We are undergoing the same CASA audit (required to access Google Drive API). And we do have people forking and building the project from source, so one can hope they read what they compile. Strongbox' source code is half-closed (see #784 in their repo) so source-level independent audit is impossible.
Otherwise, no. A third-party audit costs like a year of part-time developer, and at this stage the developer is more useful.
Don‘t know if Strongbox is working well? Developed by a single programmer… and no Audits available.
They address that here: https://strongboxsafe.com/support/#reamaze#0#/kb/security-an...
Is Keepassium audited?
We are undergoing the same CASA audit (required to access Google Drive API). And we do have people forking and building the project from source, so one can hope they read what they compile. Strongbox' source code is half-closed (see #784 in their repo) so source-level independent audit is impossible.
Otherwise, no. A third-party audit costs like a year of part-time developer, and at this stage the developer is more useful.
1 reply →