If there’s any area of your life that you might be willing to introduce more AI into, it’s likely something as mundane as grocery shopping. That’s what Uber is betting on with its new AI-powered feature in the Uber Eats app.
Cart Assistant lets you "build grocery baskets faster and with less effort" by using AI to automatically fill your basket with items included on your shopping list. To use it, you search for a supported grocery store on the home screen of the app and tap the new Cart Assistant icon that appears at the top of the screen.
From there, you can either manually type out a shopping list or upload a photo of a handwritten one, and Cart Assistant will fetch your requested items and add them to your basket. A screenshot of ingredients needed for a recipe will also suffice.
Uber says its AI assistant will factor in availability before selecting an item and will also display prices and any available promotions. If you don’t want something it recommends, you can delete or swap it for something else. Anything you forgot to add in the original list can be added later, and if you’ve purchased something in the past, these familiar items will be prioritized so you’re less likely to need to make changes. Uber advises users that the new shopping feature is in beta right now, so might not perform perfectly.
Cart Assistant is the latest development in the gradual AI-ification of Uber Eats. Last summer, Uber added a suite of new features to the app, including AI-enhanced food images, AI menu descriptions and AI summaries or restaurant reviews.
This article originally appeared on Engadget at https://www.engadget.com/ai/uber-eats-new-cart-assistant-feature-is-an-ai-hack-for-your-grocery-shopping-145733478.html?src=rss
Mullvad, a virtual private network (VPN) named after the Swedish word for "mole," is often recognized as one of the best VPNs for privacy. I put it on my best VPN list for exactly that reason. I've got huge respect for the extra lengths Mullvad goes to in order to ensure its user's privacy.
To give you a preview, Mullvad is one of the few VPNs — other than my normal privacy recommendation, Proton VPN — that lets users pay entirely in cash. But even Proton VPN asks for an email address to make an account and uses a few marketing cookies on its own website. Mullvad represents every account as a randomly generated 16-digit code and uses no marketing cookies whatsoever.
That's just one example of how Mullvad goes beyond the call of duty to keep users private. But while privacy is the most important aspect of a VPN alongside security, it's not the only thing that matters. For this review, I set out to investigate whether Mullvad pairs its rights-protecting bonafides with versatile, convenient and enjoyable VPN apps. Using our rigorous VPN testing procedure, I'll rate Mullvad in 11 areas. You can find a summary of my results in the table below, skip to the sections that matter most to you or just read my final advice in the conclusion.
Editor's note (2/11/26): We've overhauled our VPN coverage to provide more detailed, actionable buying advice. Going forward, we'll continue to update both our best VPN list and individual reviews (like this one) as circumstances change. Most recently, we added official scores to all of our VPN reviews.Check out how we test VPNs to learn more about the new standards we're using.
Findings at a glance
Category
Notes
Installation and UI
All apps share roughly the same user interface
Apps are responsive and easy to navigate, with no design choices that would threaten beginners
Lack of "fastest server" button is an issue
Browser extension is only available on Firefox and still in beta
Speed
Reasonably good average latency
Reduces download speeds by 26 percent and upload speeds by 17 percent
Speed declines are consistent and chartable
All speed metrics are quite good on nearby servers
Security
Only uses WireGuard protocol
No IP address leaks, even when switching servers
Packet test showed successful encryption
Pricing
Always costs 5 Euro per month, though prices outside Europe depend on exchange rates
No auto-renewal — membership lasts until money runs out
Can pay using cash or by purchasing scratch-off vouchers on Amazon
14 day money-back guarantee, except on cash payments
Bundles
Only app besides the VPN is the free Mullvad Browser, which removes the tracking habits of typical web browsers
Allows several smaller VPNs to use its servers in their networks
Privacypolicy
No vague lines or loopholes in privacy policy
Only saves account numbers and expiration dates for each user
Uses an extremely limited range of cookies with no marketing trackers
Has undergone a total of 17 audits of different aspects of its service
Swedish police demanded customer information in 2023; Mullvad couldn't comply because the data wasn't logged
Virtual location change
Unblocked Netflix 13 out of 15 times
When it failed, virtual location was still changed
Server network
90 locations in 50 countries, majority in North America and Europe
No virtual servers whatsoever
Features
DAITA conceals traffic patterns that might let an AI identify what sites you visit
Uses quantum-resistant encryption on WireGuard
Can choose your own multihop entry and exit points
Several options for getting around nation-level firewalls
Can block ads, trackers, malware and other unwanted content using predetermined DNS block lists
Supports IPv6 traffic
Kill switch and stronger lockdown mode
Split tunneling by app
Customer support
Help center includes useful filters to find the topic
Well-written articles with good internal linking
No live chat support, but staff answers emails quickly
Can view app logs at any time
Background check
Founded in 2009 in Sweden; still owned and operated by initial founders
User account numbers were exposed in a 2023 incident, but Mullvad quickly closed the leak
Installing, configuring and using Mullvad
Let's start by examining how Mullvad feels as a piece of software. In this section, I'll be testing its desktop apps for Windows and Mac, its mobile apps for Android and iOS and its browser extension for Firefox. To start with the installation process, Mullvad downloads and installs in a snap on mobile. On desktop, installation requires a few more steps than is typical, but the app guides you quickly through everything.
Across the board, my only serious complaint is that there's no option for automatically choosing the fastest server. You can usually assume that the nearest one to you will be the fastest, but there's always the chance of an unusual server overload. It's a bizarre oversight for an app that otherwise goes out of its way to be usable.
Windows
Mullvad's Windows app has a slim UI that uses space efficiently without being too cramped. It doesn't give you a lot of information, such as live speed tests or data in transit, but I've mostly found that to be needless filler on VPN apps.
Mullvad on Windows.
Sam Chapman for Engadget
Speaking of needless filler, the map may be a little bigger than it needs to be, but maps on VPN clients aren't just about teaching you geography — they do a lot to make the apps more welcoming to casual users who might not otherwise fire up security software. In fact, Mullvad's UI is admirably beginner-friendly, befitting its focus on privacy for everybody rather than just the tech-savvy.
