A Review of the Linux Kernel’s Vulnerability Reporting and Remediation

The Linux Foundation has sponsored a review of the Linux Kernel's practices and policies around how security vulnerabilities are reported to the kernel team, how those reports are processed and addressed, and how those vulnerabilities are disclosed to the public. OSTIF, working with the team at Atredis Partners and a…

Continue ReadingA Review of the Linux Kernel’s Vulnerability Reporting and Remediation

The Linux Foundation Public Health Initiative Sponsored the Audit of COVID Exposure Notification Apps. Here Are The Results!

The Linux Foundation's Public Health (LFPH) initiative has sponsored audits of two COVID-19 exposure notification apps, COVID Shield and COVID Green. As part of their stewardship of these projects, the Linux Foundation decided that it would be prudent to perform due diligence by reviewing the design and code of the…

Continue ReadingThe Linux Foundation Public Health Initiative Sponsored the Audit of COVID Exposure Notification Apps. Here Are The Results!

The OSTIF Audit of Monero CLSAG is Complete! – Results

OSTIF, working with the Monero Community, the Monero development team, Monero Research Lab and Sweetwater Asset Consulting, has completed our latest security review of Monero CLSAG. Concise Linkable Spontaneous Anonymous Group signatures are a new variant of Monero's current MLSAG (Multilayered Linkable Spontaneous Anonymous Group signature) scheme. Overall, it promises…

Continue ReadingThe OSTIF Audit of Monero CLSAG is Complete! – Results

What OSTIF is Working on in 2020

OSTIF is simultaneously working on multiple projects this quarter. Here is what we've been working on and what to expect over the next few months! Two projects with the Linux Foundation We are working with the Linux Foundation's Core Infrastructure Initiative on the safety and security of the Linux Kernel.…

Continue ReadingWhat OSTIF is Working on in 2020

Four Audits of RandomX for Monero and Arweave have been Completed – Results

As always, remember that our work only happens with the support of our sponsors and the community. Consider donating to the cause and getting the companies that you work at and patronize to get involved. We are always short on funding and more money always means more research. Special thank…

Continue ReadingFour Audits of RandomX for Monero and Arweave have been Completed – Results

We are Working with the Monero Community for Multiple Audits of RandomX

The Open Source Technology Improvement Fund is working with the Monero community to fund at least two (and probably three) audits of Monero RandomX. What is RandomX? RandomX is a project that implements a dynamic proof of work algorithm. The aim of an algorithm that changes is to make it…

Continue ReadingWe are Working with the Monero Community for Multiple Audits of RandomX