Update status FileSender 2.0, end of March

A short update on where we are with version 2.0.

I guess the most important to mention is the 2nd security audit is done.  I haven’t seen the report yet but our lead developer Etienne has.  Three small issues were found, all without an active attack vector.  My conclusion so far is the 2.0 code is secure.  The report will find its way to my inbox in the next weeks after which we’ll publish a similar response document as we did for the 1st security audit.

We’ve also been fixing various bugs, simplifying code and in general making things more robust.  Right now Etienne is looking into making the uploads more robust without resorting to hashing for file integrity protection.  The latter is too slow given currently available functionality in browsers so we need to settle for next-best: be able to detect exactly which chunks we did and did not receive.  Sounds like TCP all over again doesn’t it 😉

With its required security audit almost out of the way the French NREN Renater plans to launch its public beta based on version 2.0 next week.  After some weeks of public beta the plan is to move their production site to version 2.0.  From the project’s point of view this means field testing will start 🙂

Before the project can release a beta we first need to get quite a number of things out of the way.  Client-side testing, documentation, defining an upgrade path from 1.6 to 2.0, robust installation etc.

Are you curious to see what’s in version 2.0?  Interested in trying it out?

Do you want the 2.0 release to progress faster?  Help out with documenting!  Send me an email on jan dot meijer at uninett dot no.

2 responses to “Update status FileSender 2.0, end of March

  1. Hello,
    I am reading about the second security audit that has been completed for version 2.0. Is it possible to publish the report so it’s possible to get a good picture of the security of filesender 2.0?
    Many thanks,
    Peter van der Els,
    CISO
    RID-Utrecht.

    • Nicole Harris

      Hi Peter – yes the plan is to publishing the main findings of the report here very shortly. Many thanks! Nicole

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s