Closed AutonomousCat closed 1 year ago
It's almost what I need, but in the event WireGuard cuts out, it might be my biggest risk.
A potential solution would be to always use the proxy as a "killswitch": as the proxy only works inside of a tunneled connection, when the tunnel is stopped, the whole browser will not be able to access internet.
Integrate a full VPN within Mullvad Browser, and while doing so add a kill-switch (and other features found in the app).
This is unlikely to happen for the same reason that we don't have a "VPN Proxy extension":
A VPN extension makes it possible to use the VPN only for the browser. It's very easy to click a link that will make your traffic go outside of the VPN tunnel. This is why we don't propose this: it's much safer to encrypt all your device traffic, to make sure there's no unintentional leak.
We are thinking about other ways to better interface with the VPN, but this is currently not a priority.
It's a bit of a rabbit hole how I got here.
My primary OS is Windows 10, which doesn't support the Mullvad VPN executable and Tailscale at the same time.
This had me download WireGuard to use Mullvad that way (since I think the non-toggle kill-switch on the native application prevents Tailscale from working fully). However, the solution with only WireGuard wasn't perfect. I noticed even with the DNS setting within the WireGuard interface, the DNS leak test still somehow failed. I wasn't able to add
100.64.0.7
to my WIFI card adapter configuration without it breaking the connection to my router.I started looking into browser based DNS options (since it's the web I'm concerned about and not executables), and stumbled upon Mullvad Browser. It's almost what I need, but in the event WireGuard cuts out, it might be my biggest risk.
My suggestion
Integrate a full VPN within Mullvad Browser, and while doing so add a kill-switch (and other features found in the app).
I admit, it is a little confusing why it doesn't have this native integration already, unless it's due to it being new.
It stores your account key already for Leta, so how about using that for much more?