Fredrik Stromberg established his first connection with the Internet
in the mid-1990s and became fascinated by
networks, open-source software, and security shortly thereafter. Together with his friend Daniel Berntsson he cofounded Mullvad in 2009 - a privacy-focused VPN service that helps keep users' online activity, identity, and location private. Its goal is to make internet censorship and surveillance ineffective. Mullvad has consistently been first in, or an early adopter of, many of the technologies and security features that are today regarded as standard practice by VPN services.
Introducing System Transparency - a novel design approach for computer systems intended to offer deterrence, prevention, and detection of attacks by combining a provisioning ritual, write-protected firmware, tamper detection, reproducible builds, remote attestation, immutable infrastructure, and a signed and auditable append-only log. Used correctly it will prevent malware persistence, provide an extensive and trustworthy audit trail, and eventually self-heal after compromise. Within certain limitations it can be used to prove to the owner, system administrator, user, or a third party, exactly what is currently running on the system, and what it has been permitted to run in the past.
It facilitates trust in the hardware and initial state of the system through the provisioning ritual and tamper detection switches, which together with a TPM and firmware write-protection establishes the root-of-trust as well as prevents malware persistence.
The use of reproducible builds in combination with immutable infrastructure deter and prevent malicious modification during the build stage as well as during runtime. The use of remote attestation of the boot chain in combination with a transparency log provide assurances of the current system configuration, as well as an audit trail of previous configurations.
A platform using System Transparency that is compromised due to an unpatched application can simply reboot, load an updated system image, and attest its new, patched, and uncompromised boot chain to its system administrator or users.