Comment by forty
3 years ago
I'm curious: if you have a forwarded port on your vpn that anyone can send traffic to, assuming that someone can observe the encrypted traffic going out of the vpn provider, couldn't they send various traffic "shape" to the port and try to find the same pattern in the encrypted traffic to figure out who you are?
Yes, if you can observe incoming and outgoing traffic you can trivially use timing attacks. That being said, If you have that capability, mullvad isn't going to keep you save anyway. As the folks over at PerfectPrivacy succinctly put it: If you have a whole NSA Team after you it's game over anyway.