Update README.md
This commit is contained in:
parent
2bd357f4cf
commit
d1ce3d17c5
|
@ -74,7 +74,7 @@ While being simple, Picocrypt also strives to be powerful in the hands of knowle
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
# Security
|
# Security
|
||||||
For more information on how Picocrypt handles cryptography, see <a href="Internals.md">Internals</a> for the technical details. If you're worried about the safety of me or this project, let me assure you that this repository won't be hijacked or backdoored. I have 2FA (TOTP) enabled on all accounts with a tie to Picocrypt (GitHub, Google, Reddit, Ubuntu One/Snapcraft, Discord, etc.), in addition to full-disk encryption on all of my portable devices. For further hardening, Picocrypt uses my isolated forks of dependencies and I fetch upstream only when I have taken a look at the changes and believe that there aren't any security issues. This means that if a dependency gets hacked or deleted by the author, Picocrypt will be using my fork of it and remain completely unaffected. You can feel confident about using Picocrypt.
|
For more information on how Picocrypt handles cryptography, see <a href="Internals.md">Internals</a> for the technical details. If you're worried about the safety of me or this project, let me assure you that this repository won't be hijacked or backdoored. I have 2FA (TOTP) enabled on all accounts with a tie to Picocrypt (GitHub, Google, Reddit, Ubuntu One/Snapcraft, etc.), in addition to full-disk encryption on all of my portable devices. For further hardening, Picocrypt uses my isolated forks of dependencies and I fetch upstream only when I have taken a look at the changes and believe that there aren't any security issues. This means that if a dependency gets hacked or deleted by the author, Picocrypt will be using my fork of it and remain completely unaffected. You can feel confident about using Picocrypt.
|
||||||
|
|
||||||
## Signatures
|
## Signatures
|
||||||
For the paranoid, Picocrypt is signed with PGP. The fingerprint and public key are listed below.
|
For the paranoid, Picocrypt is signed with PGP. The fingerprint and public key are listed below.
|
||||||
|
|
Loading…
Reference in New Issue