Our great sponsors
-
PrivateBin
A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Especially in the area you guys are operating in, I think it would be great if you could implement RFC 9116 (https://securitytxt.org/). If someone finds a vulnerability on your website, the client or even the SPN, this would make communication or a responsible disclosure process much easier. Furthermore, it would be great if the possibility for secure communication with your staff (e.g. using GPG) would be possible.
Also when sending a ticked via Portmaster we use https://privatebin.info/ (self hosted) which is encrypted and auto deletes the info after (I think) a week
Thanks for the suggestion, concerns about code is best discussed over on GitHub https://github.com/safing/portmaster/issues