All the settings are accessed by clicking the gear in the top-right. Here, you can turn on DAITA (Mullvad's defense against AI traffic scanning), activate multihop and control Mullvad's other features. There are also some quality-of-life features for the UI itself, such as whether it remains pinned to the taskbar or operates as a standalone window. Some options, especially under the VPN settings tab, are a bit technical, but don't need to be touched for a good experience.
Mac
Mullvad's macOS app is quite similar to its Windows app, both in terms of the interface and the features offered. The big difference used to be that macOS lacked split tunneling, but that's been added in a recent update. The only serious distinction now is that the Mac client can't be unpinned from the taskbar, which is just a little bothersome.
Mullvad on Mac.
Sam Chapman for Engadget
Other than that, you'll find every setting you need under the gear, just like on Windows. Similarly, connections to VPN servers happen quickly, and selecting locations from the menu is very straightforward. While connected on either app, you can click the circular arrow by your location to swap to another server in the same location — highly convenient if you're trying to unblock Netflix.
Android
Mullvad's Android app has the same nearly-perfect design approach as all its other apps. The main page has nothing on it but the connect/disconnect button, the choice of server locations, a map and the buttons for your account information and preferences. Those preferences are a manageable set of options that are almost all managed with simple on-off switches. It's all highly responsive and annoyance-free.
Mullvad on Android.
Sam Chapman for Engadget
iOS
Mullvad's iOS app looks very similar to its apps on every other platform. The front page is kept simple, with large controls in the foreground and a map taking up most of the space. Everything else is located in the menu accessed through the gear icon at top right. Neither mobile app has the options for toggling the UI itself that the desktop apps have, but it's mostly free of quality-of-life problems to start with.
Mullvad on iPhone.
Sam Chapman for Engadget
Browser extensions
Mullvad's browser extension is only compatible with Firefox. You can't actually connect to the VPN through this extension. Its main functions are to tell you whether you're connected to a Mullvad server and to connect to a SOCKS5 proxy in a Mullvad location. If you do this while connected to Mullvad through the desktop app, you'll get a second layer of protection, similar to the multi-hop feature.
The Firefox extension is a rare misfire for Mullvad — perhaps fair, since it's still in beta. Its only real feature is something that the desktop app already does perfectly well, and it looks like a software malfunction to boot. However, given Mullvad's track record, I'm confident they'll figure out what to do with it in time.
Mullvad speed test
A VPN almost always slows browsing speeds and increases latencies. It's unavoidable, given the extra steps a VPN protocol adds to the process of getting online. The trick is to find VPNs that keep the slowdown to a minimum, using a combination of regular maintenance, good planning and smart load balancing.
For this test, I used speedtest.net to check how six of Mullvad's server locations influenced three key speed metrics. Ping measures latency, the time in milliseconds (ms) that one data packet needs to travel between a client device and an ISP. Download speed measures the amount of data in Megabits that a web browser can download in one second. Upload speed tracks how much data can be uploaded in a second. We're looking for low latencies and high download and upload speeds.
Server location
Ping (ms)
Increase factor
Download speed (Mbps)
Percentage drop
Upload speed (Mbps)
Percentage drop
Portland, USA (unprotected)
15
—
58.96
—
5.85
—
Seattle, USA (fastest location)
23
1.5x
55.07
6.6
5.51
5.8
Montreal, Canada
165
11.0x
44.28
24.9
4.62
21.0
Fortaleza, Brazil
307
20.5x
40.96
30.5
4.65
20.5
Prague, Czechia
368
24.5x
43.17
26.8
5.47
6.5
Lagos, Nigeria
528
35.2x
37.41
36.6
4.61
21.2
Bangkok, Thailand
473
31.5x
39.76
32.6
4.13
29.4
Average
311
20.7x
43.44
26.3
4.83
17.4
I'll start with the bad news: the tests didn't exactly make Mullvad look like a speed demon. Its speeds have gone up and down in the years I've been using it, and right now they appear to be on the downswing. If you use locations all around Mullvad's server network, you can expect your download speeds to decrease by about 26 percent and your upload speeds to decline by 17 percent.
However, it's important to put those numbers in perspective. First, Mullvad's numbers aren't markedly worse than the ones I got when testing CyberGhost. Its speeds are average, but by definition, most things are average. Its average worldwide latency is actually better than Surfshark, the current champion of download and upload speeds.
Speed-testing a Mullvad server in Los Angeles.
Sam Chapman for Engadget
It's also nice that Mullvad's speed drops follow a predictable curve. Lots of VPNs have unexpectedly sharp declines in certain locations, frequently in Africa. By contrast, Mullvad's speed decreases pretty much as a direct function of how far from the server you are. This not only makes speed drops easier to plan around, but also means you can expect very good speeds on nearby servers.
This property of being fastest on servers near the user is another sign of Mullvad's focus on its core privacy mission. If anonymity is your main reason for using a VPN, it doesn't matter what your IP address is, so long as it's not your real one. Using a nearby Mullvad server should guarantee you an internet connection that's both fast and private.
Mullvad security test
To be secure, a VPN has to check two critical boxes. It must provide you with a secondary IP address without leaking your real one, and it must encrypt your communications with its servers so your activity can't be traced. In the sections below, I'll see whether Mullvad meets those requirements.
VPN protocols
VPNs use protocols to mediate between end devices, ISPs and their own servers. The first step is to ensure that the service you're considering uses protocols that have expert confidence. Mullvad has kindly made this step easy for me by using only WireGuard on all its apps, with no OpenVPN, IKEv2 or in-house unique protocols.
There's no question that WireGuard is a solid protocol. It uses the ChaCha20 stream cipher for symmetric encryption and Poly1305 for authentication, both uncrackable with current technology. Mullvad has even added its own fix for WireGuard's one flaw, its need to save static IP addresses — the Mullvad implementation is set up to delete the IP address if it goes 10 minutes without being used.
Even so, it's unfortunate to lose the ability to change protocols, which is one of the most common steps for troubleshooting a VPN connection. I understand Mullvad's reasoning for cutting out OpenVPN (it claims the cryptography isn't strong enough) but don't agree. It's one of this provider's few unforced errors.
