commit: 6a743a32e0d664d92697e0900e5a1a591033d575
parent 6a30522bcc52594315b61d6953cec6092a90d2c6
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Sun, 26 Aug 2018 19:40:07 +0200
canary.asc: Update of 2018-08-26
Diffstat:
1 file changed, 10 insertions(+), 20 deletions(-)
diff --git a/canary.asc b/canary.asc
@@ -7,7 +7,7 @@ I choosed OpenPGP because it allows to:
• have a crypto-signed: text, date, expiration date
• make more use of good cryptography
-This canary will be updated as often as possible and cryptographicaly expires after 2 months.
+This canary will be updated around the end of each month if not needed to be earlier, cryptographicaly expires after 2 months.
## Why a canary?
I originally started it for fun, but I ended up:
@@ -25,26 +25,16 @@ And I will probably have more involvements in the future and I think it's better
• no request from any law agency (warrants, court order)
• no police raid or equivalent
• no request for backdoors or equivalent
-• my disks(HDDs and SSDs) are cyphered and minion(server) have cyphered logs
+• my disks for anything but datalove are encrypted(LUKS)
• my keys are all safe and protected and old ones are revoked and few old ones unuseable(shred)
• On 2016-12-17 I made myself a new keyring, the old one was a huge mess… sorry for the mess of revoked keys
• On 2017-05-03 04:19:00 I made new (ECC) keys, after hardware failure and no backups or old keys, and so broke HPKP
• On 2018-01-11 I changed my default OpenPGP key set to DDC9237C14CF6F4DD847F6B390D93ACCFEFF61AE and it’s now store only on a Nitrokey Start and a paperkey backup [2]
-### Certificates Log (for hacktivis.me)
-Begin on/Not Before; Expire on/Not After; Organisation; SHA256 Fingerprint
-2018-03-22T23:17:24; 2018-06-20T23:17:24; Let's Encrypt; D0:5B:25:9C:3D:2E:E4:FD:78:B5:1C:7C:58:A0:FD:29:81:8E:7F:68:CE:95:D6:4E:CC:84:BD:E0:2A:5F:17:9A
-2018-01-22T00:24:54; 2018-04-22T00:24:54; Let's Encrypt
-2017-10-23T23:02:20; 2018-01-21T23:02:20; Let's Encrypt
-2017-07-25T23:56:00; 2017-10-23T23:56:00; Let's Encrypt
-
-Note: The certificates are automatically renewed by acme.sh, this canary isn't so expect a bit of lag.
-Command used for the fingerprint: openssl x509 -fingerprint -sha256 -noout -in ~/.acme.sh/hacktivis.me_ecc/hacktivis.me.cer
-
## Recent News
-• Void Linux got a central point of failure in their management and are avoiding it: https://www.voidlinux.eu/news/2018/05/serious-issues.html
-• Mozilla continues in a weird path with Privacy/Public Relation, they want to show ads again (and hi again to Pocket): https://blog.mozilla.org/futurereleases/2018/04/30/a-privacy-conscious-approach-to-sponsored-content/
-• The new Stardew Valley update calls you out for dating everyone (And so I guess I'm not updating it…): https://www.pcgamer.com/the-new-stardew-valley-update-calls-you-out-for-dating-everyone/
+• Some at the EU Parliement said that the signers of https://www.change.org/p/european-parliament-stop-the-censorship-machinery-save-the-internet aren’t real (it’s on change.org so I didn’t sign it btw) https://mamot.fr/users/doctorow/statuses/100599594052073583
+• IRC turned 30 years old. http://www.oulu.fi/university/node/54247
+• Landline Phones will be turned off in France if you use Orange(with bought the Historical Nationnal Phone Operator) http://www.leparisien.fr/economie/le-telephone-fixe-c-est-bientot-fini-25-08-2018-7864455.php
## Commands used
• cp canary.asc canary
@@ -55,15 +45,15 @@ Command used for the fingerprint: openssl x509 -fingerprint -sha256 -noout -in ~
### TL;DR
• I’m safe but you should not have a blind trust on me.
-- --
+- - --
Inspired by: https://fyb.patternsinthevoid.net/canary.asc and https://github.com/QubesOS/qubes-secpack/blob/master/canaries
1: https://hacktivis.me/articles/La%20neutralit%C3%A9e%20du%20Net%20sur%20un%20wifi%20Orange%E2%84%A2,%20deuxi%C3%A8me%20mensonge
2: https://hacktivis.me/articles/I%20changed%20my%20OpenPGP%20keys
-----BEGIN PGP SIGNATURE-----
-iHsEARYKACMWIQT4W9xj/ZtK9Ev2uBLVt6jkPJl97gUCWuqgnAWDAE8aAAAKCRDV
-t6jkPJl97v3TAP0fXL5JxGfbL1KMCsdEEoZvUadsGWLXYsqv2PQs/bwQGwEA8s6d
-L6IwC18sOoozaqO58SvcLyRtHzMzEED29vqncAs=
-=ChCp
+iHsEARYKACMWIQT4W9xj/ZtK9Ev2uBLVt6jkPJl97gUCW4Ll1QWDAE8aAAAKCRDV
+t6jkPJl97qucAQCFw+YVoI3QzhijlffZgiB5hFN+jH8FDqeLOiOBAiRhcwEA/rnC
++xl4agRXlTjPE7tPwwyaK1y9kQ8N9EQDd5dYPgE=
+=JRvf
-----END PGP SIGNATURE-----
