On 18 October 2016 22:38:43 GMT+01:00, grarpamp <grarpamp@gmail.com> wrote:
https://ostif.org/the-veracrypt-audit-results/
https://ostif.org/wp-content/uploads/2016/10/VeraCrypt-Audit-Final-for-Public-Release.pdf
https://ostif.org/ostif-quarklab-and-veracrypt-e-mails-are-being-intercepted/

VeraCrypt 1.18 and its bootloaders were evaluated. This release
included a number of new features including non-western developed
encryption options, a boot loader that supports UEFI (modern BIOSes),
and more.

QuarksLab found:
8 Critical Vulnerabilities
3 Medium Vulnerabilities
15 Low or Informational Vulnerabilities / Concerns

This public disclosure of these vulnerabilities coincides with the
release of VeraCrypt 1.19 which fixes the vast majority of these high
priority concerns. Some of these issues have not been fixed due to
high complexity for the proposed fixes, but workarounds have been
presented in the documentation for VeraCrypt.

Are ostif.org a big target for DDoS?
They hide behind Cloudflare and so become another useful site for gathering intel on ppl who would like to encrypt their files.