Nord Security (Nord) has released the source code for its Linux NordVPN client and associated network libraries in hopes of being more transparent and alleviating users’ security and privacy concerns.
Yesterday, Nord announced that it would make its NordVPN MeshNet private tunneling feature free for all users who install its software, even if they don’t have a paid subscription.
This feature allows users to create private tunnels between other NordVPN users to access the Internet through the shared network or access internal devices such as private game servers.
As part of this announcement, NordVPN released the source code for its Linux applications and two libraries: Libtelio and Libdrop.
“We are making these products open source as a sign of our commitment to transparency and accountability,” Nord’s announcement reads.
“We want the input and scrutiny of the programming community and show them that we have confidence in our own software.”
All three projects are now on the Nord Security GitHub page, with full instructions on how to build NordVPN Linux and the libraries.
Source: Bleeping Computer
The LibDrop library is part of Nord’s MeshNet feature, which allows users to send and receive files through the private tunnel.
The other library is the LibTelio networking library, which according to Nord is widely used in all NordVPN apps on all operating systems, is responsible for creating encrypted networks via the MeshNet feature.
“Open sourcing Libtelio is a particularly important step because this code forms the backbone of all of our NordVPN apps, not just our Linux client,” Nord explains.
“Putting this material into the hands of the Linux community, one of the strongest open source communities currently active, encourages talented coders and developers to examine our code and improve our service.”
Finally, the complete source code of the NordVPN Linux app can be downloaded and compiled, and the company encourages users to modify it to suit their own needs.
Nord Security encourages users to examine the source and report any bugs you may find.
Security vulnerabilities in the Linux client can be reported to Nord Security’s HackerOne bug bounty program, with bugs rated critical receiving bounties ranging from $10,000 to $50,000.
