How GoDesk is built, encrypted, and operated, and how to report a vulnerability. Honest answers, including about what we have not yet certified.
Session content (your screen, keystrokes, files transferred) is end-to-end encrypted with X25519 key exchange and AES-256-GCM. Our relay servers see only encrypted packets. We cannot read your sessions.
We are not yet SOC 2 or ISO 27001 certified. The infrastructure providers we rely on are. If you find a vulnerability, write to info@godeskflow.com.
This page describes the security architecture of the GoDesk client and the hosted relay service operated by upDevTeam LTD at godeskflow.com, and the responsible-disclosure process for reporting vulnerabilities to us.
It is informational. Contractual security commitments live in the Terms of Service and the DPA.
End-to-end encryption is the central security property of the Service. The relay never holds session content in plaintext.
Cryptographic libraries are pinned to audited upstream versions and updated on a documented schedule. We do not implement our own primitives.
Production infrastructure runs on the following providers:
All providers are bound by data-processing agreements that mirror the obligations in our DPA.
User-level access controls:
Honest status as of the date at the top of this page: GoDesk and upDevTeam LTD are NOT currently certified to SOC 2, ISO 27001, ISO 27017, ISO 27018, HIPAA, PCI-DSS, FedRAMP, or any other formal third-party security standard. Public claims to the contrary are wrong.
Our hosting and infrastructure providers (Hetzner, Cloudflare, Supabase, Stripe) are themselves SOC 2 / ISO 27001 audited; our security inherits some assurance from theirs but does not equal it.
We are working towards an external security review for 2026 and will publish the result on this page when it lands. We will not pretend to certifications we do not hold.
Administrative actions on production systems are logged to a central, append-only log with at least 90-day retention. The log records the actor, the action, the timestamp, and the source IP. Production access is restricted to a small number of named engineers with mandatory two-factor authentication.
We monitor uptime, error rates, and abuse-related signals (sudden traffic spikes, brute-force attempts, peer-ID enumeration) and rotate on-call coverage on a weekly basis.
Staff devices used to access production systems must:
The GoDesk client is open source under AGPL-3.0. Anyone can read the source code, build it, and verify that it does what we claim. The relay code (a fork of hbbr / hbbs) is similarly open source.
We publish SHA-256 hashes for every released installer. We are pursuing EV code-signing for Windows and Apple notarisation for macOS; current build status is on the Download page.
We welcome reports from independent security researchers. To report a vulnerability:
We do not currently run a paid bug-bounty programme. We acknowledge meaningful reports publicly (with your permission) on a hall-of-fame page once the issue is fixed.
Critical findings (RCE, broken end-to-end encryption, mass authentication bypass) are escalated to the on-call engineer immediately and given priority over scheduled work.
The following are not eligible for safe-harbour treatment under section 9 and may be reported but are unlikely to be treated as vulnerabilities:
We maintain a written incident-response playbook covering detection, containment, eradication, recovery, and post-incident review. The playbook is reviewed at least annually and after every material incident.
If a personal-data breach occurs, the notification timelines in our Privacy Policy and DPA apply.
When the architecture or any commitment on this page changes materially, we update the 'Last updated' date and announce the change in the changelog.
Reading the source code is the most reliable way to verify a security claim. Start at github.com/GoDeskFlow.