What is Openly Operated™?

Trust Through Transparency

A Set Of Standards For Apps To Be Transparent

Openly Operated™ apps follow a strict set of requirements that ensure their entire operation is transparent - including source code, configuration, infrastructure, audit logs, and more. They enable a level of trust not possible with today's typical black box app, where users have no idea what's really happening with their data. Instead of just publishing a Privacy Policy, Openly Operated™ apps are able to prove their Privacy Policy.

Openly Operated™ Requirements

Open Source Code All server and client code must be 100% open source.
Open Infrastructure Configuration and backend infrastructure must be public.
Audit Logs Public, unforgeable, and comprehensive operational logs.
No Tampering Don't allow employees to access servers directly (SSH).
Documentation Code and infrastructure must be documented for auditing.
Independent Audits Publish results of independent audits periodically.
Read-Only Account Allow read-only access to servers upon request.
Bug Bounty Optional Active bug bounty programs increase overall security.

Apps Today Are Black Boxes With No Accountability

Today, companies are trying to get their greedy little hands on your personal data any way they can, so users have to be picky about what apps they use. But users have no way of knowing if an app can be trusted - after all, Privacy Policies can be copy pasted or be outright lies, especially for companies that are headquartered offshore, outside of any consumer protection laws. Because apps today are black boxes, using a typical VPN or app might expose your data to many third parties:

Openly Operated™ Creates Trust Through Transparency

Openly Operated™ companies have to not only open source all code, but also open up all operational aspects of their service. This includes everything from the network configuration to database setup, leaving no room for the service to hide software that might be selling your data to third parties, or improperly protecting data from company employees and other threats. See the difference below:

Confirmed VPN Is The First Openly Operated™ VPN

When we came up with Openly Operated™ standards, we wanted to prove that it could work by building a real product. We picked the industry most vulnerable to abuse of customer data: VPNs. When you activate a VPN, all your data and browsing passes through it, so it's especially important that you can trust your VPN.

Please check out our Openly Operated™ Verification below, whether you're a user, a developer interested in earning user trust, a security or privacy professional, or just plain curious. We hope other companies will follow suit and provide users trust through transparency.


Openly Operated™ Verification

Source Code 100% Open Sourced Server & Client GitHub
Infrastructure 100% Open Sourced Infrastructure GitHub
Audit Logs Comprehensive Logs From Inception Download
(Warning: Large)
No Tampering Proven With Open Watch Tool Open Watch
Documentation Both Architecture And Code GitHub
Independent Audits Two Completed, More Audits Soon Factor13 LLC, 12/2018 Ryan Koven, 11/2018
Read-Only Account Available Upon Request Request
Bug Bounty Active Project Through hackerone hackerone
Last Updated: December 11th, 2018

Our Mission

At Confirmed, our mission is to increase user trust in the web services and apps that they use every day. People shouldn't have to be in the dark about what's happening with their personal data. We believe that complete transparency through being Openly Operated™ is the future, and that once people experience this level of trust and assurance, they'll never want to go back to black box apps again. You can learn more on About Us.

Start a free 1 week trial.

Try the only Openly Operated™ way to browse securely and privately.

DOWNLOAD

Mac iOS PC Android

© 2018 Confirmed, Inc. All rights reserved.