Menu
OpenVPN will be audited for security flaws

OpenVPN will be audited for security flaws

Cryptographer Matthew Green will analyze the popular software for flaws

The next major version of OpenVPN, one of the most widely used virtual private networking technologies, will be audited by a well-known cryptography expert.

The audit will be fully funded by Private Internet Access (PIA), a popular VPN service provider that uses OpenVPN for its business. The company has contracted cryptography engineering expert Matthew Green, a professor at Johns Hopkins University in Baltimore, to carry out the evaluation with the goal of identifying any vulnerabilities in the code.

Green has experience in auditing encryption software, being one of the founders of the Open Crypto Audit Project, which organized a detailed analysis of TrueCrypt, a popular open-source full-disk encryption application. TrueCrypt has been abandoned by its original developers in 2014, but its code has since been forked and improved as part of other projects.

Green will evaluate OpenVPN 2.4, which is currently the release candidate for the next major stable version. For  now, he will look for vulnerabilities in the source code that's available on GitHub, but he will compare his results with the final version when released in order to complete the audit.

Any issues that are found will be shared with the OpenVPN developers and the results of the audit will only be made public after they have been patched, PIA's Caleb Chen said in a blog post.

"Instead of going for a crowdfunded approach, Private Internet Access has elected to fund the entirety of the OpenVPN 2.4 audit ourselves because of the integral nature of OpenVPN to both the privacy community as a whole and our own company," Chen said.

The OpenVPN software is cross-platform and can be used both in server or client modes. It's therefore used by end-users to connect to VPN servers and by companies to set up such servers. The software is also integrated in commercial consumer and business products.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments