We at Octopodal Solutions take user security very seriously, which is why it is very important for us to make it as easy and clear as possible for people to alert us to potential security concerns. The proper procedure should you find such a bug is as follows:
- Write an email detailing the precise nature of the vulnerability.
- Encrypt with our PGP key.
- Send it to [email protected].
We will respond to you as soon as possible, likely within 24 hours. If we have any further questions, expect a response back.
We encourage everyone interested in submitting a disclosure to read the IETF's "Responsible Vulnerability Disclosure Process" and follow the guidelines and principles within.
Depending on the severity and scale of the vulnerability, you may (at your discretion) be recognized for your work. We are not offering monetary compensation at this time.
We thank you for your interest, and hope that we can work together to make great software!