Leak test
There's a straightforward test to determine if your VPN is leaking. Load up any website that shows your IP address — I personally use ipleak.net — and see what IP and location it reveals without your VPN active. Then activate the VPN and refresh the page. If you see your real IP address anywhere, your VPN is leaking.
Testing Mullvad for IP leaks.
Sam Chapman for Engadget
I ran that test on five Mullvad servers. Each time, the website showed me the IP address of the VPN server, concealing my real one. To keep things simple, I ran the initial tests with IPv6 blocked via the Mullvad client. When I turned it on and tried again, the IPv6 traffic didn't leak any more than the IPv4 did. I also saw no signs of WebRTC leaks. Unless you set up a custom DNS server, Mullvad also uses its own DNS, which remains entirely within the VPN tunnel.
I had one more leak test to try. Frequently, VPNs are leak-proof when maintaining a connection to one server but drop encryption when switching between servers. That problem is why I ultimately couldn't recommend Norton VPN. Luckily for me, Mullvad has a button that lets you shuffle to another server in the same location, so I used that to see if it stayed leak-proof.
Mullvad doesn't leak your IP even while changing servers.
Sam Chapman for Engadget
As you can see in the screenshot, Mullvad jumped seamlessly from one server to another without showing my real location in-between. On a practical level, that's enough for me to declare Mullvad leak-proof.
Encryption test
For one final experiment, I used the WireShark packet sniffer to see whether the data Mullvad sent from my computer to my ISP was encrypted. After capturing a few packets, I was gratified to see that they were totally unreadable to interlopers. Most established VPNs pass this test, but it's still important for due diligence.
How much does Mullvad cost?
Mullvad's pricing structure is one of the most unusual things about it. This is normally the section where I untangle 47 different Pro+ and Business- accounts that are all sold at three different durations. Mullvad couldn't be further from that. It costs 5 Euro a month — that’s it. Each 5-Euro subscription can be used on five devices at once.
It manages payments through a system inspired by parking meters. When you sign up for Mullvad, you'll buy as much time as you want. That time will count down until it expires, unless you top it up with more 5-Euro payments. If you run out of money, Mullvad won't charge you a new subscription fee because you didn't tell it not to. It'll just stop working until you pay again. Every payment also comes with a 14-day money-back guarantee, except for payments made in cash.
The Mullvad account dashboard.
Sam Chapman for Engadget
The only real complexity in the process is that Mullvad always figures out its prices in Euro, so outside the EU, the cost per month is affected by exchange rates. If you happen to live in a country where the government's economic policy shuttles between capricious and arbitrary, you might want to grab a few months in advance.
The other most interesting thing about Mullvad's pricing is the options you can use to pay. For maximum privacy, you can pay with cash using the payment token you'll find on your account page. Note that this is not the same as your account number. To find it, log into your dashboard on Mullvad.net, click Add time to your account in the left-hand bar, then click the button labeled Cash and scroll down. Make your cash payment by writing the token on an envelope and mailing it to Sweden (full instructions here).
Unredacted, in case any hackers out there want to buy me some more time.
Sam Chapman for Engadget
You can also get untraceable Mullvad vouchers by paying cash at participating retail locations. Most of them are in Europe, but you can order them from Amazon. While your payment to Amazon won't be private, the voucher can't be linked directly to your VPN account, since the actual number is hidden behind a scratch-off panel. It's actually pretty ingenious.
Of course, you can also pay using any of the normal methods, including credit cards, cryptocurrency and bank wires (though not PayPal). But the more private methods are always there for people who need them.
Mullvad side apps and bundles
Mullvad is that rare VPN that's still content to be a VPN and not an all-inclusive security suite. No shade to NordVPN or Surfshark, whose extra features are generally quite good, but it's nice to see at least one of the top providers staying focused.
Although Mullvad doesn't have any partners that sell their products alongside its VPN, it does have several partnerships with other VPNs who use its network as the basis for their own products. MalwareBytes Privacy VPN, Mozilla VPN, Tailscale and Obscura can all be considered Mullvad side apps if you squint.
Mullvad Browser
Mullvad's only product other than the VPN is Mullvad Browser, which is free to download and works on Windows, macOS and Linux. Mullvad Browser works in the background, blocking common methods of browser fingerprinting that can be used to deduce your identity even when you have a VPN running.
For example, it automatically reports your time zone as UTC, disguises personal preferences like font and window size, scrambles information sent by APIs and conceals your browser version and computer operating system. It's also in private mode by default, which doesn't hide what your ISP sees but is useful for concealing your activity from other people that might use your computer.
Close-reading Mullvad's privacy policy
Since privacy is Mullvad's main selling point, this section is even more important than usual. Loopholes in the privacy policy of the privacy VPN would be deeply ironic. Fortunately, Mullvad's privacy policy backs up its high-flying rhetoric. It's a short, pointed and readable document with no problems I could discern. Mullvad has no parent company or subsidiary it might use as a loophole, and no clauses in its policy are left open to interpretation. It's a masterpiece of the privacy-policy genre.
The document is actually three policies: a privacy policy, a no-logging policy and a cookie policy. The privacy policy lists all the times Mullvad might collect data about a user. That's exactly two situations — using financial information to process payments (which will be entirely anonymous if you use cash or a voucher) and using your email address to track support tickets you open. That's it.
The no-logging policy is a bit longer, but mostly because it's explaining exactly how Mullvad manages to run a VPN service with so little information on individual users. For each account, it stores a number and an expiration date, plus public keys and tunnel addresses if you're using WireGuard (deleted at most 10 minutes after your session ends). Everything else is completely anonymized. Mullvad even claims that its 500,000 or so user accounts could have been created by the same user 500,000 times, which I suppose is one way to spend 2.5 million Euro.
The cookie policy is the shortest because Mullvad uses exactly five cookies. One saves your login status in your browser, one saves your language preferences, one protects its site from being used in a specific kind of forgery hack and the other two are for handling Stripe payments.
