From dcafd6ec72785cb8495ad59a95f8418ee9731224 Mon Sep 17 00:00:00 2001 From: DeflateAwning <11021263+DeflateAwning@users.noreply.github.com> Date: Thu, 28 Sep 2023 03:55:48 -0600 Subject: [PATCH] readme: Style fixes, add security note (#9136) --- GOALS.md | 12 ++++++------ README.md | 25 +++++++++++++++---------- 2 files changed, 21 insertions(+), 16 deletions(-) diff --git a/GOALS.md b/GOALS.md index 1628ed461..4fd7f3c9e 100644 --- a/GOALS.md +++ b/GOALS.md @@ -24,17 +24,17 @@ to avoid corrupting the user's files. ### 2. Secure Against Attackers Again, protecting the user's data is paramount. Regardless of our other -goals we must never allow the user's data to be susceptible to eavesdropping +goals, we must never allow the user's data to be susceptible to eavesdropping or modification by unauthorized parties. > This should be understood in context. It is not necessarily reasonable to > expect Syncthing to be resistant against well equipped state level -> attackers. We will however do our best. Note also that this is different +> attackers. We will, however, do our best. Note also that this is different > from anonymity which is not, currently, a goal. ### 3. Easy to Use -Syncthing should be approachable, understandable and inclusive. +Syncthing should be approachable, understandable, and inclusive. > Complex concepts and maths form the base of Syncthing's functionality. > This should nonetheless be abstracted or hidden to a degree where @@ -52,18 +52,18 @@ User interaction should be required only when absolutely necessary. ### 5. Universally Available Syncthing should run on every common computer. We are mindful that the -latest technology is not always available to any given individual. +latest technology is not always available to every individual. > Computers include desktops, laptops, servers, virtual machines, small > general purpose computers such as Raspberry Pis and, *where possible*, -> tablets and phones. NAS appliances, toasters, cars, firearms, thermostats +> tablets and phones. NAS appliances, toasters, cars, firearms, thermostats, > and so on may include computing capabilities but it is not our goal for > Syncthing to run smoothly on these devices. ### 6. For Individuals Syncthing is primarily about empowering the individual user with safe, -secure and easy to use file synchronization. +secure, and easy to use file synchronization. > We acknowledge that it's also useful in an enterprise setting and include > functionality to support that. If this is in conflict with the diff --git a/README.md b/README.md index c067231fc..5a4fecaad 100644 --- a/README.md +++ b/README.md @@ -10,8 +10,8 @@ Syncthing is a **continuous file synchronization program**. It synchronizes files between two or more computers. We strive to fulfill the goals below. -The goals are listed in order of importance, the most important one being -the first. This is the summary version of the goal list - for more +The goals are listed in order of importance, the most important ones first. +This is the summary version of the goal list - for more commentary, see the full [Goals document][13]. Syncthing should be: @@ -24,12 +24,12 @@ Syncthing should be: 2. **Secure Against Attackers** Again, protecting the user's data is paramount. Regardless of our other - goals we must never allow the user's data to be susceptible to + goals, we must never allow the user's data to be susceptible to eavesdropping or modification by unauthorized parties. 3. **Easy to Use** - Syncthing should be approachable, understandable and inclusive. + Syncthing should be approachable, understandable, and inclusive. 4. **Automatic** @@ -38,12 +38,12 @@ Syncthing should be: 5. **Universally Available** Syncthing should run on every common computer. We are mindful that the - latest technology is not always available to any given individual. + latest technology is not always available to every individual. 6. **For Individuals** Syncthing is primarily about empowering the individual user with safe, - secure and easy to use file synchronization. + secure, and easy to use file synchronization. 7. **Everything Else** @@ -57,7 +57,7 @@ Take a look at the [getting started guide][2]. There are a few examples for keeping Syncthing running in the background on your system in [the etc directory][3]. There are also several [GUI -implementations][11] for Windows, Mac and Linux. +implementations][11] for Windows, Mac, and Linux. ## Docker @@ -66,7 +66,8 @@ To run Syncthing in Docker, see [the Docker README][16]. ## Vote on features/bugs We'd like to encourage you to [vote][12] on issues that matter to you. -This helps the team understand what are the biggest pain points for our users, and could potentially influence what is being worked on next. +This helps the team understand what are the biggest pain points for our +users, and could potentially influence what is being worked on next. ## Getting in Touch @@ -74,6 +75,10 @@ The first and best point of contact is the [Forum][8]. If you've found something that is clearly a bug, feel free to report it in the [GitHub issue tracker][10]. +If you believe that you’ve found a Syncthing-related security vulnerability, +please report it by emailing security@syncthing.net. Do not report it in the +Forum or issue tracker. + ## Building Building Syncthing from source is easy. After extracting the source bundle from @@ -83,11 +88,11 @@ build process. ## Signed Releases -As of v0.10.15 and onwards release binaries are GPG signed with the key +As of v0.10.15 and onwards, release binaries are GPG signed with the key D26E6ED000654A3E, available from https://syncthing.net/security.html and most key servers. -There is also a built in automatic upgrade mechanism (disabled in some +There is also a built-in automatic upgrade mechanism (disabled in some distribution channels) which uses a compiled in ECDSA signature. macOS binaries are also properly code signed.