Publish security audit and related info

censorship-no-archive / ceno1

(Deprecated PoC) Innovative censorship evading technology based on p2p distributed caching network

https://censorship.no

GNU Affero General Public License v3.0

58 stars 14 forks source link

Publish security audit and related info #238

Open graphiclunarkid opened 8 years ago

graphiclunarkid commented 8 years ago

We need to

Publish the NCC audit report
Publish information about which vulnerabilities are fixed.
Inform users about remaining vulnerabilities
Document how users can mitigate remaining vulnerabilities where possible

graphiclunarkid commented 8 years ago

Just a reminder to @misaakidis to push your latest version of the documentation related to this issue ASAP so that we can pick up where you've left off. Don't bother tidying it up first - we can cope!

graphiclunarkid commented 8 years ago

Related Redmine ticket, with draft NCC report attached, and linking to private issues for each finding we need to address: https://redmine.equalit.ie/redmine/issues/3658

florianap commented 8 years ago

I've added a document for securing bridge nodes to solve some issues: https://github.com/equalitie/ceno/blob/next/doc/secure-bridge.md