Independent privacy audits
Mullvad corroborates its privacy policy with regular audits of various aspects of its service. Currently, there are 17 audits listed on its website, including four infrastructure audits by Cure53. All of its apps have been separately audited and found to be solid. It has been a couple of years since the last full infrastructure audit in 2024, but given how many other targeted reviews Mullvad has gone through since then, it's hard to be too upset about the pause.
In 2023, Mullvad achieved the holy grail of VPN privacy: being ordered by subpoena to turn over customer information and not being able to comply because that information didn't exist. Nothing compares to a VPN's privacy being tested in the wild like this.
Can Mullvad change your virtual location?
Sometimes, a VPN appears to be working, but still reveals your real location to websites. Netflix is a useful proxy for this. To unblock a streaming site like Netflix, a VPN needs to change your virtual location while not appearing to do so — if Netflix sees any hint of VPN traffic, you'll get blocked with the hated proxy error. I used five different locations to check whether Mullvad is up to the streaming task.
Server location
Unblocked Netflix?
Changed content?
Vancouver, Canada
3/3
3/3
Gothenberg, Sweden
2/3
2/3
Istanbul, Turkey
3/3
3/3
Johannesburg, South Africa
3/3
3/3
Singapore, Singapore
2/3
2/3
Mullvad did well for streaming, but it didn't manage a perfect score like its fellow anti-establishment VPN Windscribe did. Two of the 15 servers I tested failed to unblock Netflix, one in Singapore and one in Mullvad's hometown of Gothenburg. I also had trouble logging into Netflix while connected to a Vancouver server, though that server did unblock the site consistently once I got inside.
Mullvad's servers all tricked Netflix into believing my new location.
Sam Chapman for Engadget
In Mullvad's defense, no location failed more than once. It's completely possible to get good streaming performance out of this VPN; you just have to be willing to click the server refresh button a few times. Privacy is still the main use case for Mullvad, but it's fine for streaming too.
Investigating Mullvad's server network
Mullvad has 90 server locations in 50 countries and territories. Unusually for a VPN, users can choose between all 590 of its total servers, including several in each location. There's even a list on its website that shows you the status of every server.
Mullvad does not use virtual server locations, so every server is physically located in the place where it claims to be. Here's how they're distributed.
Region
Countries with servers
Total server locations
North America
3
25
South America
5
6
Europe
29
41
Africa
2
2
Middle East
2
2
Asia
7
8
Oceania
2
6
Total
50
90
Over half the countries with servers are in Europe and over two-thirds of the cities with servers are in either Europe or North America. That lopsided network is a limitation of Mullvad's refusal to use virtual server locations, since its real servers have to be concentrated in nations developed enough to host data centers. With an all-real network, it's easier to tell which servers will give you the fastest performance, but you can't simulate as much of the world as you can with larger services like ExpressVPN.
The good news is that there's at least two real server locations on every continent. Mullvad has a surprisingly robust presence in South America and two bare-metal servers in Africa, which is more than some other VPNs have. In the end, though, the best application of Mullvad is to protect the online privacy of users in North America, Europe and eastern Asia.
Extra features of Mullvad
Most of Mullvad's features are augmentations to the VPN itself, rather than side options that do other things. Some of them are bread-and-butter, like the kill switch and split tunneling, but a few you won't find anywhere else. Note beforehand that Mullvad does not support port forwarding, so if you depend on that for your torrenting, try another VPN.
DAITA AI defenses
Mullvad's most novel feature is a recent one. DAITA, which stands for Defense against AI-guided Traffic Analysis, can be toggled on and off in the Mullvad app. According to Mullvad, certain patterns in how browsers communicate with websites can be analyzed by AI to reveal the truth behind encrypted internet history. DAITA hides those packets by filling communications with background noise so the AI won't know what's real.
Mullvad's anti-AI settings.
Sam Chapman for Engadget
DAITA is a laudably forward-looking feature, but as Mullvad itself admits, it will make your browsing speeds slower and drain your battery. I recommend only using it for activities you really want to hide.
Quantum resistance
Mullvad's desktop apps establish quantum-proof WireGuard tunnels by default. Quantum computing isn't yet a threat to WireGuard, but it may become dangerous in the future, so Mullvad is getting ahead of the problem (along with a few other services like NordVPN). When quantum resistance is active, Mullvad encapsulates its keys using the current standard mechanism, ML-KEM.
Anti-censorship
If you find yourself in a country where government censorship makes it hard to access the internet, Mullvad has options that might help. These anti-censorship features can be used to get around firewalls that block visible VPN traffic. You have several options, including changing your WireGuard port, randomizing your port number, disguising your VPN traffic as an ordinary HTTPS connection or using an obfuscated Shadowsocks proxy.
Mullvad's anti-censorship involves more features than most VPNs have in this area. This makes it a bit less user-friendly, but a lot more likely to work. If you're new to getting around censorship, Mullvad's help center has a helpful page about using its anti-censor settings.
Multihop
Many VPNs offer a double-hop connection that routes your traffic through two servers instead of one, adding a redundant layer of encryption in case one server malfunctions. Mullvad pulls ahead of the competition (except Surfshark, which also does this) by allowing you to choose your entry and exit servers. When you activate the multihop option and open the server list, you'll be prompted to pick two locations instead of one.
Mullvad's server list with multihop enabled.
Sam Chapman for Engadget
This means you can select an entry server that's close to you and an exit server in any country whose location you want to spoof, letting you fine-tune your own performance. It's way nicer than being railroaded into certain paths.
DNS content blockers
Mullvad includes six blocklists that can keep you or your family members from looking at unwanted content: ads, trackers, malware, gambling, adult content and social media. These lists can't be customized like Windscribe's R.O.B.E.R.T. blocks can, so you're limited to just turning them on and off.
IPv6 support
The internet is gradually transitioning from the old IPv4 standard over to IPv6, which will allow many more addresses to be shared out. Mullvad is one of a few VPNs looking ahead to the IPv6 era. You can leave it to block all IPv6 traffic, but if you do need IPv6 for any reason, you can enable it while still being connected to a Mullvad server.
Kill switch and lockdown mode
Mullvad comes with two features that protect against unexpectedly losing your VPN defenses. The first is a kill switch, a common VPN option that cuts off internet access if the VPN tunnel ever fails. This simple measure helps guard against accidental leaks.
