnelArgs, NetworkConfig, NEPacketTunnelNetworkSettings, NEDNSSettings, PacketTunnelProvider. startSendLoop. ↩︎

jonah · February 12, 2025, 9:53pm

I also poked them for some details on Discord about this, this morning.

jonah:

Yes, I certainly agree this is a huge improvement over just Mullvad or another provider. It is not a gotcha question, I was just curious about your opinion on the issue. I know that Apple spent significant effort on the authentication aspect of their Private Relay protocol to alleviate this concern for example, so when we were reading about your (seemingly much simpler) solution with WireGuard it gave me and some of our other community members on the Privacy Guides forum pause.

I do worry a lot about people being over-confident in their privacy & security tools, generally speaking. I wonder if there is an opportunity to educate people about this risk. Key rotation would probably help a lot here I’m guessing, and giving people the option to manually rotate (as well as informing them when that might be necessary ahead of time) would as well. Of course it sounds like they already have that option, but may not know when it’s necessary in certain scenarios.

There’s always the risk of Mullvad correlating traffic by inspecting it and inferring some relationship no matter what you do probably, but that is a whole different issue than right now where it would actually be relatively trivial.

I think correlation between before and after you rotate WireGuard keys really shouldn’t be possible right? Or am I overlooking some other potential identifier in your/WireGuard’s protocol?

It’s like you say, Mullvad is very trustworthy, but when the goal is to minimize trust then I think you have to be clear when trust is still required. It is clearly a very different situation if Mullvad can say “this traffic came from this specific Obscura VPN user, but we don’t know their identity” as opposed to “this traffic came from an Obscura VPN user, and we don’t know their identity.”

Still waiting to see if they have any thoughts on my last messages, but it’s good to confirm this specific limitation.

Edit:

basenote · February 12, 2025, 9:57pm

What are the benefits of rotating WG keys?

SkewedZeppelin · February 12, 2025, 10:06pm

Happy to see this. Long overdue.
Hopefully it gains more platform support or others start offering similar.

It still however doesn’t match Apple Private Relay or Tor which both give unique circuits per site.

Niek-de-Wilde · February 12, 2025, 10:10pm

What part of jonah’s post above is unclear? I could give you an explanation. I thought he explained it fairly throughly why rotating the keys are important.

Niek-de-Wilde · February 12, 2025, 10:13pm

I mean, MPR will always be a poor mans tor (which i get is an ironic name as this is a paid for service)

fria · February 12, 2025, 10:13pm

So Mullvad doesn’t know you’re the same person over a long period of time.

basenote · February 12, 2025, 10:23pm

Thank you. I only asked to confirm whether I understood it correctly.

basenote · February 12, 2025, 10:28pm

I only asked still because I wanted to confirm whether or not my understanding was accurate. So a more direct and clearer clarification in simpler words would help. But @fria clarified it.

If you have anything to add, please do!

obscuracarl · February 13, 2025, 3:43am

(Carl from Obscura here)

DNS queries are relayed over Obscura to Mullvad. I believe folks can check DNS+WebRTC using Mullvad’s existing Connection check | Mullvad VPN page. (Mine is all green on Obscura)

obscuracarl · February 13, 2025, 4:16am

One more comment on key rotations / inter-connection correlation: Jonah notes (correct me here if I’m mis-summarizing) that Obscura only decorrelates connections temporally (via key rotation) but not in a fine-grain way (per-connection). By choosing to tunnel vanilla WireGuard packets (over QUIC), we were able to easily integrate with Mullvad’s existing WireGuard infrastructure, but lost the ability to potentially do per-connection key rotation if we had made more customizations to the protocol.

However, I do think we gain a little something from that (staying with WireGuard) though because users can verify that the WireGuard pubkeys they’re encrypting their connection against are the same ones that are on Mullvad’s server website Servers. Otherwise, it would have been much more unclear what goes on behind the scenes and who has the keys and whatnot.

In any case, more good work to be done for sure!

jonah · February 13, 2025, 4:32am

I’m not sure what you mean by “per-connection” in this context since you do rotate keys every time a new VPN connection is established with Mullvad, don’t you?

Unless you mean per connection to each website the user visits, like what @SkewedZeppelin was saying?:

Regardless, I do think agree it is very useful to be able to verify keys against Mullvad’s server listing.

obscuracarl · February 13, 2025, 4:40am

Yeah by “per connection” I meant “per connection to each website the user visits”!

jonah · February 13, 2025, 4:44am

Yeah, it is a trickier problem. Although, I think it’s not the most important thing to most people, as long as they are aware it can theoretically be done tbh

Some UI like Tor Browser’s New Identity feature would essentially cover this use-case. This is sort of what I was getting at with the manual key rotation I had mentioned on Discord.