2025-05-2814:38379187leta.mullvad.net
ActionKeySearch/Move downjMove upkShow help? Terms of service FAQ Feedback
Read the original article
Comments
They run Leta on diskless servers, just like the VPN:
>We run the Leta servers on STBooted RAM only servers, the same as our VPN servers. These servers run the latest Ubuntu LTS, with our own stripped down custom Mullvad VPN kernel which we tune in-house to remove anything unnecessary for the running system. > >The cached search results are stored in an in-memory Redis key / value store.
This is surprising given that they try to cache results for 30 days:
>Each search that has not already been cached is saved in RAM for 30 days. The idea is that the more searches performed, the larger and more substantial the cached results become, therefore aiding with privacy.
That's surprising because presumably they lose all results if they have to reboot the server.
With a VPN service, there's not much they have to store past the lifetime of the VPN session, but if they're storing search results for 30 days, I wonder how they deal with this? Maybe best effort is fine because they don't strictly need to cache the results, as it just provides marginal privacy improvements.
By kikokikokiko 2025-05-2815:432 reply "That's surprising because presumably they lose all results if they have to reboot the server."
Strictly speaking they only lose all results, FOR SURE, if they have to reboot ALL the servers at the same time. If they implemented a system where the cached results are shared and replicated among all their servers, it can in theory be kept cached indefinitely.
By vvillena 2025-05-2817:42 From the FAQ:
> Each time the Leta application is restarted (due to an upgrade, or new version) server side, a new secret hash is generated, meaning that all previous search queries are no longer visible to Leta.
If I read this correctly, the cached data is per-instance, there would be no way to share cached data among instances if each one has its own secret hash and they are cycled on each start.
By treve 2025-05-2816:00 For this kind of application, they would likely distribute the data across nodes, not sync.
yes, they state in the FAQ, any updates to the system clear the cache. Caching is due to query cost.
By bravetraveler 2025-05-2822:58 Cost that's external, too: Brave or Google are behind the results. Things would be terrible without the cache... but that doesn't mean every request needs to be cached. Can't - gotta source it.
Wouldn't want to hang onto things too long, current events run out of currency :)
By ignoramous 2025-05-2815:272 reply > This is surprising ... as it just provides marginal privacy improvements.
Diskless does not mean SSH-less or network-less. The "data" can be pulled / pushed just the same, which is to say, Diskless, in this case, is no better than verifiably read-only partitions (like on ChromeOS & Android, for example).
Sorry, I don't know what you mean. When I said it provides marginal privacy improvements, I meant the caching, not the disklessness.
Diskless does provide privacy improvements, as it drastically reduces the odds of something accidentally persisting to storage.
Diskless (edit: with OS in initramfs) is indeed a golden standard against local persistence, but requires quite a bit of extra RAM - few GB for "latest Ubuntu LTS".
With regards to preventing accidental persistence, disk with only dm-verity partitions is as good, with extra advantage of only adding a little bit of extra RAM usage (/tmp, /var/run, ...)
For that matter, even something as sloppy as booting with rootfs wich can't be remounted rw (iso9660, squashfs, etc..) and is the only mounted fs, is also perfectly good against accidental persistence.
You could run from NFS and not need much extra ram. Plus you save like $25/node by not having a local disk.
By ChocolateGod 2025-05-297:401 reply You could go the extreme and boot off Google Drive (or any other fuse FS).
By kees99 2025-05-2816:14 Yes, rootfs-on-NFS also qualifies as "diskless", I stand corrected.
If they are running in a VM they could live migrate the VM to a different machine if they need to reboot. That or a cluster of Redis caches.
By HumanOstrich 2025-05-3120:39 So running a diskless host OS for a hypervisor and then diskless VMs on top of that? Sounds like a nightmare before even considering live migrations on top. Also what if they need to reboot the VM itself?
The cache is per-instance. A cluster of Redis caches would also limit the whole cache to the RAM size of one machine, so that is a non-starter.
Previous discussions from the initial launch, 2 years ago:
By dang 2025-05-2817:07 Thanks! Macroexpanded:
Mullvad Leta: A search engine used in the Mullvad Browser - https://news.ycombinator.com/item?id=36402162 - June 2023 (142 comments)
Mullvad Leta (Search Engine) - https://news.ycombinator.com/item?id=35964397 - May 2023 (32 comments)
By PrivacyDingus 2025-05-2816:04 2023, hug of death coming in 2025
Mullvad swinging for the fences suddenly. They have a billboard in South San Francisco, too. Did they get a cash infusion? Why all of the sudden are they expanding? Honestly, I'd have changed the name by now...
> Did they get a cash infusion? Why all of the sudden are they expanding?
