What OSTIF is Working on in 2020

OSTIF is simultaneously working on multiple projects this quarter. Here is what we've been working on and what to expect over the next few months! Two projects with the Linux Foundation We are working with the Linux Foundation's Core Infrastructure Initiative on the safety and security of the Linux Kernel.…

Continue Reading What OSTIF is Working on in 2020

Announcing the OSTIF Anti-Censorship Project

Censorship is an increasing problem on the internet. As the technology to manipulate what users see on the web gets cheaper, more countries, ISPs, and service providers are amping up their ability to not only monitor what their users see, but to orchestrate what those users see and experience. We…

Continue Reading Announcing the OSTIF Anti-Censorship Project

OSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties!

OSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties! The Open Source Technology Improvement Fund will be partnering with the Internet Bug Bounty and HackerOne in a partnership that will get our supported projects listed on HackerOne with no overhead costs! HackerOne is the de-facto site…

Continue Reading OSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties!

Congratulations to Guido Vranken for earning our first bug bounty!

Security researcher Guido Vranken has had the honor of being our first bug bounty payout totaling $5000 USD for his work on fuzzing OpenVPN 2.4.2 and finding a variety of memsafe and error handling flaws, responsibly disclosing them, and working with OSTIF and the OpenVPN security team to integrate his…

Continue Reading Congratulations to Guido Vranken for earning our first bug bounty!

The OpenVPN 2.4.0 Audit by OSTIF and QuarksLab Results

OpenVPN 2.4.0, the NDIS6 TAP Driver for Windows, the Windows GUI, and Linux versions were evaluated. This release included a number of new features including control channel encryption. QuarksLab found: 1 Critical/High Vulnerability CVE-2017-7478 1 Medium Vulnerability CVE-2017-7479 5 Low or Informational Vulnerabilities / Concerns This public disclosure of these vulnerabilities coincides with the release of OpenVPN 2.4.2 which fixes…

Continue Reading The OpenVPN 2.4.0 Audit by OSTIF and QuarksLab Results

The Audit of OpenVPN is Complete

The Audit of OpenVPN is Complete We have confirmed with QuarksLab that the security review of OpenVPN 2.4.0 is complete, and that they are now documenting the results. The process will then proceed as follows: QuarksLab will securely give these results to the OpenVPN security team on April 7th. The…

Continue Reading The Audit of OpenVPN is Complete

The OpenVPN Audit Begins February 15th 2017

The OpenVPN Audit Begins February 15th 2017 The OpenVPN audit is going to be carried out as planned by QuarksLab's Gabriel Campana and Jean-Baptiste Bedrune on February 15th 2017. There will be 90 man-days of work completed throughout this audit and it will take approximately 45 days to complete. During this…

Continue Reading The OpenVPN Audit Begins February 15th 2017

The OpenVPN Fundraiser Has Hit It’s Goal – Work On The Audit Begins

The OpenVPN Fundraiser Has Hit It's Goal - Work On The Audit Begins We are delighted to announce that the Open Source Technology Improvement Fund has surpassed it's target goal of $71,000 USD with two weeks of fundraising to spare! We are continuing to seek donations until fundraising officially ends…

Continue Reading The OpenVPN Fundraiser Has Hit It’s Goal – Work On The Audit Begins

More OpenVPN Updates!

Progress! Goals! Collaboration! We are reporting in with more progress updates on our fundraising, more specifics on our goals, and some positive news about collaboration. Fundraising: We have secured substantially more funding over the last few days, increasing our total cash raised to $41000. This places us at about 60%…

Continue Reading More OpenVPN Updates!

OpenVPN Audit Updates – News – And More!

Fundraising Is Going Well, Progress Is Fast! We have had a lot of early success with our OpenVPN fundraiser, and the community response to the project has been tremendous with privacy advocates, VPN review sites, and VPN providers coming together to raise over $34,000 USD over the last two weeks.…

Continue Reading OpenVPN Audit Updates – News – And More!