Message contacts and share files simply and securely with Peerio.
Two penetration tests were conducted against Peerio. These penetration tests and code audits against several parts of the Peerio software compound took an overall of 10 days. It engaged five testers of the Cure53 team, who were tasked with coverage of different parts of the tested scope. The report describes the first of the envisioned three to four different rounds of testing. In this regard it can only be seen as an interim document, which will eventually become a substantial component of the future aggregated large document. The final documentation will appear when all stages of testing are complete.
Peerio presents itself as definitely robust and strong against a large amount of threats. The code is not only clean and well-readable, but its proper organization fosters the ease of audit process. It was not possible to discover a critical issue at this time, although the vulnerability described in PT -02-001 should be noted as coming close to that classification.
The full audits and summary of findings can be found below.