We contracted Cure53 with performing a security audit towards our VPN infrastructure between 3rd June 2024 and 14th June 2024, this is our fourth audit in total, second with Cure53.
Just something to keep in mind for those not in the security space. When a security company does an audit, its generally a checklist of commercial and custom security software along with a couple people poking around looking for more manual harder to find stuff. But there’s a reason companies like Mullvad have a bug bounty program… Just because cure53 didn’t find it, it doesn’t mean some bored hacker won’t…
Meanwhile Windscribe…
Mullvad is the best VPN
Big oof. But if you have a lifetime subscription you can still use them. Just generate/download the configs and don’t use their client.
Yep and hope their servers dont have equally bad code.
So is he shitting on winscribe specifically or all commercial VPNs? Idk how to read into this. Is he saying Mullvad sucks too?
He says Windscribe sucks. Mullvad obviously not as they are regularly audited
Just something to keep in mind for those not in the security space. When a security company does an audit, its generally a checklist of commercial and custom security software along with a couple people poking around looking for more manual harder to find stuff. But there’s a reason companies like Mullvad have a bug bounty program… Just because cure53 didn’t find it, it doesn’t mean some bored hacker won’t…
Absolutely better than nothing though.
Thanks for the info
He claims all private VPN providers are similar bad but there is no proof, only some snippets from Windscribe which say nothing about other clients.
It’s like saying one person is lying, so must all others.
Maybe good points about Windscribe but bad generalization in terms oft arguments.