A Review of the Linux Kernel’s Vulnerability Reporting and Remediation

The Linux Foundation has sponsored a review of the Linux Kernel's practices and policies around how security vulnerabilities are reported to the kernel team, how those reports are processed and addressed, and how those vulnerabilities are disclosed to the public. OSTIF, working with the team at Atredis Partners and a…

Continue Reading A Review of the Linux Kernel’s Vulnerability Reporting and Remediation

The Linux Foundation Public Health Initiative Sponsored the Audit of COVID Exposure Notification Apps. Here Are The Results!

The Linux Foundation's Public Health (LFPH) initiative has sponsored audits of two COVID-19 exposure notification apps, COVID Shield and COVID Green. As part of their stewardship of these projects, the Linux Foundation decided that it would be prudent to perform due diligence by reviewing the design and code of the…

Continue Reading The Linux Foundation Public Health Initiative Sponsored the Audit of COVID Exposure Notification Apps. Here Are The Results!

What OSTIF is Working on in 2020

OSTIF is simultaneously working on multiple projects this quarter. Here is what we've been working on and what to expect over the next few months! Two projects with the Linux Foundation We are working with the Linux Foundation's Core Infrastructure Initiative on the safety and security of the Linux Kernel.…

Continue Reading What OSTIF is Working on in 2020

Announcing the OSTIF Anti-Censorship Project

Censorship is an increasing problem on the internet. As the technology to manipulate what users see on the web gets cheaper, more countries, ISPs, and service providers are amping up their ability to not only monitor what their users see, but to orchestrate what those users see and experience. We…

Continue Reading Announcing the OSTIF Anti-Censorship Project

We are Working with the Monero Community for Multiple Audits of RandomX

The Open Source Technology Improvement Fund is working with the Monero community to fund at least two (and probably three) audits of Monero RandomX. What is RandomX? RandomX is a project that implements a dynamic proof of work algorithm. The aim of an algorithm that changes is to make it…

Continue Reading We are Working with the Monero Community for Multiple Audits of RandomX

OSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties!

OSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties! The Open Source Technology Improvement Fund will be partnering with the Internet Bug Bounty and HackerOne in a partnership that will get our supported projects listed on HackerOne with no overhead costs! HackerOne is the de-facto site…

Continue Reading OSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties!
OSTIF is Working with Monero Research Lab on Bulletproofs
Monero cryptocurreny theme with computer motherboard theme

OSTIF is Working with Monero Research Lab on Bulletproofs

OSTIF is Working with Monero Research Lab on Bulletproofs We are happy to announce that we have been working with the Monero project to help them locate auditing resources for Bulletproofs. This code review is to evaluate the safety of the implementation of Bulletproofs into Monero, which promises to dramatically…

Continue Reading OSTIF is Working with Monero Research Lab on Bulletproofs

We are giving the warmest welcome to Private Internet Access for Becoming our First Platinum Sponsor

Welcome to Private Internet Access for Becoming our First Platinum Sponsor! We are welcoming Private Internet Access to the OSTIF family, as they have became our first platinum sponsors. Their commitment to free and open software has been tremendous, first funding two OpenVPN code review projects and now the OpenSSL…

Continue Reading We are giving the warmest welcome to Private Internet Access for Becoming our First Platinum Sponsor

The OSTIF Bug Bounty Program has Officially Begun

The OSTIF Bug Bounty Program has Officially Begun We are proud to announce that the pilot program for OSTIF bug bounties has started. This means that researchers around the world can now find application and security flaws in OpenVPN and VeraCrypt for monetary and career-building rewards. The maximum award for…

Continue Reading The OSTIF Bug Bounty Program has Officially Begun