this post was submitted on 02 Oct 2023
32 points (92.1% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54500 readers
668 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I remember when Mullvad offered port forwards, it assigned you both a port and a key. My guess is that they simply authenticated the key to determine if the port should be routed to whatever tunnel established the connection. So, they would have to map that a dynamically generated key was assoicated to the port (and probably other bits of non-PII like datacenter/region), but nothing beyond that point outside memory. Even account IDs they generated were dynamic. In theory if you were able to guess the ID, you could use the account.
Yeah good point. Even when they offered port forwards, they would only do it with the once off payment accounts. If you set up a payment method against your account ID to be used each month then you couldn't do port forward because the port number shown on the tracker could be linked to your card which could be linked to you.