CodeMirror/Picocrypt
1
0
Fork 0
mirror of https://github.com/HACKERALERT/Picocrypt.git synced 2024-06-03 02:44:48 +12:00
Code Issues Projects Releases Wiki Activity

Add network request note

Browse source
This commit is contained in:
Evan Su 2022-01-15 15:27:01 -05:00 committed by GitHub
parent eeea74ef41
commit 9480f4cf9e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -55,6 +55,8 @@ In addition to these comprehensive options for encryption and decryption, Picocr
# Security
For more information on how Picocrypt handles cryptography, see <a href="Internals.md">Internals</a> for the technical details. If you're worried about the safety of me or this project, let me assure you that this repository won't be hijacked or backdoored. I have 2FA (TOTP) enabled on all accounts with a tie to Picocrypt (GitHub, Google, Reddit, Ubuntu One/Snapcraft, Discord, etc.), in addition to full-disk encryption on all of my portable devices. For further hardening, Picocrypt uses my isolated forks of dependencies and I fetch upstream only when I have taken a look at the changes and believe that there aren't any security issues. This means that if a dependency gets hacked or deleted by the author, Picocrypt will be using my fork of it and remain completely unaffected. You can feel confident about using Picocrypt.
Note: Current versions of Picocrypt will make a network request to raw.githubusercontent.com to check whether a newer verison of Picocrypt is available. In the future, when Picocrypt becomes production-ready, I will remove the update checker and Picocrypt will become completely isolated from the Internet.
# Community
Here are some places where you can stay up to date with Picocrypt and get involved:
<ul>