Sweden-based Mullvad VPN announced on Wednesday that it has completely moved to a diskless VPN infrastructure, a process it began in January 2022. Mullvad’s VPN service now runs entirely on RAM-only servers, meaning no data can be retrieved from the computers running the servers.
The popular virtual private network provider is known for its no-log policy. As of July 2023, Mullvad had over 550,000 unique accounts. Its migration to a RAM-only VPN infrastructure demonstrates Mullvad’s long-standing commitment to transparency and user privacy.
“We are continuously striving to strengthen the trustworthiness of all aspects of our service. This is why our VPN apps have been open source since we started over 12 years ago,” Mullvad VPN stated in 2022.
“Achieving transparency on the server side is a very different challenge, as merely open sourcing our server software is not enough. We want our users to be able to verify and audit what is currently running on the VPN server they are connected to. This is our end goal with System Transparency.”
What Does Mullvad VPN RAM-Only Migration Mean?
In a blog post, Mullvad said its VPN servers now run on its System Transparency bootloader. The company explained how the process works when announcing its first two diskless servers in 2022.
“Our VPN servers launch the System Transparency bootloader (stboot) which downloads the OS package from a provisioning server and verifies that it originates from relevant Mullvad VPN staff by checking its signatures. If the OS package is valid, the OS is booted. The server then waits for an authorised member of staff to provision and deploy it for customer use,” the VPN provider said.
According to Mullvad, its servers would run similarly to most Wireguard servers. The crucial difference is that it won’t use any disks, and data would only be kept on RAM.
New Infrastructure has Security and Operational Benefits, Says Mullvad
Mullvad explained that there are several benefits to this type of infrastructure. Apart from its computers having no data, there are several functional benefits to Mullvad. Moving away from disks means reducing the number of breakable parts in its infrastructure. Furthermore, setting up and upgrading software on servers is now much easier and quicker.
Mullvad said it does expect users to witness a drop in performance, and there will be no logs maintained in the booted operating system.
“All of our VPN servers continue to use our custom and extensively slimmed down Linux kernel, where we follow the mainline branch of kernel development. This has allowed us to pull in the latest version so that we can stay up to date with new features and performance improvements, as well as tune and completely remove unnecessary bloat in the kernel,” Mullvad stated on Wednesday.
“The result is that the operating system that we boot, prior to being deployed weighs in at just over 200MB. When servers are rebooted or provisioned for the first time, we can be safe in the knowledge that we get a freshly built kernel, no traces of any log files, and a fully patched OS,” it added.
If you’re interested in trying out Mullvad’s VPN service, check out our detailed Mullvad VPN review, where we take a deep dive into its features and performance.
