Session protection
A viewer and host perform an ephemeral X25519 exchange signed by the host's Ed25519 identity. After that handshake, AES-256-GCM protects credentials, video, audio, input, clipboard, files and control messages with direction/type authentication and replay counters.
First-connection trust
Before any credentials are sent, the viewer pauses and shows a fingerprint to compare with the code in the Host window. The key is stored only after explicit approval; cancelling, timing out or closing the app stores nothing. Later identity changes are refused. A changed key may be legitimate after reinstalling or resetting the host, but investigate and compare the new code before resetting trust.
macOS sign-in and lockout
The host verifies the selected macOS account through OpenDirectory and applies persistent escalating lockout after repeated failures. Saving a password is optional and uses the platform's protected credential store.
No session relay
Remote-session content travels over the route between your devices. The host still makes a limited provider request for licence activation, and the marketing/checkout site is an ordinary internet service; “direct sessions” does not mean the product has no external licensing dependency.
Recommended deployment
Use a LAN or a private VPN such as Tailscale. Do not expose the host's ports directly to the public internet. Keep every device and MacReacher build updated, use a strong macOS password and disable clipboard/file capabilities when they are not needed.
Report a vulnerability
Send a clear report to support@flavrapps.com. The canonical security contact is published at /.well-known/security.txt.