VENINMΛSKЯ

Security Policy

Last updated: January 2025

Security Architecture

Maskr is designed with security as a core principle. Our architecture ensures your sensitive files never leave your device:

  • Client-side processing: All file operations (face detection, OCR, PDF redaction, metadata stripping) run entirely in your browser using JavaScript and WebAssembly.
  • No file uploads: Your images, PDFs, and text are never transmitted to our servers. There are no API endpoints that accept file uploads.
  • Local ML models: Face detection uses TensorFlow.js models served from our CDN but executed locally in your browser.
  • Permanent redaction: PDF redaction flattens pages to images, permanently destroying underlying text. This is not a visual overlay.

Security Headers

We implement comprehensive security headers:

  • Content-Security-Policy: Restricts script sources, prevents XSS
  • X-Frame-Options: DENY - prevents clickjacking
  • X-Content-Type-Options: nosniff - prevents MIME sniffing
  • Referrer-Policy: strict-origin-when-cross-origin
  • Permissions-Policy: Disables camera, microphone, geolocation, payment APIs

Script Integrity

We use multiple layers of protection for script integrity:

  • Internal scripts: All application JavaScript is bundled by Next.js with content hashes in filenames (e.g., main-a1b2c3.js). This ensures any modification invalidates the cache and is detectable.
  • External scripts: Third-party scripts (Plausible, AdSense) are loaded only after explicit user consent. These scripts cannot use Subresource Integrity (SRI) as their providers update them frequently, which would break the hash verification.
  • Content Security Policy: Our CSP restricts script sources to explicit allowlisted domains, preventing unauthorized script injection.
  • Production logging: Error messages are suppressed in production to prevent information leakage via browser DevTools.

Third-Party Services

We use two third-party services, both requiring explicit user consent:

  • Plausible Analytics: Privacy-focused analytics. No cookies, aggregated data only. Tracks page views, not file contents.
  • Google AdSense: Display advertising. Uses cookies for ad personalization. Never has access to your files.

Both services only load after you click "Accept" on the cookie banner. If you click "Reject All," no third-party scripts load.

Vulnerability Disclosure

We welcome responsible security research. If you discover a vulnerability:

  • Email us at security@venin.space
  • Include steps to reproduce the issue
  • Allow us reasonable time to respond and fix (typically 90 days)
  • Do not publicly disclose before we've addressed the issue

We will acknowledge researchers who report valid vulnerabilities (with permission).

Scope

In scope:

  • maskr.app and all subdomains
  • Client-side security vulnerabilities (XSS, CSRF, etc.)
  • Privacy violations (unexpected data transmission)
  • Authentication/authorization bypasses

Out of scope:

  • Denial of service attacks
  • Social engineering
  • Physical attacks
  • Issues in third-party dependencies (report to upstream)

Contact

This site uses analytics and ads

Your files stay on your device. Only page views may be tracked. Privacy Policy