From eb0bab76e241939cf2b17f8cfba6a90dda085d4d Mon Sep 17 00:00:00 2001
From: Rohan Kumar <seirdy@seirdy.one>
Date: Sun, 26 Jun 2022 22:10:34 -0700
Subject: [PATCH] New note: Mullvad audit

---
 content/notes/mullvad-audit.md | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 content/notes/mullvad-audit.md

diff --git a/content/notes/mullvad-audit.md b/content/notes/mullvad-audit.md
new file mode 100644
index 0000000..57529e0
--- /dev/null
+++ b/content/notes/mullvad-audit.md
@@ -0,0 +1,9 @@
+---
+title: "Mullvad audit"
+date: 2022-06-26T22:10:33-07:00
+---
+[Mullvad's recent audit by Assured AB](https://www.assured.se/publications/Assured_Mullvad_relay_server_audit_report_2022.pdf) was a bit concerning to me. Fail2ban and user-writable scripts running as root is not the sort of thing I'd expect in a service whose *only job* is to provide a secure relay.
+
+Avoiding and guarding root should be Sysadmin 101 material.
+
+I recommend any amateur Linux admins read audit reports like this. While some low-priority recommendations are a but cargo-cultish, most advice is pretty solid. Frankly, much of this is the sort of thing a good admin should catch well *before* a proper audit.