We take security reports seriously, and we sincerely appreciate private advanced notification of issues, in a responsible manner, before public disclosures that could put users at risk.
If you discover a security issue with Zetetic software or services, please email immediately at email@example.com. If the security issue is of a sensitive nature, please encrypt any communications using the PGP key below.
Upon receipt of the report, our team will work closely with you to ensure that we understand the scope and impact of the problem, and will make resolution of security issues our highest priority. Provided that you act in good faith towards our user's security, privacy, and data we will not take legal or administrative action against you.
Use the following link to download Zetetic's support public key.
Before you import the key into your keyring, please verify the fingerprint of the key with the following command:
gpg --with-fingerprint firstname.lastname@example.org
This should print the following information, please verify the fingerprint matches:
pub 4096R/97ED25C2 2014-04-22 Zetetic LLC <email@example.com> Key fingerprint = D83F 5F9E B811 D6E6 B4A0 D9C5 D1FA 3A2A 97ED 25C2 sub 3072R/67FD0322 2014-04-22 [expires: 2015-04-22] sub 3072R/D4DFEDA7 2014-04-22 [expires: 2015-04-22] sub 3072R/B1C49DF6 2014-04-22 [expires: 2015-04-22]
Alternatively, you can request the key from a key server through the following command, below we will use the sks keyservers pool.
gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys D1FA3A2A97ED25C2