Security

• Threat Model
  • Users Matrix
  • Anonymity Matrix
  • Communication Security Matrix
  • Usage Scenarios Matrix
  • Data Security Matrix
  • Threats to Anonymity and Confidentiality
    • Browser History and Cache
    • Metadata
    • Malware and Trojans
    • Network and Reverse Proxies
    • Data Stored Outside the Platform
    • Environmental Factors
    • Incorrect Data Retention Policies
    • Human Negligence
    • Advanced Traffic Analysis
• Application Security
  • Architecture
  • Anonymity
  • Authentication
    • Password
    • Receipt
  • Password Security
    • Password Storage
    • Password Complexity
    • Two Factor Authentication
    • Password Change on First Login
    • Periodic Password Change
    • Proof of Work on Login and Submissions
    • Rate Limit on Anonymous Sessions
    • Slowdown on Failed Login Attempts
    • Password Recovery
  • Web Application Security
    • Session Management
    • Cookies and XSRF Prevention
    • HTTP Headers
      • Strict-Transport-Security
      • Content-Security-Policy
      • Cross-Origin-Embedder-Policy
      • Cross-Origin-Opener-Policy
      • Cross-Origin-Resource-Policy
      • Permissions-Policy
      • X-Frame-Options
      • Referrer-Policy
      • X-Content-Type-Options
      • Cache-Control
    • Crawlers Policy
    • Anchor Tags and External URLs
    • Input Validation
      • On the Backend
      • On the Client
    • Form Autocomplete OFF
  • Network Security
    • Connection Anonymity
    • Connection Encryption
    • Network Sandboxing
  • Data Encryption
  • Application Sandboxing
  • Database Security
    • Secure Deletion
    • Auto Vacuum
    • Limited Database Trust
    • Limited Database Functionalities
  • DoS Resiliency
  • Other Measures
    • Browser History and Forensic Traces
    • Secure File Management
      • Secure File Download
      • Safe File Opening
      • PGP Encryption
    • Encryption of Temporary Files
    • Secure File Delete
    • Exception Logging and Redaction
    • Entropy Sources
    • UUIDv4 Randomness
    • TLS for SMTP Notification
• Encryption Protocol
  • Encryption’s Workflow
  • Encryption’s Details
    • Algorithms
    • Users’ Credentials
    • Users’ Keys
    • Data Encryption’s Keys
  • Key Generation
  • Key Recovery
  • Key Escrow
• Security Audits