I guess it would show up in git. But yea this sounds like the new "typing my password in the tema chat".

Grep -Irn "green toggle thingy" ./*

I think they're cute!

Eh don't bother. You weren't as anonymous as you thought using port forwarding if you're doing anything bad enough to warrant NSA attention. Most users probably are not. Mullvad is just being honest about their limitations here.

Well, your VPN knows your address so this advice is pointless. Unless you only access your VPN through a totally anonymous ISP at a totally random location on the planet each time, probably impossible due to KYC laws, you are certainly not anonymous.

Ok, well they have access to supercomputers that can probably crack a target password 99% of the time. Unless you use a like 100-character password for everything you are probably not totally safe. And using it correctly is incredibly difficult, if not impossible in practice. They have found zero day exploits for Tails OS and deanonymized (very, very bad) criminals doing pretty much everything they could to stay anonymous, at least 5 years ago that we know of. So while your claim might apply to somebody pirating the latest HBO series, I can guarantee you the NSA knows everything about you and what you're doing. They just don't care, yet.

They're pretty exposed already, and in my opinion their targets probably can't do much to protect themselves unless they are part of a foreign government, like the Kremlin. But yea they haven't gone after piracy yet.

That makes it sound as if using a foreign VPN can keep you totally anonymous. It can't. The NSA has authority to also operate in other countries. They can and surely do MITM any traffic going from the U.S. to another country. They can and probably do social engineer or zero day compromise a Mullvad VPN engineer's credentials. Again, there is precedent for this. Not so much for piracy, but for sure for the very bad guys. They can keep your data forever and use it if they decide piracy is being very bad.

You are right that there is no precedent for the NSA going after piracy - and I'm definitely not even talking about piracy specifically here. But I do think everyone should know they are not as anonymous as they think they are any time they use the internet.

The NSA has unlimited legal power in this context. They can legally go to any US VPN, copy all traffic onto their massive servers, and use it as they want. They probably already do this, although that claim is unverifiable. That traffic contains your IP address and the websites you've viewed, clear data of torrents you've downloaded, etc. Mullvad, being outside its jurisdiction, is possibly safer, but presumably since they operate servers in the United States at least those could be sniffed. There is precedent for all of this.

While it's unlikely for you to specifically be targeted, my point is that you can never be truly anonymous on the internet.