About User Privacy

Beacon takes user privacy very seriously. The data here may get a bit technical, so here's the simple outline:

  • All user data is anonymous, even email addresses.
  • Encryption is handled with 2048-bit RSA Public Key Cryptography.
  • Beacon and its website are fully open source.

User Anonymity

Beacon stores only a single piece of identifiable information on each user: their username. Which of course, could be anything the user desires. User email addresses are stored as salted bcrypt hashes with k-anonymity. This allows email addresses to be confirmed during login, but cannot be reversed.

Beacon's payment processor, Stripe, does store some personally identifiable information. Stripe's privacy policy can be found at https://stripe.com/us/privacy.

User Security

Upon first launch, Beacon generates a cryptographically secure 128-bit random number to use as the user's UUID. This number is not based on any user or hardware information. Beacon also generates a 2048-bit RSA private key to use as proof of identity.

Unless the user chooses to disable community features when prompted at launch, Beacon will send the user's UUID and public key to the Beacon server. This grants the user access to community features, such as the ability to publish documents to the community library. This user is fully anonymous.

If the user decides to create a login with Beacon, some additional data is shared with Beacon's server. The user's password is run through the PBKDF2 algorithm to generate a key to Blowfish encrypt the user's RSA private key. Beacon's database stores these encrypted private keys so they can be transported to other computers the user signs into. When signing into Beacon, the private key is delivered to the computer encrypted and decrypted on the computer, not on Beacon's server.

Document Encryption

Some parts of a Beacon document are encrypted using the user's private key, such as server information and user-defined parts of the Custom Config Content editor. If the user's private key cannot decrypt information from a document, that information is simply not loaded by Beacon.

    No Results