Welcome to Private Internet Access for Becoming our First Platinum Sponsor!
We are welcoming Private Internet Access to the OSTIF family, as they have became our first platinum sponsors. Their commitment to free and open software has been tremendous, first funding two OpenVPN code review projects and now the OpenSSL 1.1.1 project and OSTIF as
Security researcher Guido Vranken has had the honor of being our first bug bounty payout totaling $5000 USD for his work on fuzzing OpenVPN 2.4.2 and finding a variety of memsafe and error handling flaws, responsibly disclosing them, and working with OSTIF and the OpenVPN security team to integrate his custom code into the
The OpenSSL 1.1.1 Audit Fundraising has Begun!
What are we doing?
Like our other fundraisers, OSTIF is reaching out to the public to fund a thorough and open audit of OpenSSL 1.1.1. This particular version is important because OpenSSL 1.1.1 introduces significant pieces of new code to implement the new TLS 1.3 standard.
Millions of websites (including
We have set up the infrastructure to enable donations via Monero.
Monero is a fully open-source and decentralized cryptocurrency that improves on the privacy shortcomings of Bitcoin through obfuscation technologies like RingCT and is currently working on an i2p based routing system to further privatize transactions, called Kovri.
The Monero project has been instrumental in improving
The OSTIF Bug Bounty Program has Officially Begun
We are proud to announce that the pilot program for OSTIF bug bounties has started. This means that researchers around the world can now find application and security flaws in OpenVPN and VeraCrypt for monetary and career-building rewards.
The maximum award for OpenVPN and VeraCrypt is a $5000
We have just posted our Windows 7 hidden operating system guide on YouTube here:
In this guide, we show you how to create a VeraCrypt Windows 7 hidden operating system. This enables you to hide your operating system within an encrypted partition, creating data assurance for your OS and maximum privacy.
VeraCrypt is powerful, free, open-source
OSTIF's 2017 Open Books Have Been Updated
Our commitment to keep our financial transactions fully transparent continues. We have updated our public books to current.
You can view them here:¬†https://docs.google.com/spreadsheets/d/1OqWBlNwk5be2c74cRlmYOdhLWPeCjCBAALxYCdMwIaM/
Our biggest items of note in 2017 so far are the donations and expenses related to the OpenVPN 2.4 fundraiser.
You can view the results of the OpenVPN
The OSTIF and QuarksLab audit of OpenVPN 2.4.0 has been completed, and this is the public release of the results.
The quick and dirty:
OpenVPN 2.4.0, the NDIS6 TAP Driver for Windows, the Windows GUI, and Linux versions were evaluated. This release included a number of new features including control channel encryption.
1 Critical/High Vulnerability CVE-2017-7478
New Attacks on Privacy Show That Legal Solutions Cant Be Relied On
One of the core concepts that motivated me to create the OSTIF is the belief that the Internet is an enormous tool for good. In order for us to be able to enjoy the fruits of free information, we need to have agency
The Audit of OpenVPN is Complete
We have confirmed with QuarksLab that the security review of OpenVPN 2.4.0 is complete, and that they are now documenting the results.
The process will then proceed as follows:
QuarksLab will securely give these results to the OpenVPN security team on April 7th.
The OpenVPN team will review the results and create