On 18 October 2016 22:38:43 GMT+01:00, grarpamp <grarpamp@gmail.com>
   wrote:

[1]https://ostif.org/the-veracrypt-audit-results/
[2]https://ostif.org/wp-content/uploads/2016/10/VeraCrypt-Audit-Final-for-Public
-Release.pdf
[3]https://ostif.org/ostif-quarklab-and-veracrypt-e-mails-are-being-intercepted/
VeraCrypt 1.18 and its bootloaders were evaluated. This release
included a number of new features including non-western developed
encryption options, a boot loader that supports UEFI (modern BIOSes),
and more.
QuarksLab found:
8 Critical Vulnerabilities
3 Medium Vulnerabilities
15 Low or Informational Vulnerabilities / Concerns
This public disclosure of these vulnerabilities coincides with the
release of VeraCrypt 1.19 which
fixes the vast majority of these high
priority concerns. Some of these issues have not been fixed due to
high complexity for the proposed fixes, but workarounds have been
presented in the documentation for VeraCrypt.

   Are [4]ostif.org a big target for DDoS?
   They hide behind Cloudflare and so become another useful site for
   gathering intel on ppl who would like to encrypt their files.

References

   1. https://ostif.org/the-veracrypt-audit-results
   2. https://ostif.org/wp-content/uploads/2016/10/VeraCrypt-Audit-Final-for-Public-Release.pdf
   3. https://ostif.org/ostif-quarklab-and-veracrypt-e-mails-are-being-intercepted
   4. http://ostif.org/