Over the past year, iSEC Partners has worked with the Open Technology Fund on several of their supported projects. OTF funds projects that develop open and accessible technologies promoting human rights and open societies. Some of the projects they support that we’ve been able to work on are Open Whisper Systems’ RedPhone and TextSecure, Commotion, and GlobaLeaks, among others.
We consider ourselves very fortunate to be able to work on projects that are both very technically interesting and helping make the world a better place. Projects that OTF supports are used ‘in the field’ documenting human rights abuses abroad, provide secure and encrypted communication platforms, and help document Internet interference and censorship. An extension of our Liberation Technology Auditing Cheatsheet, this work is directly in line with our efforts to make the entire Internet a more secure place.
In conjunction with these audits, we’ve also helped OTF perform a review of their audit process. The goal of this review was to take a look at the breadth, scope, and coverage of security audits performed on OTF funded applications to date. We aimed to identify the strengths and shortcomings in OTF’s current process and provide recommendations to improve the breadth of coverage and to derive greater value in the future. Applicable to both OTF and other funding agencies in the Liberation Technology and Civil Society communities, we hope this work inspires more development and more integration between security professionals and project teams. OTF has published this review over on their website where you can take a look.