33 lines
1.3 KiB
Markdown
33 lines
1.3 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
We fix security issues as soon as they are found, and release firmware updates.
|
|
Each such release is accompanied by release notes, see <https://github.com/solokeys/solo/releases>.
|
|
|
|
The latest version can be determined using the file <https://github.com/solokeys/solo/blob/master/STABLE_VERSION>.
|
|
|
|
To update your key:
|
|
- either visit <https://update.solokeys.com>, or
|
|
- use our commandline tool <https://github.com/solokeys/solo-python>:
|
|
```
|
|
solo key update [--secure|--hacker]
|
|
```
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
To report vulnerabilities you have found:
|
|
|
|
- preferably contact [@conor1](https://keybase.io/conor1), [@0x0ece](https://keybase.io/0x0ece) or [@nickray](https://keybase.io/nickray) via Keybase, or
|
|
- send us e-mail using OpenPGP to [security@solokeys.com](mailto:security@solokeys.com).
|
|
|
|
<https://keys.openpgp.org/vks/v1/by-fingerprint/BFA3F5387D025E8945CF907FC2F2505A63868DFA>
|
|
|
|
We do not currently run a paid bug bounty program, but are happy to provide you with a bunch of Solo keys in recognition of your findings.
|
|
|
|
## Mailing List
|
|
|
|
Join our release notification mailing list to be informed about each release:
|
|
|
|
https://sendy.solokeys.com/subscription?f=9MLIqMDmox1Ucz89C892Kq09IqYMM7OB8UrBrkvtTkDI763QF3L5PMYlRhlVNo2AI892mO
|