OSTIF is working with the Open Source Security Foundation on Symfony

  • Post category:NewsSecurity

OSTIF has been working with the Open Source Security Foundation's Securing Critical Projects working group to help identify critical pieces of infrastructure that require focused security attention. Symfony, a widely used PHP framework has consistently been near the top of multiple reports, underscoring the criticality of the project to the…

Continue ReadingOSTIF is working with the Open Source Security Foundation on Symfony

Google is partnering with Open Source Technology Improvement Fund, Inc to sponsor security reviews of critical open source software

Announcement:  Google is partnering with Open Source Technology Improvement Fund, Inc to sponsor security reviews of critical open source software.  OSTIF is elated to announce that we are planning to improve security of eight open-source projects thanks to support from the Google Open Source Security Team. This marks a major…

Continue ReadingGoogle is partnering with Open Source Technology Improvement Fund, Inc to sponsor security reviews of critical open source software

What OSTIF is Working on in 2020

OSTIF is simultaneously working on multiple projects this quarter. Here is what we've been working on and what to expect over the next few months! Two projects with the Linux Foundation We are working with the Linux Foundation's Core Infrastructure Initiative on the safety and security of the Linux Kernel.…

Continue ReadingWhat OSTIF is Working on in 2020

Four Audits of RandomX for Monero and Arweave have been Completed – Results

As always, remember that our work only happens with the support of our sponsors and the community. Consider donating to the cause and getting the companies that you work at and patronize to get involved. We are always short on funding and more money always means more research. Special thank…

Continue ReadingFour Audits of RandomX for Monero and Arweave have been Completed – Results

The OSTIF and Quarkslab Audit of OpenSSL is Complete

We would like to thank our sponsors Private Internet Access and DuckDuckGo for helping to fund this security review, as well as all of our  donors and individual supporters. This crucial work doesn’t happen without support from the community. The quick and dirty: OpenSSL version 1.1.1 was evaluated with special foci on new TLS…

Continue ReadingThe OSTIF and Quarkslab Audit of OpenSSL is Complete

OSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties!

OSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties! The Open Source Technology Improvement Fund will be partnering with the Internet Bug Bounty and HackerOne in a partnership that will get our supported projects listed on HackerOne with no overhead costs! HackerOne is the de-facto site…

Continue ReadingOSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties!
Read more about the article The OSTIF and QuarksLab Audit of Monero Bulletproofs is Complete – Critical Bug Patched
Monero cryptocurrency security theme with businessman on blurred blue light background

The OSTIF and QuarksLab Audit of Monero Bulletproofs is Complete – Critical Bug Patched

Bulletproofs are a specific type of range proof based on new cryptography by Benedikt Bunz et al. Bulletproofs are a trustless proofs setup that are substantially smaller than the current Borromean style range proofs that were previously used, which reduces the size of Monero transactions by 80-90%. Monero’s latest network update,…

Continue ReadingThe OSTIF and QuarksLab Audit of Monero Bulletproofs is Complete – Critical Bug Patched