Security
Bitcaster’s development team is strongly committed to responsible reporting and disclosure of security-related issues. As such, we’ve adopted and follow a set of policies which conform to that ideal and are geared toward allowing us to deliver timely security updates to the official distribution of Bitcaster, as well as to third-party distributions.
Reporting Security Issues
If you've found a security issue in Bitcaster or in our supported SDKs, you can submit your report to security[@]bitcaster.io via email.
Please include as much information as possible in your report to better help us understand and resolve the issue:
- Where the security issue exists (ie. Bitcaster Server, SDK, etc.)
- The type of issue (ex. SQL injection, cross-site scripting, missing authorization, etc.)
- Full paths or links to the source files where the security issue exists, if possible
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof of concept or exploit code, if available
Data Privacy
To encrypt sensitive information that is sent to us, our PGP key can be found on keyservers ⧉ with the fingerprint:
6EA1 A80D DDB2 0FC7 CC38 0612 B48C D721 62AE F583