AICRIER_2
OPEN FEED
YOU ARE VIEWING ONE ITEM FROM THE AICRIER FEED

Mullvad exit IPs enable user fingerprinting

AICrier tracks AI developer news across Product Hunt, GitHub, Hacker News, YouTube, X, arXiv, and more. This page keeps the article you opened front and center while giving you a path into the live feed.

EXPLORE LATEST FEEDSEE FEATURED PICKS

// WHAT AICRIER DOES

7+

TRACKED FEEDS

24/7

SCRAPED FEED

Short summaries, external links, screenshots, relevance scoring, tags, and featured picks for AI builders.

Mullvad exit IPs enable user fingerprinting
OPEN LINK ↗
// 1h agoSECURITY INCIDENT

Mullvad exit IPs enable user fingerprinting

ANNOUNCEMENTPRODUCT

Mullvad VPN's deterministic IP assignment, based on WireGuard public keys, allows observers to correlate user identities across different server locations with over 99% accuracy.

// ANALYSIS

Mullvad's predictable IP allocation exposes a massive privacy loophole, proving that even "secure" VPNs can be undermined by subtle implementation flaws in their random number generation.

  • Users are assigned IPs at a consistent percentile within any server's pool, creating a global fingerprint
  • The flaw stems from using the WireGuard public key as a static seed for Rust-based PRNGs
  • Observers can track users as they switch servers, defeating the purpose of multi-hop or server-hopping for anonymity
  • Demonstrates the risks of deterministic logic in privacy-focused infrastructure
  • Manual key rotation is the only current mitigation, as the app lacks automated cycling
// TAGS
mullvadvpnfingerprintingprivacysecuritywireguardrustinfrastructure

DISCOVERED

1h ago

2026-05-15

PUBLISHED

3h ago

2026-05-15

RELEVANCE

8/ 10

AUTHOR

RGBCube