Lockdown mode is the stronger option. While it's active, you will be unable to get on the internet unless you connect to a Mullvad server first. This will remain true if you turn the connection off yourself and even if you quit the app.
Split tunneling
Split tunneling is available on Mullvad's apps for every system except iOS. It lets you send some apps outside the VPN tunnel so they get online with your normal IP address. It's helpful if you have some apps that don't work with the VPN active — this is common with online banking, as an example. Another common application is to protect a torrenting client in the background while using your browser unprotected for better speeds.
Mullvad customer support options
Mullvad makes two forms of support available in the app. You can report a problem by going to Settings -> Support -> Report a problem, typing your question (requested to be in either English or Swedish, though they'd probably be able to read a question run through Google Translate) and optionally providing your email. You can also view the app's logs at any time, which can be useful to help a technician diagnose your problem.
If you'd rather search for a solution at your own pace, you can go to that same page and click FAQs and Guides instead. This opens the help center in a browser.
Mullvad's help center, including the dropdown filter menus.
Sam Chapman for Engadget
I love Mullvad's approach to laying out its FAQs. Instead of crowding topics into five or six categories and making you guess whether your problem falls under setup, usage or troubleshooting, Mullvad gives you a set of dropdown filters to narrow down the articles which might relate to your problem.
By the time you've named which device, OS and protocol you're dealing with, you won’t have many articles left to sift through. There is an annoying tendency for certain sets of filters to reduce the number of surfaced links to zero, but for those cases, there's a search bar that also works well.
The articles themselves are good enough that I referred to them several times while writing this review. Some of them are a bit overlong, but they're diligent about including both internal and external links to get you where you're going fast.
Live support experience
This is normally where I cover how it feels to get live chat support from the VPN I'm reviewing. However, Mullvad doesn't have live chat support. That's unfortunate, although it's still better than Windscribe's approach of forcing you to banter with a sarcastic robot. Instead, I sent a question via email to Mullvad's support team, and got a response within 24 hours.
Mullvad background check
Mullvad was founded in 2009 in Sweden. It's still owned and operated by its original founders. According to a detailed timeline on its website, its 16-year history has been as uneventful as any user could ask for, with not much changing except updates to stay on the technological leading edge. The only controversy mentioned in Mullvad's own materials is the 2023 police raid of its headquarters, which (as I covered in the privacy section) only makes them look better.
So as not to take Mullvad at its word, I scoured the last 16 years of news items and user reports to search for any other blemishes on its record. Based on that research, I found no reason to doubt Mullvad's honesty about its location, owners or team.
I found just one leak that wasn't noted on Mullvad's own site. In 2023, a security research group called ZATAZ alleged that it found anonymized information on Mullvad users saved on an Internet Archive page, including account numbers (linked article is in French). According to ZATAZ, Mullvad contacted the Archive and got the page deleted.
To my mind, the only mistake Mullvad made in response to the ZATAZ allegations was not making a public statement about the incident. I can see why they didn't think it was a big deal, since even logging into someone else's Mullvad account wouldn't show you their browsing history, but it's always better to communicate about these things.
Final verdict
Mullvad is a VPN that knows what it wants to be and achieves that goal with flying colors. It's not trying to be an everything app — it does privacy and does it well. That's not to say it has nothing going on outside the VPN itself, as its DNS blockers, AI defenses and split tunneling all work smoothly. But if you want a VPN that's not ashamed to be a VPN, Mullvad is the right choice.
Of course, it has its own compromises. It's solidly in the middle of the speed pack and occasionally trips up when unblocking streaming sites. The lack of any protocols other than WireGuard grates on me a bit, since it reduces the user's options for troubleshooting. With all that said, those are minor hiccups on a VPN that does such a thorough job keeping you anonymous online.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/mullvad-vpn-review-near-total-privacy-with-a-few-sacrifices-130000056.html?src=rss
After kicking off CES 2026 with its "First Look" event, Samsung is ready to announce the first of what should be several new Galaxy smartphones this year. The company is officially hosting a Galaxy Unpacked event on February 25 at 1PM ET, where it'll introduce the Galaxy S26 series and updates to Galaxy AI.
Leaks that have trickled out ahead of the event suggest that the Galaxy S26, S26+ and S26 Ultra will feature a new Snapdragon 8 Elite Gen 5 chip, and could come with more RAM and storage. Only the Galaxy S26 Ultra is expected to include major hardware changes, though, with an updated camera system, and possibly proper support for Qi2 charging. Alongside new smartphones, Samsung is also expected to introduce the Galaxy Buds 4 and 4 Pro, which will reportedly feature a new design, support for head gestures and an Ultra Wideband chip so they're easier to find using Google Find Hub.
As in previous years, Samsung has an optional deal for anyone who wants to lock in a discount before the company's new smartphones and accessories are announced. If you reserve Samsung's new devices now, you can receive a $30 credit and be entered to win a $5,000 Samsung.com gift card. When you do pre-order, the company also claims that it'll offer up to an additional $900 in savings if you trade-in a device or $150 off even without a trade-in if you pre-order through Samsung.com.
Engadget will have coverage of everything Samsung announces at Galaxy Unpacked right here, but if you want to watch along, you can catch the company's livestream of the event on Samsung's YouTube channel, the Samsung Newsroom page or at Samsung.com.
This article originally appeared on Engadget at https://www.engadget.com/mobile/smartphones/samsungs-galaxy-s26-unpacked-event-is-on-february-25-230000375.html?src=rss
Get ye to Windows Update, because there's a good chance you've got new Secure Boot certificates to install. Microsoft just announced that it will be refreshing those certificates, which were originally introduced when Secure Boot debuted in 2011, as a security precaution. Secure Boot was a way for Microsoft to protect systems from running unsigned and potentially malicious code before Windows launched. It went on to be an installation requirement for Windows 11, as well as anti-cheat software used in Valorant, Call of Duty: Black Ops 6/7 and Battlefield 6.
