Security First today released the results of a code audit of their Umbrella app, which provides human rights defenders with the information they need to operate safely. The audit was conducted in order to improve the security of the app by identifying existent vulnerabilities.
You can read more about the audit findings on the Security First blog here. On that page, you’ll find a link to the Umbrella code, which Security First has posted publicly in order to allow for continued testing and review by the open source community.
The audit, conducted by iSEC Partners and supported by OTF, can be viewed in PDF form here.
To learn more about the reasoning behind and value of public code audits, read “Code Audits are Good. Making Code Audits Public is Better” by our resident security expert Chad Hurley.