No cash infusion. We've been growing for years, just like many other VPN services. We're still quite a bit smaller than e.g. Nord and Express though.
As for our choice of advertising, we don't run an affiliate program, nor do we want to track our customers through online ads, so we're trying this instead. It's cheaper than you might think.
// Fredrik (cofounder of Mullvad)
Sorry for hijacking the thread, but I'm too curious not to ask: is having censorship circumvention out of the box a non-goal for Mullvad?
Because there are VPNs with good censorship circumvention tech, and there are VPNs with good privacy guarantees, but I know none which can provide both. What Mullvad offers now is either a decade old stuff which is blocked even by subpar DPI solutions, or a set of (more modern) protocol bridges which are painful to setup and sometimes IP-banned.
Mullvad's mission is to make mass surveillance AND online censorship ineffective. So yes, we do intend to offer excellent censorship circumvention out of the box.
Having said that we have clearly prioritized privacy for a long time. For what it's worth we have several censorship improvements on the roadmap. Stay tuned.
I already see shadowsocks which is nice. I'm still forced to use V2ray and xray-core in some rejoins though so I route traffic from my device -> xray -> my server -> wireguard mullvad. Works for now I suppose. Also been experimenting with routing small amounts of traffic through the syncthing relay network since they have relays running locally which may be in less restrictive provinces
By kfreds 2025-05-3019:34 Interesting. Try reaching out to Mullvad's support as well if you haven't done so already. If I'm not mistaken they conduct censorship circumvention experiments from time to time together with customers. I'm sure they'd also be interested to hear about any long-term resilient low-bandwidth channels you've found, such as the syncthing relay network. Those are very useful for bootstrapping and configuration updates.
By reisse 2025-05-3018:53 Thank you!
By jxjnskkzxxhx 2025-05-2923:531 reply Hey. Silly thought. I used to have the idea that Mullvad is the only VPN I trust because the founders seemed ideologically motivated (I guess from some interview I read, don't remember for sure). But advertising seems to undermine that view. Maybe I was just naive.
By kfreds 2025-05-301:39 Hi! I used to think that the product should speak for itself, only grow by word of mouth, and that it was wrong to do any advertising. Part of me still thinks that.
On the other hand we ran a very political advertising campaign one-two years ago when we protested a new EU law proposal. We plastered Stockholm's airport in billboards targeting EU politicians and journalists. We published a book and sent copies to several hundred politicians. It was quite a success. Incidentally our office was raided by the Swedish police a month later - the first time in 14 years.
I really appreciate your feedback. Are you able to pinpoint more exactly why you feel that our advertising undermines trust in our brand? Is it simply the fact that we're advertising at all?
Our marketing team works hard to ensure that our advertising doesn't make security guarantees we can't keep, or sell the product through fear-mongering. I feel that we've found a set of advertising messages that work, but clearly it still causes some unease and skepticism.
Perhaps it's simply a worry that we'll change because Mullvad is growing up and is no longer an obscure underdog?
By prophesi 2025-05-2815:20 They prefer outdoor ads over targeted online advertising
https://mullvad.net/en/blog/advertising-that-targets-everyon...
I really hope they don't change the name, I like the name "Mullvad" (Mole in Swedish) and "Leta" (Search in Swedish) and everything doesn't need to be Anglo centric in the appeal :)
Although the society is almost zero privacy, it have historically had some funny IT figures for privacy and digital issues so people searching up for the background of the name might stumble upon it.
[1] https://youtu.be/rHVVpNRwLk0?feature=shared
[2]https://en.m.wikipedia.org/wiki/Bahnhof
[3] Peter Löthberg https://www.reddit.com/r/todayilearned/comments/1d8056g/comm...
By SahAssar 2025-05-2910:39 I'm guessing they won't change the name. It's a similar branding strategy as ikea, with "funny" nordic (specifically swedish, but other brands have done it with norweigan and danish too) names that for some people makes it sound quaint and quality.
Curious why the name change suggestion. Honestly, I immediately thought of the Seinfeld episode where Jerry forgets the woman’s name.
> Mullva?
By fernandotakai 2025-05-2815:402 reply kind of of topic, but i had to google to find out which female part rhymed with dolores, because it made no sense to me (as an ESL).
(for people wondering, it's clitoris).
By philsnow 2025-05-2821:22 In (American, at least) English, there's a very common pattern of vowel reduction on unstressed syllables, resulting in "schwa-ification" [0][1] where all such vowels become indistinguishable from each other.
In this case, we say "duh lorr uhss" instead of "do lor ez". The second one doesn't sound like clitoris at all, but the first one.. okay it doesn't sound similar to me either, but it's closer at least.