Without the new Secure Boot certificates, Microsoft says your system will still function normally, but it will enter "a degraded security state that limits its ability to receive future boot-level protections." Basically, you won't be protected from malware and viruses targeting vulnerabilities in older versions of Windows. As expected, Microsoft also notes that unsupported versions of Windows won't be receiving the new Secure Boot certificates. They're only coming to Windows 11 systems, as well as Windows 10 PCs subscribed to Microsoft's Extended Security Updates.
Microsoft says many users will be able to pick up the updated Secure Boot certificates by visiting Windows Update, but a few may need additional firmware updates from their system (or motherboard’s) OEM. You’ll also be able to track the status of your security certificates in the Windows Security app in the “coming months.”
"As cryptographic security evolves, certificates and keys must be periodically refreshed to maintain strong protection," Nuno Costa, Partner Director of Windows Servicing and Delivery, wrote in a blog post today. "Retiring old certificates and introducing new ones is a standard industry practice that helps prevent aging credentials from becoming a weak point and keeps platforms aligned with modern security expectations."
Costa says Microsoft has been working with OEMs like Dell and HP to ensure a smooth transition to the new Secure Boot certificates. Many new systems built in 2024 already have the updated certs, while "almost all" devices shipped last year have them as well. Microsoft has also been alerting IT customers to this transition since last year.
This article originally appeared on Engadget at https://www.engadget.com/computing/microsoft-will-start-refreshing-secure-boot-certificates-in-march-for-windows-11-and-windows-10-esu-users-170000777.html?src=rss
There appears to be no limit to how chonky and eye-wateringly expensive PC gaming handhelds can get, with the latest behemoth being the Ayaneo Next 2. First announced back in November, the latest Windows handheld in Ayaneo’s Next lineup is now up for pre-order, with a spec sheet that makes some of its rivals look modest.
If you missed the announcement at the end of last year, the Next 2 is packing a 9-inch OLED display with a 2,400 x 1,504 resolution and a maximum refresh rate of 165Hz (adjustable down to 60Hz). The Next 2 is powered by an AMD Ryzen AI Max+ 395 chip and has a massive 115Mh battery under the hood.
To put all of that into perspective, the Next 2’s display is more than 1.5 inches larger than the Steam Deck OLED’s, and goes bigger than even the Lenovo Legion Go 2’s 8.8-inch panel. Its battery is the largest of the three by some margin too, and according to Ars Technicait weighs in at around 3.14 pounds (around 1424g), making it more than twice as heavy as the very heavy Xbox ROG Ally X. Get those wrists to the gym if you’re considering picking one of these up.
Ayaneo is ticking all the boxes where inputs are concerned too. Its latest handheld has dual touchpads (a feature ASUS left out on the ROG Xbox Ally X), Hall Effect sticks, an 8-way D-Pad and four customizable rear buttons.
All of this tech inevitably comes at a high price, with the entry-level model that ships with 32GB of RAM and 1TB of storage coming in at $1,999, or $1,799 if you take advantage of early bird pricing. This model is equipped with the slightly less capable Ryzen AI Max 385 CPU.
If you want the more powerful AI+ 395 chip you have a few options. A variant of the Next II with 64GB of RAM and 1TB of storage costs $2,699, but you can order now at the early bird price of $2,299. For 128GB of RAM and 2TB of storage you’ll be handing over a slightly hilarious $4,299 at full price. Early birds can order now for $3,499.
This article originally appeared on Engadget at https://www.engadget.com/gaming/pc/the-ayaneo-next-2-is-a-massive-pc-handheld-with-a-price-tag-to-match-165326534.html?src=rss
The internet is ripe with horrible violations of people's privacy, including non-consensual explicit images. A new tool from Google won't do much in the way of prevention, but can help you remove this media from Search.
Now, you can choose an image and quickly request its deletion. Just click on the three dots that appear on the image. From there, choose "remove result" and then "It shows a sexual image of me." Other choices include the picture shows a person under 18 and that it has your personal information. If you choose the initial option then you will also be asked whether it contains a real image or deepfake. There's also an option to submit multiple photos at once.
Google claims that, upon submitting your request, you will "immediately" see links to emotional and legal support organizations. Plus, you can opt-in to safeguards that filter out similar results in Search — though it seems these unreported images will still be available for other users to see. This feature should be available in most countries over the coming days.
You can go on Google's "Results about you" hub to track your request. To use the tool, you will have to add in your personal contact information and government ID numbers. Google already had the hub to track if any of that information appears on Search, but now it will also look for your social security number, drivers license and passport information. The company should notify you if any of that information comes up in Search results and allow you to take removal steps.
Results about you's updates should roll out to US users in the coming days. Notably, it arrives as Google shutters its dark web reports. They would alert you if your name, number, or email address appeared on the internet — typically because of a data breach. However, Google found it didn't help users take next steps to fix the problem, something these new features will hopefully do.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/googles-new-tool-helps-you-remove-non-consensual-explicit-images-from-search-155352248.html?src=rss
AirTags are basically an essential accessory for iPhone users who want to keep track of things like their keys, wallet and backpack. While it's easy enough to replace the battery in both versions of the AirTag, you may not want to have to rush to do so at the end of the battery's roughly two-year lifespan. That's where Elevation Lab's extended battery case for the AirTag comes in, and it's heavily discounted right now: it's 30 percent off and down to $16.
The case usually sells for $23, so that's a 30 percent discount. It's not the first time we've seen this deal, but it's a pretty decent one all the same.
This is arguably one of the more useful AirTag accessories around for certain use cases. It won't exactly be helpful for an AirTag that you put in a wallet or attach to your keys, as it's too bulky for such a purpose — and it doesn't have a hole for a keyring anyway. Still, if you're looking for an AirTag case that you can place in a suitcase or backpack and not have to touch for years, this could be the ticket.
Elevation Lab says that, when you place a couple of AA batteries in the case, it can extend the tracker's battery life to as much as 10 years (the brand recommends using Energizer Ultimate Lithium batteries for best results). The AirTag is slated to run for over a year on its standard CR2032 button cell.
The case gives the AirTag more protection as well. It's sealed with four screws and it has a IP69 waterproof rating. What's more, it doesn't ostensibly look like an AirTag case, so someone who steals an item with one inside is perhaps less likely to realize that the object they pilfered is being tracked.
