The OSTIF Audit of Curl with Trail of Bits is Complete

Results of curl Security Audit¬† By: Amir Montazery, OSTIF Open Source Technology Improvement Fund (OSTIF) is thrilled to announce the results of a security audit and threat model for curl. In development since 1998, curl is a command line tool and library for transferring data with URLs. Curl is used…

Continue ReadingThe OSTIF Audit of Curl with Trail of Bits is Complete

TrueCrypt Critical Flaw Highlights the Need for OSTIF Support for VeraCrypt

TrueCrypt - The venerable full disk and container encryption software that was abandoned by its developers in 2014, was believed to be secure, despite the development of the software ending. This was the consensus among the security community because the software had been audited by iSec (a subsidiary of NCC).…

Continue ReadingTrueCrypt Critical Flaw Highlights the Need for OSTIF Support for VeraCrypt