OSTIF launches a fundraiser to audit OpenVPN

Ethernet cables

Most readers of VPN Compare are probably at least familiar with OpenVPN. As it currently stands, OpenVPN is one of the most trusted and respected VPN protocols in the world. It’s supported by nearly every VPN provider, and as a result, millions of people use it to secure their internet connection every single day.

With internet censorship and government surveillance on the rise, privacy is becoming an increasingly scarce resource. As a result, the popularity and utilization of VPN’s has been on the rise over the last decade. Jason Mander, head of trends at GlobalWebIndex – a market research firm, says that “as many as one of four people use a VPN” in their day-to-day.

While it’s great to see that privacy conscious individuals are fighting to keep their online freedoms, it’s also important that they have the correct tools to get the job done. For many people, OpenVPN is one of those tools. Though the protocol is widely regarded as the de-facto standard in the VPN community, no piece of software is perfect.

This is where OSTIF comes in.

What is OSTIF?

In short, OSTIF, or the Open Source Technology Improvement Fund, is a non-profit organization dedicated to strengthening the internet. The corporation is publically funded through donations, with the central goal of raising money for open-source projects that help shape the infrastructure of the world wide web.

OSTIF does its best to accomplish this large undertaking by offering sizable financial incentives to anyone that finds a major security bug in any of the projects that they are involved in, by handing out grants to trusted professionals for the purpose of conducting thorough audits of open source code, and by financing direct code improvements of what they call “worthy projects.”

If you couldn’t tell by the title of this article, their latest endeavour is the audit of OpenVPN. On November 22, OSTIF officially launched a fundraiser with the goal of financing this large undertaking.

OpenVPN Audit

The timing for this audit couldn’t have been better. OpenVPN version 2.4 had recently entered its beta stage, meaning a full, public release is soon to follow.

OpenVPN v.2.4 is the first major update to be released over the last couple of years, meaning that a large number of bugs have been squashed, and new features have likely been added. Judging by the current track record of OpenVPN, the next milestone update (2.5) won’t come for quite some time, making now the perfect opportunity for a thorough look at the code.

As mentioned earlier, OpenVPN is highly respected in VPN circles, and OSTIF’s goal isn’t to somehow “discredit” the protocol, but rather “add further integrity to the software,” and allow millions of users all over the world to rest easy knowing that OpenVPN is “strong and resistant to intrusion.”

In the coming weeks, OSTIF will conduct an independent audit of the open source code, searching for missed bugs, possible backdoors, and other previously overlooked security flaws. While it’s unlikely that OSTIF will find anything damning, a second set of eyes couldn’t hurt – especially when the privacy of millions is at stake.

Supporting the cause

VPN Compare stands behind OSTIF, and we’ve recently made a donation to help support this cause. If you want to learn more about the OSTIF mission, or make a donation of your own, visit their website.

If you want to support the effort, but find yourself financially unable to do so, you can still contribute by signing up for Amazon Smile and choosing OSTIF as your prefered charitable organization. By doing so, a small portion of your regular Amazon spending will be donated to the organization at no personal cost.

Leave a Reply

Your e-mail address will not be published. Required fields are marked *