The core of CDR Link is built upon the open-source project Zammad. Zammad is an amazingly flexible bit of technology, allowing for all kinds of ways to import and export data. By default, Zammad is a digital security helpdesk. However, we’ve been exploring and adapting it for many other uses, including as a disinformation data collection platform.
Throughout our process one thing remains central – the integrity and security of what we build and use.
Since the Zammad platform is so central to our work at CDR and the work of our partners, it’s essential that we verify the integrity and security of the code. With the support of Open Technology Fund our partners at Guardian Project put the platform through a detailed security audit. We are happy to report the results are released and many of our recommendations have been incorporated into the most recent Zammad release, version 3.3.
In fact, security was the biggest priority of their release! :)
All the security updates are important, but those listed below were triggered specifically by our audit. Click the links and dig in!