deploy: 29f919b3d6

blog/20221108-simplex-chat-v4.2-security-audit-new-website.html

@@ -230,7 +230,7 @@ window.addEventListener('scroll',changeHeaderBg);
 <p><a href="https://www.trailofbits.com/about">Trail of Bits</a>, a US based security and technology consultancy whose clients include big tech companies, governmental agencies and major blockchain projects, had 2 engineers reviewing SimpleX Chat, specifically <a href="https://github.com/simplex-chat/simplexmq">simplexmq library</a> that is responsible for all cryptography and networking of SimpleX platform.</p>
 <p>2 medium and 2 low severity issues were identified, all of which require a high difficulty attack to exploit – the attacker would need to have a privileged access to the system, may need to know complex technical details, or must discover other weaknesses to exploit them. 3 of these issues are already fixed in v4.2.</p>
 <p>Overall we have SimpleX Chat in a decent shape, with most reviewed areas other than identified issues being marked as &quot;satisfactory&quot;, and authentication and access controls as &quot;strong&quot;.</p>
-<p>The issues are explained below, and the full security review is available via <a href="https://github.com/simplex-chat/simplex-chat/blob/stable/docs/SimpleX_Chat_Final_Report_11_03_2022.pdf">this link</a>.</p>
+<p>The issues are explained below, and the full security review is available via <a href="https://github.com/trailofbits/publications#technology-product-reviews">Trail of Bits publications</a>.</p>
 <p>We are hugely thankful to Trails Of Bits and their engineers for the work they did, helping us identify these issues and strengthen the security of SimpleX Chat.</p>
 <h3 id="medium-severity-issues" tabindex="-1">Medium severity issues</h3>
 <h4 id="x3dh-key-exchange-for-double-ratchet-protocol" tabindex="-1">X3DH key exchange for double ratchet protocol</h4>