summaryrefslogtreecommitdiff
authorMarco Barulli <marco@clipperz.com>2014-05-02 10:20:51 (UTC)
committer Marco Barulli <marco@clipperz.com>2014-05-02 10:20:51 (UTC)
commit03659f6b3d9766898854e8a769c0c9341b3de80c (patch) (unidiff)
treeda1bcc8d9a5623c34ea9b541ea71f84848aa6d33
parente4074dbd68760aab9350fad4c7a588a44da187c3 (diff)
downloadclipperz-03659f6b3d9766898854e8a769c0c9341b3de80c.zip
clipperz-03659f6b3d9766898854e8a769c0c9341b3de80c.tar.gz
clipperz-03659f6b3d9766898854e8a769c0c9341b3de80c.tar.bz2
added more visible security warning, updated URLs
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--README.md32
1 files changed, 17 insertions, 15 deletions
diff --git a/README.md b/README.md
index e44df48..8e7cb6b 100644
--- a/README.md
+++ b/README.md
@@ -10,22 +10,27 @@ Since passwords are the most common type of private information that you need to
10**Clipperz makes the Internet the most convenient and safe place to keep you most precious and sensitive data.** 10**Clipperz makes the Internet the most convenient and safe place to keep you most precious and sensitive data.**
11 11
12Read more on the [Clipperz website][home]. 12Read more on the [Clipperz website][home].
13 13
14[home]: http://www.clipperz.com 14[home]: https://clipperz.is
15 15
16## Why an open source version 16## Why an open source version of Clipperz?
17 17
18Because we want to enable as many people as possible to play with our code. So that you can start trusting it, the code not the developers. 18Because we want to enable as many people as possible to play with our code. So that they can start trusting it. The code, not its developers.
19 19
20In order to allow you to inspect the code and analyze the traffic it generates between client and server, we had to provide an easy way to locally deploy the whole service. 20In order to allow anyone not just to inspect the source code, but also to analyze the traffic it generates between client and server, we made available this open source version as an easy way to locally deploy the whole password manager web app on your machine. You can choose among the available backends (PHP/MySQL, Python/AppEngine, …) or [contribute][CA] your own.
21 21
22Feel free to host on your machine a web service identical to [Clipperz online password manager][home]. You can choose among **multiple backends** (PHP/MySQL, Python/AppEngine, …) or you can [contribute][CA] your own. 22Whatever is your motivation for playing with Clipperz code, we would love to hear from you: [get in contact][contact]!
23 23
24Whatever is your motivation, we would love to hear from you: [get in contact!][contact] 24## Security warning
25 25
26[CA]: http://www.clipperz.com/open_source/contributor_agreement 26The open source version of Clipperz is suitable for **testing and educational purposes only**. Do not use it as an actual password management solution.
27[contact]: http://www.clipperz.com/about/contacts 27
28As an example, the current PHP backend lacks several critical capabilities such as bot protection and concurrent sessions management, moreover it could be vulnerable to serious threats (SQL injections, remote code execution, ...).
29
30[CA]: https://clipperz.is/open_source/contributor_agreement
31[contact]: https://clipperz.is/about/contacts
32[clipperz]: https://clipperz.is
28 33
29 34
30## Donations 35## Donations
31If you like what Clipperz is building, its openness and its view of cryptography as a powerful tool for liberty, then you may consider making a donation. 36If you like what Clipperz is building, its openness and its view of cryptography as a powerful tool for liberty, then you may consider making a donation.
@@ -33,21 +38,18 @@ If you like what Clipperz is building, its openness and its view of cryptography
33Our favorite payment method is clearly Bitcoin ([learn why here][why]), but you can also send your donation via credit card, Paypal or bank transfer. In all cases there will be no link between your real identity and your encrypted data stored on Clipperz. 38Our favorite payment method is clearly Bitcoin ([learn why here][why]), but you can also send your donation via credit card, Paypal or bank transfer. In all cases there will be no link between your real identity and your encrypted data stored on Clipperz.
34 39
35**To make your donation visit [this page][donations]. Thanks!** 40**To make your donation visit [this page][donations]. Thanks!**
36 41
37[why]: http://www.clipperz.com/pricing/why_bitcoin 42[why]: https://clipperz.is/pricing/why_bitcoin
38[donations]: http://www.clipperz.com/donations 43[donations]: https://clipperz.is/donations
39 44
40 45
41## License 46## License
42ALL the code included in this project, if not otherwise stated, is released with the [AGPL v3][agpl] license (see `LICENSE.txt`), and all rights are reserved to Clipperz Srl. For any use not allowed by the AGPL license, please [contact us][contact] to inquire about licensing options for commercial applications. 47ALL the code included in this project, if not otherwise stated, is released with the [AGPL v3][agpl] license (see `LICENSE.txt`), and all rights are reserved to Clipperz Srl. For any use not allowed by the AGPL license, please [contact us][contact] to inquire about licensing options for commercial applications.
43 48
44[agpl]: http://www.gnu.org/licenses/agpl.html 49[agpl]: http://www.gnu.org/licenses/agpl.html
45 50
46 51
47## Warnings
48Please note that the open source version of Clipperz Password Manager may not be suitable for mass deployments, depending on how robust is the backend you select. As an example, the current PHP backend lacks several critical capabilities such as bot protection and concurrent sessions management.
49
50## Contributions 52## Contributions
51Your contributions to Clipperz are very welcome! In order to avoid jeopardizing the ownership of the code base, we will require every developer to sign the Clipperz [Contributor Agreement][CA] 53Your contributions to Clipperz are very welcome! In order to avoid jeopardizing the ownership of the code base, we will require every developer to sign the Clipperz [Contributor Agreement][CA]
52 54
53This enables a single entity to represent the aggregated code base and gives the community flexibility to act as a whole to changing situations. 55This enables a single entity to represent the aggregated code base and gives the community flexibility to act as a whole to changing situations.
@@ -114,5 +116,5 @@ Once the index.html files have been built (one for each frontend) and a backend
114 116
115This application has not been fully tested, so there may be still problems due to the new build script or to the new repository structure. So, for the moment, **use it at your own risk!** 117This application has not been fully tested, so there may be still problems due to the new build script or to the new repository structure. So, for the moment, **use it at your own risk!**
116 118
117 119
118[pog]: http://www.phpobjectgenerator.com/ \ No newline at end of file 120[pog]: http://www.phpobjectgenerator.com/