The QuarksLab audit of VeraCrypt has been completed, and this is the public release of the results.
The quick and dirty:
VeraCrypt 1.18 and its bootloaders were evaluated. This release included a number of new features including non-western developed encryption options, a boot loader that supports UEFI (modern BIOSes), and more.
8 Critical Vulnerabilities
3 Medium Vulnerabilities
On September 12th of this month, MySQL, the #1 database software in the world, suffered a 0-day exposure of a bug of the worst kind. It allows an authenticated remote attacker to take full control of any server running the software, regardless of the user's privileges in the database. This Escalation of Privilege vulnerability is a serious
The MacArthur Foundation has started a new competition for a large grant called 100 & Change. This grant gives the winner $100,000,000 USD with the aim of solving a real world problem.
The OSTIF has officially registered for the contest, and we believe we have are in a position to change the world through secure,
OSTIF + QuarksLab Audit of VeraCrypt Completed - Phase II Begins
The audit of VeraCrypt has been completed, and the final report is being created over the coming days. The VeraCrypt developers have the preliminary results and we are working with both VeraCrypt and QuarksLab on the timetable for releasing results.
Why aren't results released immediately?
OSTIF, QuarksLab, and VeraCrypt E-mails are Being Intercepted
As we have began the process of staging our audit, we have set up PGP encrypted communications between OSTIF, QuarksLab, and the lead developer of the VeraCrypt project. In these communications we have discussed vulnerability information, processes and procedures for reporting findings, and exchanged confidential information about
OSTIF is proud to announce that we have come to an agreement to fully fund an audit of VeraCrypt. Using funds that were donated by DuckDuckGo and VikingVPN, we plan to hire QuarksLab to go over the code and search for vulnerabilities and backdoors.
VeraCrypt is a crucial piece of open-source software that can encrypt
We are proud to announce the addition of a new member of our team! Samara Renovato is joining us to help manage our PR and Social Media operations. She is a student at the University of Chicago studying Psychology. With a new focus on how people interact with one another in the contemporary digital
OSTIF Transparency - We are opening up our books
Edit: Our public books were last updated on 9/16/2016
In an effort to increase our transparency about where money in our organization goes, we are opening up our books to scrutiny by the public. You can see how our money is spent and when. We invite any
The Haystack - Four Woman Journalists Explore the Scope, Legality, and Ethical Pitfalls of Mass Surveillance.
What is mass surveillance? How do investigative powers of governments differ today from thirty years ago? How intrusive are these powers? Are these powers legal within the constitutions of their respective countries? Who decides when these surveillance powers can
DuckDuckGo, the privacy search engine that does not track its users, has made a $25,000 contribution to the OSTIF, with the funds earmarked for the VeraCrypt project. These funds will be instrumental in supporting our goals of strengthening VeraCrypt and will directly assist the project in moving forward.
DuckDuckGo's business model is significantly different from