We would like to thank our sponsors Private Internet Access and DuckDuckGo for helping to fund this security review, as well as all of our donors and individual supporters. This crucial work doesn’t happen without support from the community. The quick and dirty: OpenSSL version 1.1.1 was evaluated with special foci on new TLS…
OSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties! The Open Source Technology Improvement Fund will be partnering with the Internet Bug Bounty and HackerOne in a partnership that will get our supported projects listed on HackerOne with no overhead costs! HackerOne is the de-facto site…
We have completed the security review of the new Pseudorandom Number Generator (PRNG) for OpenSSL1.1.1. This security review was sponsored by Private Internet Access, ExpressVPN, DuckDuckGo, OpenVPN, and the privacy community. Random number generation is a crucial component in all cryptography, because the “randomness” of numbers is the mechanism that makes secret numbers hard to guess. Problems…
UPDATE: We are now 81% funded! Keep spreading the word! Matched donations by DuckDuckGo on Crowdrise here: https://www.crowdrise.com/o/en/campaign/ostif1/ostif Ways to contribute for FREE: https://ostif.org/how-to-contribute-to-ostif-for-free/ Donate using a huge number of options here: https://ostif.org/donate What are we working on? OpenSSL powers everything. 70% of the top million websites use OpenSSL to provide encryption…
Double Your Donations With CrowdRise Today, we begin our second round of funding in partnership with DuckDuckGo, who will be matching Crowdrise donations for the next four weeks! You can view the Crowdrise campaign and donate here to have your donation matched (doubled): https://www.crowdrise.com/o/en/campaign/ostif1/ OpenSSL 1.1.1 Project Changes We have…
November 19th OpenSSL Fundraiser Updates - Progress and Thank Yous Our work fundraising for the massive OpenSSL 1.1.1 project continues. Our project is now up to hundreds of backers and dozens of companies and organizations. I would like to thank OpenVPN Technologies for their continued support (they have donated an…
OpenSSL 1.1.1 Fundraising Progress (This post will be updated regularly as we gain more sponsors and progress toward our total goal.) We are happy to announce that we have raised 36% of the money needed to audit OpenSSL 1.1.1 with three weeks of fundraising completed. We expect to meet our…
Welcome to Private Internet Access for Becoming our First Platinum Sponsor! We are welcoming Private Internet Access to the OSTIF family, as they have became our first platinum sponsors. Their commitment to free and open software has been tremendous, first funding two OpenVPN code review projects and now the OpenSSL…
The OpenSSL 1.1.1 Audit Fundraising has Begun! What are we doing? Like our other fundraisers, OSTIF is reaching out to the public to fund a thorough and open audit of OpenSSL 1.1.1. This particular version is important because OpenSSL 1.1.1 introduces significant pieces of new code to implement the new…