QuarkLabs VeraCrypt Audit Results
oshwm
oshwm at openmailbox.org
Tue Oct 18 14:55:40 PDT 2016
On 18 October 2016 22:38:43 GMT+01:00, grarpamp <grarpamp at gmail.com> wrote:
>https://ostif.org/the-veracrypt-audit-results/
>https://ostif.org/wp-content/uploads/2016/10/VeraCrypt-Audit-Final-for-Public-Release.pdf
>https://ostif.org/ostif-quarklab-and-veracrypt-e-mails-are-being-intercepted/
>
>VeraCrypt 1.18 and its bootloaders were evaluated. This release
>included a number of new features including non-western developed
>encryption options, a boot loader that supports UEFI (modern BIOSes),
>and more.
>
>QuarksLab found:
>8 Critical Vulnerabilities
>3 Medium Vulnerabilities
>15 Low or Informational Vulnerabilities / Concerns
>
>This public disclosure of these vulnerabilities coincides with the
>release of VeraCrypt 1.19 which fixes the vast majority of these high
>priority concerns. Some of these issues have not been fixed due to
>high complexity for the proposed fixes, but workarounds have been
>presented in the documentation for VeraCrypt.
Are ostif.org a big target for DDoS?
They hide behind Cloudflare and so become another useful site for gathering intel on ppl who would like to encrypt their files.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1754 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20161018/57c8d3e9/attachment.txt>
More information about the cypherpunks
mailing list