There are some other downsides, though. Since the AirTag is locked inside a case, the sound it emits will be muffled. Elevation Lab says the device's volume will be about two-thirds the level of a case-free AirTag. However, the second-gen AirTag is louder than its predecessor, which should mitigate that issue somewhat.
This article originally appeared on Engadget at https://www.engadget.com/deals/elevation-labs-airtag-10-year-extended-battery-case-is-only-16-right-now-151215061.html?src=rss
It takes time for novel designs to catch on. But even so, I am still wondering why the Zenbook Duo hasn't had a bigger impact on the market after ASUS released its first true dual-screen laptop two years ago. Notebooks like these provide the kind of screen space you'd typically only get from a dual monitor setup, but in a much more compact form factor that you can easily take on the road. It could be that people were wary of an unfamiliar design, shorter battery life or buying a first-gen product — all of which are understandable concerns. However, now that ASUS has given the ZenBook Duo a total redesign for 2026, the company has addressed practically all of those barriers to entry while making it an even more convincing machine for anyone who could use more display space. Which, in my experience, is pretty much everyone.
Editor’s note: The 2026 ASUS Zenbook Duo is expected to be available for pre-order sometime in late February, with general availability slated for March.
Design
For the new model, ASUS didn't mess with the laptop's basic layout too much. Instead, the company polished and tightened everything up, resulting in a system that weighs about the same (3.6 pounds) while reducing its overall size (12.1 x 8.2 x 0.77 to 0.92 inches) by five percent. Critically, you still get a built-in kickstand on the bottom and a detachable keyboard that you move wherever you want. There’s also a decent number of ports, including two USB-C with Thunderbolt 4, one USB-A 3.2 jack, HDMI 2.1 and a combo audio port. That said, I do wish ASUS had found room for an SD card reader of some kind, though given the Zenbook Duo's unique design, I get why that didn't make it.
The Zenbook Duo's detachable keyboard gives users a ton of flexibility when it comes to utilizing both of the laptop's displays.
Sam Rutherford for Engadget
One of the Zenbook Duo's most important design upgrades is a new "hideaway" hinge that reduces the gap between the laptop's two screens. Not only does this make the laptop easier and more pleasant to use in dual-screen mode, it also allows the entire system to lay flat on a table, which is nice for drawing or sharing your screen with someone sitting opposite you. Unfortunately, while my review unit didn’t come with one, ASUS says its forthcoming Pen 3.0 will come bundled with the Zenbook Duo in the US, so you won’t need to pay extra for it.
Another small but appreciated improvement is the new pogo pins below the lower display, which provides a more secure and reliable way of keeping the laptop's detachable keyboard topped up. In my experience, even after running multiple rundown tests that completely drained the Duo's battery, I never had to charge up the keyboard on its own. It was always smart enough to sip electricity from the main system in the background, though it also has a built-in USB-C port for power just in case. On the flipside, if you're not scared of typing on glass, you can still use the lower screen as a keyboard and touchpad, or as a place to display widgets for news, the weather, performance and more.
Displays
As someone who loves a desktop with dual monitors, I can't overstate how nice it is to have similar built-in functionality on a laptop.
Sam Rutherford for Engadget
The standout feature on the Zenbook Duo continues to be its dual displays, and now for 2026, they look better than ever. Both OLED panels have a 144Hz refresh rate with a 2,880 x 1,800 resolution while also covering 100 percent of the DCI-P3 spectrum. And while its nominal brightness of 500 nits for SDR content is just OK, ASUS makes up for that with peaks of up to 1,000 nits in HDR. And to make both screens even more enjoyable, ASUS managed to shrink the size of their bezels down to just 8.28mm. That's a reduction of 70 percent compared to the previous model, so now there's even less getting in the way of you utilizing these screens to their fullest.
Performance
The Zenbook Duo can be configured with a range of new Intel Core Ultra 7 and Core Ultra 9 processors, including the X9 388H chip used on our review unit. For general use and productivity, the laptop is super smooth and responsive, though that shouldn't be a surprise coming from Intel's latest top-of-the-line mobile CPU. However, for those seeking max performance, some of the benchmark numbers aren't quite as impressive as you might expect. That’s because ASUS has limited the Duo's TDP (thermal design power) to 45 watts — which is shy of the chip's 80-watt turbo power limit.
The kickstand in back adds a bit a bulk, but it's better than not having one at all like with Lenovo's Yoga Book.
Sam Rutherford for Engadget
In PCMark 10, the Zenbook Duo only managed a score of 7,153 compared to 9,651 from a Dell XPS 14, despite the latter having a lower-tier Intel Core Ultra X7 358H processor. That said, in other tests like Geekbench 6, the Duo had no trouble staying on top with a multicore score of 17,095 versus 9,651 for the Dell.
Another pleasant surprise is that because the Duo's chip comes with Intel's upgraded Arc B390 integrated GPU, this thing has plenty of oomph to game on, let alone edit videos or other similar tasks. In Elden Ring at 1,920 x 1,200, the Zenbook maintained a relatively stable framerate between 55 and 60 fps on high settings, which is great considering this thing doesn't have discrete graphics. This means as long as you don't mind fiddling with game options a bit, you should be able to play newer AAA games without too much trouble.
Battery life
The left side of the Zenbook Duo features a full-size HDMI connector along with a USB-C port, plus a backup USB-C jack for charging the detachable keyboard.
Sam Rutherford for Engadget
You'd think a laptop with two displays would be super power hungry. However, by increasing the capacity of its cell from 75WHrs to 99WHrs, ASUS has made the Zenbook Duo's endurance (or lack thereof) a complete non-issue. On PCMark 10's Modern Office rundown test, the laptop lasted 18 hours and 33 minutes in single-screen mode. Granted, that's nearly four hours less than what we got from MSI's Prestige 14 Flip AI+, but considering that's the longest-lasting notebook we've ever tested, I'm not bothered. When compared to ASUS' own Zenbook A14 (18:16), things are basically a wash, which I think is a win for the Duo, as the A14 is meant to be an ultralight system with an emphasis on portability and longevity.
