What happens if someone searches their home address or a place nearby? If it's automatically cached, it could be a data leak. Some sufficiently motivated person can correlate it with someone who connects to Mullvad servers.
Well that would only show (if indeed it can leak somehow) that somebody used Mullvad to search for that - if using it for yourself it wouldn't be hard to say "cafe near 49 my street" rather than "44 my street", or whatever, so a) that's probably the kind of caution you should always use if wanting to protect privacy or your house number since there's essentially no downside, unless you're literally ordering something to be physically delivered and b) it gives plausible deniability that anyone whose house address were known to have been searched doesn't really mean the person living there is the one who searched it.
(But of course, ideally they would have something in place to prevent such a leak at all, and perhaps they do somehow?)
This has also been noted by Assured AB when they did their security audit of the service [0].
> 3.4.1 Note Plaintext search queries in cache database
> Assured recommended hashing search terms before insertion / lookup in the cache database. Since search term cache lookups are only performed with exact matching, this should not affect functionality.
> Mullvad: We are now hashing (and salting) the search terms before they are added to Redis
As I understand it, it's the result to a given search string that is cached.
Sure, If I search for "44 little poney street", then the result itself is cached at Mullvad, and someone needs to search himself/herself for "44 little poney street" by entering precisely this search string to access the cached page.
So I don't see a leak with caching... There are leaks anyway: the search term sent to Google, if someone compromises Mullvad, etc... But not one specific with caching and related to other users.
