Updated README with a security notice as mentioned in issue #13

This commit is contained in:
El RIDO 2015-08-23 18:09:34 +02:00
parent 3306bcff99
commit d042bb41ba
1 changed files with 56 additions and 7 deletions

View File

@ -1,13 +1,62 @@
ZeroBin 0.19 Alpha
# ZeroBin 0.19 Alpha
==== THIS IS ALPHA SOFTWARE - USE AT YOUR OWN RISKS ====
ZeroBin is a minimalist, opensource online pastebin where the server has zero
knowledge of pasted data.
ZeroBin is a minimalist, opensource online pastebin where the server
has zero knowledge of pasted data. Data is encrypted/decrypted in the
browser using 256 bits AES.
Data is encrypted/decrypted in the browser using 256 bit AES.
More information on the project page:
http://sebsauvage.net/wiki/doku.php?id=php:zerobin
This fork of ZeroBin refactored the source code to allow easier and cleaner
extensions. It is still fully compatible to the original ZeroBin 0.19 data
storage scheme. Therefore such installations can be upgraded to this fork
without loosing any data.
## What ZeroBin provides
- As a server administrator you don't have to worry if your users post content
that is considered illegal in your country. You have no knowledge of any
pastes content. If requested or enforced, you can delete any paste from your
system.
- Pastebin like system to store text documents, code samples, etc.
- Encryption of data sent to server, even if it does not provide HTTPS.
## What it doesn't provide
- As a user you have to trust the server administrator, your internet provider
and any country the traffic passes not to inject any malicious code.
- The "password" to encrypt the paste is part of the URL. If you publicly post
a paste URL, everybody can read it.
- A server admin might be forced to hand over access logs to the authorities.
ZeroBin encrypts your text and the discussion contents, but who accessed it
first might still be disclosed via such access logs.
## Options
Some features are optional and can be enabled or disabled in the [configuration
file](https://github.com/elrido/ZeroBin/wiki/Configuration):
- Discussions
- Expiration times, including a "forever" and "burn after reading" option
- Syntax highlighting using prettify.js, including 4 prettify themes
- Templates: By default there is a "classic" and a bootstrap based theme, but it
is easy to adapt these to your own websites layout.
## Further resources
- [Installation guide](https://github.com/elrido/ZeroBin/wiki/Installation)
- [Configuration guide](https://github.com/elrido/ZeroBin/wiki/Configuration)
- [Developer guide](https://github.com/elrido/ZeroBin/wiki/Development)
Run into any issues? Have ideas for further developments? Please
[report](https://github.com/elrido/ZeroBin/issues) them!
------------------------------------------------------------------------------