The OpenVPN Audit Begins February 15th 2017

The OpenVPN Audit Begins February 15th 2017 The OpenVPN audit is going to be carried out as planned by QuarksLab's Gabriel Campana and Jean-Baptiste Bedrune on February 15th 2017. There will be 90 man-days of work completed throughout this audit and it will take approximately 45 days to complete. During this…

Continue Reading The OpenVPN Audit Begins February 15th 2017

The OpenVPN Fundraiser Has Hit It’s Goal – Work On The Audit Begins

The OpenVPN Fundraiser Has Hit It's Goal - Work On The Audit Begins We are delighted to announce that the Open Source Technology Improvement Fund has surpassed it's target goal of $71,000 USD with two weeks of fundraising to spare! We are continuing to seek donations until fundraising officially ends…

Continue Reading The OpenVPN Fundraiser Has Hit It’s Goal – Work On The Audit Begins

More OpenVPN Updates!

Progress! Goals! Collaboration! We are reporting in with more progress updates on our fundraising, more specifics on our goals, and some positive news about collaboration. Fundraising: We have secured substantially more funding over the last few days, increasing our total cash raised to $41000. This places us at about 60%…

Continue Reading More OpenVPN Updates!

OpenVPN Audit Updates – News – And More!

Fundraising Is Going Well, Progress Is Fast! We have had a lot of early success with our OpenVPN fundraiser, and the community response to the project has been tremendous with privacy advocates, VPN review sites, and VPN providers coming together to raise over $34,000 USD over the last two weeks.…

Continue Reading OpenVPN Audit Updates – News – And More!

OSTIF is Beginning a Fundraiser for OpenVPN – Let’s Get it Audited!

OSTIF is Beginning a Fundraiser for OpenVPN - Let's Get it Audited! Edit: Updates about the progress of this fundraiser are here: https://ostif.org/openvpn-audit-updates-news-and-more/ Today marks the first day of our OpenVPN fundraiser. We are asking for your support to get one of the most widely used networking applications in the world…

Continue Reading OSTIF is Beginning a Fundraiser for OpenVPN – Let’s Get it Audited!

The VeraCrypt Audit Results

VeraCrypt 1.18 and its bootloaders were evaluated. This release included a number of new features including non-western developed encryption options, a boot loader that supports UEFI (modern BIOSes), and more. QuarksLab found: 8 Critical Vulnerabilities 3 Medium Vulnerabilities 15 Low or Informational Vulnerabilities / Concerns This public disclosure of these vulnerabilities coincides with the release of VeraCrypt 1.19…

Continue Reading The VeraCrypt Audit Results

OSTIF + QuarksLab Audit of VeraCrypt Completed – Phase II Begins

OSTIF + QuarksLab Audit of VeraCrypt Completed - Phase II Begins The audit of VeraCrypt has been completed, and the final report is being created over the coming days. The VeraCrypt developers have the preliminary results and we are working with both VeraCrypt and QuarksLab on the timetable for releasing…

Continue Reading OSTIF + QuarksLab Audit of VeraCrypt Completed – Phase II Begins

We Have Come to an Agreement to Get VeraCrypt Audited

OSTIF is proud to announce that we have come to an agreement to fully fund an audit of VeraCrypt. Using funds that were donated by DuckDuckGo and VikingVPN, we plan to hire QuarksLab to go over the code and search for vulnerabilities and backdoors. VeraCrypt is a crucial piece of…

Continue Reading We Have Come to an Agreement to Get VeraCrypt Audited

Progress Report – April 2016

It has been a while since we have told you all what we are up to. We have a number of news items to cover in the coming weeks, including updates to our transparency, bringing on additional staff, development of guide videos for all of our supported software applications on…

Continue Reading Progress Report – April 2016

TrueCrypt Critical Flaw Highlights the Need for OSTIF Support for VeraCrypt

TrueCrypt - The venerable full disk and container encryption software that was abandoned by its developers in 2014, was believed to be secure, despite the development of the software ending. This was the consensus among the security community because the software had been audited by iSec (a subsidiary of NCC).…

Continue Reading TrueCrypt Critical Flaw Highlights the Need for OSTIF Support for VeraCrypt