OSTIF is Beginning a Fundraiser for OpenVPN - Let's Get it Audited! Edit: Updates about the progress of this fundraiser are here: https://ostif.org/openvpn-audit-updates-news-and-more/ Today marks the first day of our OpenVPN fundraiser. We are asking for your support to get one of the most widely used networking applications in the world audited. How you can support this effort: -Donate

Beautiful. Elegant. Stylish. Intelligent. These are the words that I, Derek Zimmer, and possibly someone else will describe you as when you are wearing our new OSTIF t-shirts! The design is a black shirt with the white OSTIF.org logo on the front, and the back is a negative of Snowden Document 20320108. This is the document that showed that

The QuarksLab audit of VeraCrypt has been completed, and this is the public release of the results. The quick and dirty: VeraCrypt 1.18 and its bootloaders were evaluated. This release included a number of new features including non-western developed encryption options, a boot loader that supports UEFI (modern BIOSes), and more. QuarksLab found: 8 Critical Vulnerabilities 3 Medium Vulnerabilities 15

On September 12th of this month, MySQL, the #1 database software in the world, suffered a 0-day exposure of a bug of the worst kind. It allows an authenticated remote attacker to take full control of any server running the software, regardless of the user's privileges in the database. This Escalation of Privilege vulnerability is a serious

The MacArthur Foundation has started a new competition for a large grant called 100 & Change. This grant gives the winner $100,000,000 USD with the aim of solving a real world problem. The OSTIF has officially registered for the contest, and we believe we have are in a position to change the world through secure,

OSTIF + QuarksLab Audit of VeraCrypt Completed - Phase II Begins The audit of VeraCrypt has been completed, and the final report is being created over the coming days. The VeraCrypt developers have the preliminary results and we are working with both VeraCrypt and QuarksLab on the timetable for releasing results. Why aren't results released immediately? In

OSTIF, QuarksLab, and VeraCrypt E-mails are Being Intercepted As we have began the process of staging our audit, we have set up PGP encrypted communications between OSTIF, QuarksLab, and the lead developer of the VeraCrypt project. In these communications we have discussed vulnerability information, processes and procedures for reporting findings, and exchanged confidential information about

We are proud to announce the addition of a new member of our team! Samara Renovato is joining us to help manage our PR and Social Media operations. She is a student at the University of Chicago studying Psychology. With a new focus on how people interact with one another in the contemporary digital

OSTIF Transparency - We are opening up our books Edit: Our public books were last updated on 9/16/2016 In an effort to increase our transparency about where money in our organization goes, we are opening up our books to scrutiny by the public. You can see how our money is spent and when. We invite any