An open-source tool that allows you to check how apps on your system respect your privacy and security.
You can grab a binary from Releases. Make sure to verify the checksum before running.
Building the app is very, very simple. All you need on your system is Go installed.
Note
pistasjis Attestator does not currently work on Linux or macOS. Support for Linux will be added in the future, Mac support is uncertain.
Something like this should work:
git clone https://github.com/pistasjis/attestator
cd attestator
go build .
and you'll have a binary ready.
Adding an app to the database is pretty easy. We use JSON and you can find the JSON at assets/apps.json.
For example, you can make an entry for KeePassXC with the reason "Open-source, local-only password manager with strict security" and verdict "good" like this:
{
"displayName": "KeePassXC",
"reason": "Open-source, local-only password manager with strict security.",
"verdict": "good"
}Some guidelines for what's good, "meh" and bad will be posted at some point in the future.
The app only makes one request. The request is only for fetching the JSON (also referred to as "database") containing the list of apps from GitHub. If "raw.githubusercontent.com" is blocked on your network, the app will not work properly.