Open Source (2)
Google's SLSA Looks Good, But Is It Enough?
Today, open source is all around us—in nearly all proprietary codebases and community projects. For companies, the question isn't if you are or aren't using open source code—it's what open source code you're using. If you aren't aware of your software supply chain, a vulnerability in one of your dependencies can affect your product, making you
6 minute read
Why Open Source Security Really Is More Secure
Facebook. Apple. Capital One. Marriot. Time after time, companies we trust experience data breaches — but it’s the individual customers who suffer. They’re the ones whose personal and even financial data is exposed to the world. It’s only natural, therefore, that in the face of such frequent and growing cyberattacks, people will question what type
3 minute read
Meet the Author of Multiple OpenVPN Books
My name is Jan Just Keijser — otherwise known as JJK in OpenVPN circles. I am an IT professional with about 25 years of experience, and I've been using OpenVPN for nearly 16 years now. I currently work as a Software Engineer at Nikhef, a physics research lab in Amsterdam. I work on high performance and high throughput computing. I have also
4 minute read
DIY MFA Setup | Community Edition
We’re going to use oathtool for our DIY setup on a FreeBSD host. These steps should be nearly identical on a Linux host, however. We need to create a file with our users and secrets. These secrets are the same secrets your users will import into their MFA application (OTP Auth, Google Authenticator, Okta Verify, etc.).
3 minute read
Commercial MFA Setup
Okta provides a free level for their developer accounts, which is what I used for this example. I use Okta in my day job (as a sysadmin), and the setup and configuration are the same, so this is a safe avenue for exploration and testing.
3 minute read
OpenVPN Inc. Bolsters Leadership in Virtual Private Networking: Becomes a CVE Numbering Authority
PLEASANTON, CALIF.– May 19, 2020 – OpenVPN has long been the de facto standard in the open source networking space — and is now a member of the CVE Numbering Authority (CNA) program. OpenVPN is now stepping up to be more directly involved in assigning and managing CVEs related to all the OpenVPN software projects. By becoming a CNA, OpenVPN joins
2 minute read
The History of OpenVPN
OpenVPN was launched through the joint efforts of co-founders Francis Dinha and James Yonan. While both of these leaders have very different backgrounds and very different skillsets, together they’ve built a company that has changed the face of cybersecurity worldwide.
6 minute read
No flaws found in OpenVPN software
A research team from the University of New Mexico discovered a vulnerability currently being tracked as CVE-2019-14899 which claims that VPN connections can be hijacked on Linux and Unix systems. The report mentioned the OpenVPN protocol. As part of good security principles, we are looking into this and any possible attack vectors, however we have
1 minute read
OpenVPN Hackathon 2019
OpenVPN’s open source community wrapped up their annual hackathon on November 10th, in Trento, Italy. In attendance were ten software developers that are all members of the OpenVPN community. “The goal of the Hackathon is to get the open source guys together, and discuss current topics, and then execute on them.” Johan Draaisma, Product Manager at
5 minute read
Why Open Source Software is Good for Business
Many people still believe the myth that proprietary software, or software that is owned by an individual or a company, is more valuable than the alternative — open source software. However, there are almost always significant restrictions on proprietary software use, and its source code is almost always kept secret.
3 minute read