Comment by yjftsjthsd-h 2 days ago
> I have approached Mullvad many times with abusive user reports which they seem to simply ignore.
What would you like them to do? Considering that AIUI they outright don't log or monitor users at all, I can't think of anything they could do with your reports.
> It would have been trivial for Mullvad to add a filter to check for future packets from that VPN ip to my server IP and flag the associated account.
In other words, to break the fundamental premise of their product and identify traffic to a user.
> I think there would be a better way using AI to analyze abuse patterns, and automatically flag bad users which match these patterns.
Not without, again, creating an entire system which exists only to record traffic and tie it back to users.
Basically, both of your suggestions amount to "stop providing the product that is their entire business model", because the whole point is that they go out of their way to avoid having the information that you want them to use.
Lets face it man , they can't do anything.
they can't have AI detection or any other thing to help you. Simply put they can't help you. If they have to , then they aren't that private.
And they are in the business of privacy.
I wonder why threat actors are abusing your website ? I think you have also used cloudflare anti DDOS ? so the problem isn't DDOS , then what exactly is the problem ? are they signing up and abusing your free service or something like that ?
Yes that is the crux of the issue. However many times when I reported bad actors to Mullvad the attacks were multi day attacks that were ongoing. It would have been trivial for Mullvad to add a filter to check for future packets from that VPN ip to my server IP and flag the associated account. However I believe even this approach is far to manual and invasive. I think there would be a better way using AI to analyze abuse patterns, and automatically flag bad users which match these patterns.
The issue is that VPN providers have zero motivation to do this, because a non-zero percentage of their user base is literally paying them BECAUSE they can use the service to attack other servers with a level of anonymity. If the VPN providers were to combat this issue it would negatively impact their revenue.