We take security reports seriously, and we sincerely appreciate private advanced notification of issues, in a responsible manner, before public disclosures that could put users at risk.
If you discover a security issue with Zetetic software or services, please email immediately at support@zetetic.net. If the security issue is of a sensitive nature, please encrypt any communications using the PGP key below.
Upon receipt of the report, our team will work closely with you to ensure that we understand the scope and impact of the problem, and will make resolution of security issues our highest priority. Provided that you act in good faith towards our user's security, privacy, and data we will not take legal or administrative action against you.
Use the following link to download Zetetic's support public key.
Public Key: Zetetic LLC <support@zetetic.net>
Before you import the key into your keyring, please verify the fingerprint of the key with the following command:
gpg --import support_zetetic_net_public_key.gpg gpg -k --with-fingerprint support@zetetic.net
This should print the following information, please verify the fingerprint matches:
pub rsa4096/0xD1FA3A2A97ED25C2 2014-04-22 [C] [expires: 2024-06-11] Key fingerprint = D83F 5F9E B811 D6E6 B4A0 D9C5 D1FA 3A2A 97ED 25C2 uid Zetetic LLC <support@zetetic.net> sub rsa3072/0x0CB99EE267FD0322 2014-04-22 [S] [expires: 2024-06-11] sub rsa3072/0x3A7D809DD4DFEDA7 2014-04-22 [E] [expires: 2024-06-11] sub rsa3072/0x62AE2C1CB1C49DF6 2014-04-22 [A] [expires: 2024-06-11]
Alternatively, you can request the key from a key server through the following command, below we will use the sks keyservers pool.
gpg --keyserver hkps://keys.openpgp.org --recv-keys D1FA3A2A97ED25C2