logo

blog

My little blog can’t be this cute!
commit: 6a743a32e0d664d92697e0900e5a1a591033d575
parent: 6a30522bcc52594315b61d6953cec6092a90d2c6
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date:   Sun, 26 Aug 2018 19:40:07 +0200

canary.asc: Update of 2018-08-26

Diffstat:

Mcanary.asc30++++++++++--------------------
1 file changed, 10 insertions(+), 20 deletions(-)

diff --git a/canary.asc b/canary.asc @@ -7,7 +7,7 @@ I choosed OpenPGP because it allows to: • have a crypto-signed: text, date, expiration date • make more use of good cryptography -This canary will be updated as often as possible and cryptographicaly expires after 2 months. +This canary will be updated around the end of each month if not needed to be earlier, cryptographicaly expires after 2 months. ## Why a canary? I originally started it for fun, but I ended up: @@ -25,26 +25,16 @@ And I will probably have more involvements in the future and I think it's better • no request from any law agency (warrants, court order) • no police raid or equivalent • no request for backdoors or equivalent -• my disks(HDDs and SSDs) are cyphered and minion(server) have cyphered logs +• my disks for anything but datalove are encrypted(LUKS) • my keys are all safe and protected and old ones are revoked and few old ones unuseable(shred) • On 2016-12-17 I made myself a new keyring, the old one was a huge mess… sorry for the mess of revoked keys • On 2017-05-03 04:19:00 I made new (ECC) keys, after hardware failure and no backups or old keys, and so broke HPKP • On 2018-01-11 I changed my default OpenPGP key set to DDC9237C14CF6F4DD847F6B390D93ACCFEFF61AE and it’s now store only on a Nitrokey Start and a paperkey backup [2] -### Certificates Log (for hacktivis.me) -Begin on/Not Before; Expire on/Not After; Organisation; SHA256 Fingerprint -2018-03-22T23:17:24; 2018-06-20T23:17:24; Let's Encrypt; D0:5B:25:9C:3D:2E:E4:FD:78:B5:1C:7C:58:A0:FD:29:81:8E:7F:68:CE:95:D6:4E:CC:84:BD:E0:2A:5F:17:9A -2018-01-22T00:24:54; 2018-04-22T00:24:54; Let's Encrypt -2017-10-23T23:02:20; 2018-01-21T23:02:20; Let's Encrypt -2017-07-25T23:56:00; 2017-10-23T23:56:00; Let's Encrypt - -Note: The certificates are automatically renewed by acme.sh, this canary isn't so expect a bit of lag. -Command used for the fingerprint: openssl x509 -fingerprint -sha256 -noout -in ~/.acme.sh/hacktivis.me_ecc/hacktivis.me.cer - ## Recent News -• Void Linux got a central point of failure in their management and are avoiding it: https://www.voidlinux.eu/news/2018/05/serious-issues.html -• Mozilla continues in a weird path with Privacy/Public Relation, they want to show ads again (and hi again to Pocket): https://blog.mozilla.org/futurereleases/2018/04/30/a-privacy-conscious-approach-to-sponsored-content/ -• The new Stardew Valley update calls you out for dating everyone (And so I guess I'm not updating it…): https://www.pcgamer.com/the-new-stardew-valley-update-calls-you-out-for-dating-everyone/ +• Some at the EU Parliement said that the signers of https://www.change.org/p/european-parliament-stop-the-censorship-machinery-save-the-internet aren’t real (it’s on change.org so I didn’t sign it btw) https://mamot.fr/users/doctorow/statuses/100599594052073583 +• IRC turned 30 years old. http://www.oulu.fi/university/node/54247 +• Landline Phones will be turned off in France if you use Orange(with bought the Historical Nationnal Phone Operator) http://www.leparisien.fr/economie/le-telephone-fixe-c-est-bientot-fini-25-08-2018-7864455.php ## Commands used • cp canary.asc canary @@ -55,15 +45,15 @@ Command used for the fingerprint: openssl x509 -fingerprint -sha256 -noout -in ~ ### TL;DR • I’m safe but you should not have a blind trust on me. -- -- +- - -- Inspired by: https://fyb.patternsinthevoid.net/canary.asc and https://github.com/QubesOS/qubes-secpack/blob/master/canaries 1: https://hacktivis.me/articles/La%20neutralit%C3%A9e%20du%20Net%20sur%20un%20wifi%20Orange%E2%84%A2,%20deuxi%C3%A8me%20mensonge 2: https://hacktivis.me/articles/I%20changed%20my%20OpenPGP%20keys -----BEGIN PGP SIGNATURE----- -iHsEARYKACMWIQT4W9xj/ZtK9Ev2uBLVt6jkPJl97gUCWuqgnAWDAE8aAAAKCRDV -t6jkPJl97v3TAP0fXL5JxGfbL1KMCsdEEoZvUadsGWLXYsqv2PQs/bwQGwEA8s6d -L6IwC18sOoozaqO58SvcLyRtHzMzEED29vqncAs= -=ChCp +iHsEARYKACMWIQT4W9xj/ZtK9Ev2uBLVt6jkPJl97gUCW4Ll1QWDAE8aAAAKCRDV +t6jkPJl97qucAQCFw+YVoI3QzhijlffZgiB5hFN+jH8FDqeLOiOBAiRhcwEA/rnC ++xl4agRXlTjPE7tPwwyaK1y9kQ8N9EQDd5dYPgE= +=JRvf -----END PGP SIGNATURE-----