Obviously, battery life takes a hit when you're using both displays. However, when I re-ran our battery test with its two displays turned on, the Duo still impressed with a time of 14:23. This is more than enough to give you the confidence to set this thing up in dual-screen mode even when an outlet isn't close at hand. Thankfully, for times when you do need a power adapter, the charging brick on ASUS' cable is rather compact, so it's not a chore to lug it around.
Wrap-up
The Zenbook Duo's battery life is good enough you won't always need its power brick. Thankfully, when you do, ASUS' 100-watt adapter is relatively compact.
Sam Rutherford for Engadget
I'm a believer that one day people will eventually embrace typing on screens with laptops just like they have for smartphones. However, even if you're not willing to make that jump just yet, the Zenbook Duo still has all of its bases covered. Its detachable keyboard gives you a pleasant experience while freeing up the bottom of the notebook to be a second display. This allows you to have something similar to a traditional dual-monitor desktop but in a chassis that you can easily take on the road without any major compromises.
The 2026 Zenbook Duo combines a compact design with strong performance, plenty of ports and surprisingly good battery life. Sure, it's a touch heavier than a typical 14-inch laptop, but its two screens more than make up for a little added weight and thickness. That leaves price as the Duo's remaining drawback, and starting at $2,100 (or $2,300 as reviewed), it certainly isn't cheap.
However, when you consider that a similarly equipped rival like a Dell XPS 14 costs just $50 less for a single screen, that price difference is rather negligible. Alternatively, if you opt for a more affordable ultraportable and then tack on a decent third-party portable monitor, you're still likely looking at a package that costs between $1,500 and $1,800. Plus, that setup is significantly bulkier and more annoying to carry around. So while the Zenbook Duo might be an unconventional pick right now, it has all the tools to deliver unmatched portable productivity and I don’t think it will be too much longer until the masses catch on.
This article originally appeared on Engadget at https://www.engadget.com/computing/laptops/asus-zenbook-duo-2026-review-two-screens-really-are-better-than-one-140000982.html?src=rss
Last year the UK declared that Apple and Google were a duopoly with "strategic market status" in the mobile platforms market, making them subject to special regulations. However, the UK's Competition and Markets Authority (CMA) will not regulate Google and Apple's app stores like the EU has done. Rather, government plans to enforce its own digital markets rules in a "pragmatic" way by accepting "commitments" from Apple and Google in areas like app rankings, the CMA announced.
Google and Apple agreed to work with the CMA to address concerns on the following matters: app review, app ranking, use of data and interoperability process. Effectively, regulators require the tech giants to treat developers fairly, particularly when they compete against Google and Apple's own apps. However, the UK's rules are more like suggestions and "not legally binding in any case," former CMA director Tom Smith told the Financial Times.
This is in stark contrast to Europe's Digital Markets Act, which forced Apple to make changes to open up iOS features and data to rivals, allow app installations from outside its Store and reduce fees collected on purchases.
That could change if the companies fail to comply with its measures, though. The CMA plans to check metrics like the number of apps approved or rejected, app review times and developer complaints received. New requirements could then be brought forward if deemed necessary. "For example, if we find Apple is routinely declining interoperability requests without good reason... we could bring forward specific interoperability requirements. Non-compliance would also mean we would be unlikely to consider commitments as a similar approach in [the] future."
Google said in a blog today that it "welcomed the opportunity to resolve the CMA's concerns collaboratively." Apple, meanwhile, seemed similarly pleased with the deal. "The commitments announced today allow Apple to continue advancing important privacy and security innovations for users and great opportunities for developers,” an Apple spokesperson told Bloomberg.
The UK is possibly taking a light touch on app store rules to avoid antagonizing the Trump administration. Earlier today, French President Emmanuel Macron predicted that the US could go after the EU on areas like data privacy, digital taxation and the plan of multiple EU countries to ban children from social media. "The US will, in the coming months — that’s certain — attack us over digital regulation," Macron said at a special summit yesterday.
This article originally appeared on Engadget at https://www.engadget.com/big-tech/uk-takes-light-touch-approach-to-regulating-apple-and-googles-app-stores-131119575.html?src=rss
(We’ve had a few teething issues with the newsletter and apologise for the delays some of you might be experiencing. Please enjoy the latest edition. Back to business as usual. — Mat Smith, UK Bureau Chief)
The House Judiciary Committee wants the US Department of Justice to turn over all its communications with both Apple and Google regarding the companies’ decisions to remove apps that shared information about sightings of US Immigration and Customs Enforcement officers.
Several apps were removed from both Apple’s App Store and Google’s Play Store in October. Politico reported that Raskin has contacted Attorney General Pam Bondi.
“The coercion and censorship campaign, which ultimately targets the users of ICE-monitoring applications, is a clear effort to silence this Administration’s critics and suppress any evidence that would expose the Administration’s lies, including its Orwellian attempts to cover up the murders of Renee and Alex,” Raskin wrote to Bondi.
Ring’s Super Bowl ad showcased its Search Party feature, scaring the pants off anyone concerned about a mass surveillance state and, well, the state of everything at the moment. Search Party turns individual Ring devices into a surveillance network. Each camera uses AI to detect pets running within its field of view, and feeds are pooled to help identify lost animals. If it can handle pups, why not people? Here’s how to disable it.
On a lighter note, consumer tech! Ferrari’s new car is no Apple Car. This is the Ferrari Luce (“light” in Italian), the actual name for the EV formerly known as Elettrica, and we (well, Tim Stevens) were lucky enough to get a walkthrough with Sir Jony Ive himself.
That’s because the interior was designed by LoveFrom, founded by Ive after leaving Apple in 2019. OpenAI acquired the design firm for $6.5 billion, and while the company has had numerous projects, the Luce could be its biggest yet. It’s filled with playful touches and a lot of, well, glass. If that tilting screen doesn’t shout iPhone design, what does?
This article originally appeared on Engadget at https://www.engadget.com/general/the-morning-after-doj-may-face-investigation-over-removal-of-ice-agent-tracking-apps-121500737.html?src=rss
