LEAP article in Columbia Journalism Review

The Columbia Journalism review has a nice introduction to LEAP encrypted email and the importance of secure communication for journalists.

Repository Key Refresh

We screwed up and let our debian repository key expire. The responsible parties have been punished (no more free back rubs). You have three options to fix it...

LEAP Platform release 0.5.0

We are happy to announce that the 0.5.0 version of the Leap Platform has been released! There have been a staggering number of improvements since the last release that touch a lot of areas. I'll give you a higher level summary of the changes here.

Google Summer of Code 2014

LEAP has selected three Google Summer of Code projects that we are really excited about. One focuses on improving Soledad transport, another on better Windows integration, and a third on adding obfsproxy to the encrypted internet proxy. Congratulations to the students who submitted these projects, they stood out above the rest of the proposals.

In the coming months, stay tuned for updates on the progress made to these Google Summer of Code projects.

Bitmask "long time no see" release

It's is with pleasure that we announce the arrival of the 0.5.0 version of Bitmask, code named "long time no see"! With over 187 files changed, 19627 insertions(+) and 5005 deletions(-), this release of the bitmask client is one of the largest to date! To get the latest version, you can visit the Bitmask downloads page.

Release 0.5.1

We are happy to announce the 0.5.1 LEAP release, code named "los trecesemanas" or "lil less leaky". This rapid round of development focused primarily on getting our Encrypted Internet Proxy (VPN) system secured against data leakage, as well as the continued refactor of the soon to be released encrypted email service.

Release 0.5.2

Along with ongoing bug fixes and stability enhancements, the 0.5.2 release of the bitmask client focused on improving VPN security features added in the prior release. In Android development, we are laying the groundwork for better coordination with ics-openvpn which will improve stability and user experience. We plan to launch our beta VPN service in the coming weeks. All of our code that is released is now signed by the LEAP code signing key (key ID 0x1E34A1828E207901, Fingerprint 1E45 3B2C E87B EE2F 7DFE 9966 1E34 A182 8E20 7901).

Release 0.6

This release gets the award for most improved, with a focused on major overhauls of the Android and Linux Bitmask clients. These apps now have better security, usability, and stability. We have temporarily broken our practice of releasing all projects with the same version at the same time.

Bitmask Public Beta

The LEAP Encryption Access Project (LEAP) is launching the first public beta of the Bitmask application for Linux and Android. Bitmask is an open source application to provide easy and secure encrypted communication. You can choose among several different service providers or start your own. Bitmask supports VPN with Encrypted Email coming soon.

Platform HotFix Release 0.5.4.1

This Platform release is a hotfix release, resolving a couple issues that came up in the previous release. It fixes tapicero dependency ordering so it will start more reliably (#6004); resolves the /etc/hosts ordering to properly construct the FQDN (#5835); and finally a fix for the logging problem (#6020)

Bitmask Android 0.7.0

We've released a new version of our Android client, which improves the stability of our VPN tunnel and fixes a bunch of bugs.

Bitmask Desktop v0.7.0-rc1 is ready for testing

Starting today users can run a "stable" or "unstable" version of Bitmask. For each new version, we will first issue an "unstable" public release candidate. People who are in position to run bleeding edge code can run the "unstable" version and help us find any problems that we might have missed.

Poodle hot-fix

As you may have heard, there is a new dog in town, and it is a Poodle. Poodle (Padding Oracle On Downgraded Legacy Encryption) is the name for a severe flaw in the SSLv3 protocol, which can be exploited to force connections to reveal plain-text. The Poodle announcement brought with it the death of the SSLv3 protocol, and none too soon.

New releases for a new year

LEAP is happy to celebrate the days getting longer with shiny new releases of the LEAP platform and Bitmask client for Linux and Android. We resolved over 160 issues for the platform release alone!