[0] https://en.wikipedia.org/wiki/English_phonology#Unstressed_s...
[1] "schwa" is the name of the mid, central, unrounded vowel, IPA [ə]
By trealira 2025-05-2821:30 I have to say that, the vast majority of the time, the way I've heard and said the word "clitoris" doesn't rhyme at all with "Dolores," so I wouldn't have been able to guess it either.
By oscarmoxon 2025-05-2815:064 reply They're also littering the London tube system with ads - there's definitely been a lottery win or a series A.
They were one of the earliest to adopt bitcoin and monero payments--if they didn't convert all those payments immediately to cash, they're probably sitting pretty right now.
They also have a partnership with Tailscale that can't be undersold.
I'm not sure how much it adds to their bottom line for each sale, but my corp was using the Mullvad VPN addition to tailscale to do global testing by our developers.
IE; "is something blocked, do we detect GEOIP properly" etc;
By haiku2077 2025-05-2819:47 The Tailscale integration is super handy while traveling. One app to access my home server and my home region.
By george_perez 2025-05-2816:18 And Mozilla VPN as well.
By kfreds 2025-05-297:15 > there's definitely been a lottery win or a series A
We have neither won the lottery nor taken on outside investment. We've been growing for years, and we've reached a point where we can afford campaigns like this. It is an interesting experiment by our marketing team. Still, I think people on HN overestimate the cost of campaigns like this.
By noir_lord 2025-05-2817:21 Now’s a good time since the online safety bill kicks in towards end of July.
UK use of VPN’a outside the office/work environment is gonna skyrocket.
By unfitted2545 2025-05-2815:21 And whole buses!
By JCattheATM 2025-05-2819:271 reply My concern is that when they can advertise to the extent they do, to what extent can they really be trusted? Anything that popular is going to be a target by law enforcement, and we really have no way of verifying any of their claims.
By sillyfluke 2025-05-2822:37 Yeah, this advertising to the masses push makes me queasy. It has the reverse effect on me than was intended. Weird brand self-harm for a privacy/data hygiene oriented company.
By Barbing 2025-05-2815:09 Yes, it’s gotta be something catchy. Like “Rakuten”!
I noticed their billboards and bus ads in New York City a year ago, so it’s not entirely new that they are marketing like this.
By al_borland 2025-05-2822:24 Same, but on the train at the DC airport. I liked that they align their actions with their mission. Physical ads like this are perfect way to advertise a privacy tool, as their ads respect user privacy.
I had to switch to iVPN last year (similar ethos), because Mullvad became pretty much unusable due to blacklisting and laggy DNS servers.
I'm assuming it has something to do with the push in recent years to expand their userbase, but they don't seem to be able to keep a clean enough pool of IPs like the big popular ones to cope. I know all VPNs struggle with this but it was getting ridiculous, where every single server in a country would receive infinite re-captcha.
iVPN is a great choice in terms of security, they also use STboot, but I think you're just flying under the radar with their IPs because they struggle with the same problems as Mullvad.
By tomxor 2025-05-2818:07 Yes, it only works better because the obscurity to IP ratio is good. It could easily be as bad as mullvad if they became more popular. But as I understand it the really popular VPNs address this with huge pools of servers and IP cycling?
One other issue I had with Mullvad that put the nail in the coffin for me was randomly laggy DNS resolvers, they would get fixed just by the time I start investigating it, but it kept happening... I say this as a mostly happy user for probably 7 years, but then found myself having to turn it off more than on to be able to access most sites.
Not quite my experience.
> where every single server in a country would receive infinite re-captcha.
What does that even mean? Have you also disabled cookies?
Typically it's a Cloudflare captcha if you're doing that, not a re-captcha. And afaik pretty much everyone gets this treatment with zero history. Welcome to the modern web.
They’re referring to the situation when a service has blacklisted you, but will pretend they haven’t and give you captcha after captcha to keep you busy.
By tomxor 2025-05-2912:34 Yup, I found a shortcut to determining this is to use the audio option, which will instantly admit you are blocked due to "suspicious network activity" rather than make you solve stuff - i guess because of accessibility?
By encom 2025-05-2817:12 >Welcome to the modern web.
Cloudflare recently started holding stackoverflow hostage as well. "Weird" OS + "weird" browser + cookie autodelete = www is hell, even on clearnet. I hate cloudflare so much it's unreal, including everyone who works for them, for enabling this nonsense.
By RemainsOfTheDay 2025-05-2817:16 I've been seeing Mullvad billboards for years, including in Paris.
By holysoles 2025-05-2815:08 based on their company about page, looks like Leta has existed since 2023
