Security and privacy are fundamental to Core Series apps (include Core Shell, Codinn Tunnel), we have put much efforts to improve the security.
And here are “Dos and Don’ts” that we (Codinn Technologies Co., Ltd.) are following to protect your privacy:
Core Series apps store all their data locally on the device you use them and in your iCloud Drive if sync is enabled.
Passwords / passphrases stored locally
All your saved passwords / passphrases are stored in macOS Keychain locally. None of these sensitive information is sent to remote.
You can wipe your saved passwords or passphrases from Core Series, or from macOS Keychain Access.app directly.
Private key and certificate files stored locally
All of your imported private keys and certificates are stored in local folders:
You can delete them from the app or just remove the files from above folders, there is no other place retains copies.
No statistics of usage
Core Series apps DON’T send any data to our or other vendor’s server.
We don’t push Ads to you, and we don’t collect your usage data.
Core Series apps only connect to your own servers, and do the right job, no more.
Based on XPC and OpenSSH
Each of Core Series apps leverages the security and stability by using Apple’s XPC technology to control the standard OpenSSH.
XPC is widely used by Apple itself, e.g. Safari, Xcode, App Store and other system services.
OpenSSH is the most widespread and de-facto standard implementation of SSH protocol.
Conform to Apple’s App Sandbox
Core Series apps conform to App Sandbox.
App Sandbox is an access control technology provided in OS X, enforced at the kernel level. Its strategy is twofold:
App Sandbox force the app describes how to interact with the system. The system then grants the app the access it needs to get its job done, and no more.
App Sandbox allows the user to transparently grant the app additional access by way of Open and Save dialogs, drag and drop, and other familiar user interactions.
A non-sandboxed app has the full rights of the user who is running that app, and can access any resources that the user can access. If an attacker can potentially exploit that app, the attacker gains the ability to do anything that the user can do.
By limiting access to resources on a per-app basis, App Sandbox provides a last line of defense against the theft, corruption, or deletion of user data if an attacker successfully exploits the app.
App Store certified
Core Series apps distribute on App Store.
Apple reviews all apps submitted to the Mac App Store to ensure that they are reliable, perform as expected, and are free of offensive material.
This means Core Series apps follow the strict review policy that be implemented by Apple.
If you have any questions regarding privacy while using Core Series apps, or have questions about our practices, please contact us via email at firstname.lastname@example.org.
This Policy was last revised: Sep 4, 2018.