OSTIF is Beginning a Fundraiser for OpenVPN - Let's Get it Audited! Edit: Updates about the progress of this fundraiser are here: https://ostif.org/openvpn-audit-updates-news-and-more/ Today marks the first day of our OpenVPN fundraiser. We are asking for your support to get one of the most widely used networking applications in the world…
VeraCrypt 1.18 and its bootloaders were evaluated. This release included a number of new features including non-western developed encryption options, a boot loader that supports UEFI (modern BIOSes), and more. QuarksLab found: 8 Critical Vulnerabilities 3 Medium Vulnerabilities 15 Low or Informational Vulnerabilities / Concerns This public disclosure of these vulnerabilities coincides with the release of VeraCrypt 1.19…
OSTIF + QuarksLab Audit of VeraCrypt Completed - Phase II Begins The audit of VeraCrypt has been completed, and the final report is being created over the coming days. The VeraCrypt developers have the preliminary results and we are working with both VeraCrypt and QuarksLab on the timetable for releasing…
OSTIF is proud to announce that we have come to an agreement to fully fund an audit of VeraCrypt. Using funds that were donated by DuckDuckGo and VikingVPN, we plan to hire QuarksLab to go over the code and search for vulnerabilities and backdoors. VeraCrypt is a crucial piece of…
It has been a while since we have told you all what we are up to. We have a number of news items to cover in the coming weeks, including updates to our transparency, bringing on additional staff, development of guide videos for all of our supported software applications on…
TrueCrypt - The venerable full disk and container encryption software that was abandoned by its developers in 2014, was believed to be secure, despite the development of the software ending. This was the consensus among the security community because the software had been audited by iSec (a subsidiary of NCC).…