Security Details

Updating apps involves privileged operations and must be done carefully. Because of this Ninite ensures all app configuration data is transmitted securely and all downloads are validated before use.

This starts with every Ninite .exe being signed by our company. Those exes then talk to over a well-configured TLS connection to get the latest app configuration information.

Each program is downloaded from its publisher's official mirrors and then checked for a matching SHA-1 hash (delivered over TLS) or valid file signature from the publisher before we run anything. If an official mirror is unreliable we may use our own mirror at Files retreived from Ninite Pro's cache are also validated immediately before use.

If validation fails the app update fails. There are no options or prompts to ignore these issues or continue with questionable data.

When we add new versions to our catalog we take care to verify the downloads from the origin site and run a virus scan.

Ninite declines all toolbar offers and bundled junkware. You may get irrelevant warnings or experience download failures if you have security software configured to warn about the mere presence of junk offers in installers. It is safe to ignore these because Ninite opts out of the junk.

We take similar care with our backend systems used to update the catalog. Updates are configured in clean snapshotted virtual machines and all communication with our servers is encrypted.

Please get in touch if you have more questions or need anything else. Thanks!

Security Response

To report a security issue please visit our security response page.