The OpenVPN Audit Begins February 15th 2017
The OpenVPN audit is going to be carried out as planned by QuarksLab’s Gabriel Campana and Jean-Baptiste Bedrune on February 15th 2017. There will be 90 man-days of work completed throughout this audit and it will take approximately 45 days to complete.
During this time period, we will work with the OpenVPN team to address issues as they are found on the fly. Once we are confident that the issues have been addressed, we will release the full results of the audit to the public. We expect to have final results released to the public by April 7th 2017.
The details about the value of this effort and the power of OSTIF are below:
OpenVPN is a cross platform and well supported Virtual Private Network application that is free to use for everyone around the world. It is available for all versions of Windows, OSX, Android, iOS, Chrome OS, most versions of Linux, and BSD. It is used worldwide by businesses to protect information that goes over insecure networks, and increasingly it is used by private users who want to protect their information from cybercrime and surveillance. OpenVPN is powerful, free, and used by millions of people. An audit of OpenVPN will add further integrity to the software, allowing users around the world to trust that the software is strong and resistant to intrusion.
OpenVPN version 2.4 has just entered beta, with a full release to soon follow. As the first major revision of the software to be released in years, it has a huge number of bug fixes and feature changes under the hood, giving an audit a great opportunity to review these new areas of code that will likely persist for years with small changes until OpenVPN 2.5 is ready to go. It is the most effective time for an audit to take place.
We are an independent advocate for free and open software that improves the security of users around the world. We are efficient, open, and ready to tackle the problems that face free software. We have just completed our audit of VeraCrypt 1.18 a few months ago, and we are striking while the iron is hot to continue making harder and more powerful security software for all of us.
Early credits for groups that are contributing to the effort:
Leading the effort, the groups that have made significant contributions to the cause:
iPredator has contributed 10 BTC or about $7700
OpenVPN Technologies Inc. has contributed $5000
Perfect Privacy has contributed $3500
nVpn.net has contributed $2650
ExpressVPN has contributed $2500
SmartDNSProxy has contributed $2500
iVPN has contributed $2100
VikingVPN has contributed $2000, making their total contribution to OSTIF $2000.
ZorroVPN has contributed $1600
SecureVPN.to has contributed $1500
VPN.ac has contributed $1500
GetFlix has contributed $1350
CryptoStorm has contributed $1337
TrickByte has contributed $1150
NordVPN has contributed $1000
BlackVPN has contributed $1000
Also contributing to the effort:
FatDisco has contributed $650
BestSmartDNS has contributed $600
StrongVPN has contributed $500
Windscribe has contributed $500
Celo.net has contributed $400
BolehVPN has contributed $300
ThatOnePrivacySite has contributed $200. They have also agreed to add a field to their famous VPN Comparison Chart showing which VPN services contribute back to the privacy community. (under activism – gives back to privacy causes)
VPNcompare.co.uk has contributed $201
BestVPN has contributed $300 and plans to write an article about the fundraiser, helping us reach out the privacy community!
InvizBox has contributed $100
Ender Informatics GmbH has contributed $100
OpenVPN is the industry standard for private VPN’s. I wish both OpenVPN and the audit, the utmost success. We all need OpenVPN to continue to be our flag-bearing privacy software.