We take security reports seriously, and we sincerely appreciate private advanced notification of issues, in a responsible manner, before public disclosures that could put users at risk.
If you discover a security issue with Zetetic software or services, please email immediately at email@example.com. If the security issue is of a sensitive nature, please encrypt any communications using the PGP key below.
Upon receipt of the report, our team will work closely with you to ensure that we understand the scope and impact of the problem, and will make resolution of security issues our highest priority. Provided that you act in good faith towards our user's security, privacy, and data we will not take legal or administrative action against you.
Use the following link to download Zetetic's support public key.
Before you import the key into your keyring, please verify the fingerprint of the key with the following command:
gpg --import support_zetetic_net_public_key.gpg gpg -k --with-fingerprint firstname.lastname@example.org
This should print the following information, please verify the fingerprint matches:
pub rsa4096 2014-04-22 [C] [expires: 2022-05-16] D83F 5F9E B811 D6E6 B4A0 D9C5 D1FA 3A2A 97ED 25C2 uid [ unknown] Zetetic LLC <email@example.com> sub rsa3072 2014-04-22 [S] [expires: 2022-05-16] sub rsa3072 2014-04-22 [E] [expires: 2022-05-16] sub rsa3072 2014-04-22 [A] [expires: 2022-05-16]
Alternatively, you can request the key from a key server through the following command, below we will use the sks keyservers pool.
gpg --keyserver hkps://keys.openpgp.org --recv-keys D1FA3A2A97ED25C2