blogMy little blog can’t be this cute!
Author: Haelwenn (lanodan) Monnier <email@example.com>
Date: Thu, 3 May 2018 07:40:36 +0200
1 file changed, 32 insertions(+), 13 deletions(-)
diff --git a/canary.asc b/canary.asc
@@ -7,7 +7,15 @@ I choosed OpenPGP because it allows to:
• have a crypto-signed: text, date, expiration date
• make more use of good cryptography
-This canary will be updated as often as possible and cryptographicaly expires after 6 months.
+This canary will be updated as often as possible and cryptographicaly expires after 2 months.
+## Why a canary?
+I originally started it for fun, but I ended up:
+• Hosting my own software, which is a good thing btw. https://hacktivis.me/git/
+• Being a proxy-maintainer for few gentoo packages
+• Hosting my own social-network instance
+And I will probably have more involvements in the future and I think it's better and or even mandatory to have a canary in thoses cases.
• anything that can harm and/or have harmed data, received or send to me and or my machines:
@@ -21,30 +29,41 @@ This canary will be updated as often as possible and cryptographicaly expires af
• my keys are all safe and protected and old ones are revoked and few old ones unuseable(shred)
• On 2016-12-17 I made myself a new keyring, the old one was a huge mess… sorry for the mess of revoked keys
• On 2017-05-03 04:19:00 I made new (ECC) keys, after hardware failure and no backups or old keys, and so broke HPKP
- • On 2018-01-11 I changed my default GPG key set to DDC9237C14CF6F4DD847F6B390D93ACCFEFF61AE and it’s now store only on a Nitrokey Start and a paperkey backup
+ • On 2018-01-11 I changed my default OpenPGP key set to DDC9237C14CF6F4DD847F6B390D93ACCFEFF61AE and it’s now store only on a Nitrokey Start and a paperkey backup 
### Certificates Log (for hacktivis.me)
-Begin on/Not Before; Expire on/Not After; Organisation; Serial
-2018-01-22T00:24:54; 2018-04-22T00:24:54; Let's Encrypt; 03:56:2e:f8:c5:5f:24:08:4b:52:15:71:03:cf:7d:64:4b:23
-2017-10-23T23:02:20; 2018-01-21T23:02:20; Let's Encrypt; 03:2E:23:BF:A9:31:5C:25:5F:12:00:70:44:12:3E:DB:77:BD
-2017-07-25T23:56:00; 2017-10-23T23:56:00; Let's Encrypt; 03:BC:D9:81:CF:CA:53:90:2E:90:B4:D0:81:26:6A:4B:C6:34
+Begin on/Not Before; Expire on/Not After; Organisation; SHA256 Fingerprint
+2018-03-22T23:17:24; 2018-06-20T23:17:24; Let's Encrypt; D0:5B:25:9C:3D:2E:E4:FD:78:B5:1C:7C:58:A0:FD:29:81:8E:7F:68:CE:95:D6:4E:CC:84:BD:E0:2A:5F:17:9A
+2018-01-22T00:24:54; 2018-04-22T00:24:54; Let's Encrypt
+2017-10-23T23:02:20; 2018-01-21T23:02:20; Let's Encrypt
+2017-07-25T23:56:00; 2017-10-23T23:56:00; Let's Encrypt
-• I’m safe but you should not have a blind trust on me.
+Note: The certificates are automatically renewed by acme.sh, this canary isn't so expect a bit of lag.
+Command used for the fingerprint: openssl x509 -fingerprint -sha256 -noout -in ~/.acme.sh/hacktivis.me_ecc/hacktivis.me.cer
+## Recent News
+• Void Linux got a central point of failure in their management and are avoiding it: https://www.voidlinux.eu/news/2018/05/serious-issues.html
+• Mozilla continues in a weird path with Privacy/Public Relation, they want to show ads again (and hi again to Pocket): https://blog.mozilla.org/futurereleases/2018/04/30/a-privacy-conscious-approach-to-sponsored-content/
+• The new Stardew Valley update calls you out for dating everyone (And so I guess I'm not updating it…): https://www.pcgamer.com/the-new-stardew-valley-update-calls-you-out-for-dating-everyone/
## Commands used
• cp canary.asc canary
• vis canary
-• gpg --default-sig-expire 6m --clearsign canary
+• gpg --default-sig-expire 2m --clearsign canary
• shred -u canary
+• I’m safe but you should not have a blind trust on me.
Inspired by: https://fyb.patternsinthevoid.net/canary.asc and https://github.com/QubesOS/qubes-secpack/blob/master/canaries
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----