logo

blog

My little blog can’t be this cute!

canary.asc (3243B)


      1 -----BEGIN PGP SIGNED MESSAGE-----
      2 Hash: SHA512
      3 
      4 This is an OpenPGP signed canary. The first attempt to do one failed… (I’m bad at having habits)
      5 I choosed OpenPGP because it allows to:
      6 • verify my identity (web of trust, meeting me, …)
      7 • have a crypto-signed: text, date, expiration date
      8 • make more use of good cryptography
      9 
     10 This canary will be updated around the end of each month if not needed to be earlier, cryptographicaly expires after 2 months.
     11 
     12 ## Why a canary?
     13 I originally started it for fun, but I ended up:
     14 • Hosting my own software, which is a good thing btw. https://hacktivis.me/git/
     15 • Being a proxy-maintainer for few gentoo packages
     16 • Hosting my own social-network instance
     17 
     18 And I will probably have more involvements in the future and I think it's better and or even mandatory to have a canary in thoses cases.
     19 
     20 ## Statements
     21 • anything that can harm and/or have harmed data, received or send to me and or my machines:
     22         • SSID=orange, modifies few paquets, got fixed few hours later, no harmful data sent.
     23                 • DNS gave a weird answer, fixed directly.[1]
     24                 • SMTPS doesn’t works, SASL fails and certificate doesn’t match
     25 • no request from any law agency (warrants, court order)
     26 • no police raid or equivalent
     27 • no request for backdoors or equivalent
     28 • my disks for anything but datalove are encrypted(LUKS)
     29 • my keys are all safe and protected and old ones are revoked and few old ones unuseable(shred)
     30 	• On 2016-12-17 I made myself a new keyring, the old one was a huge mess… sorry for the mess of revoked keys
     31 	• On 2017-05-03 04:19:00 I made new (ECC) keys, after hardware failure and no backups or old keys, and so broke HPKP
     32 	• On 2018-01-11 I changed my default OpenPGP key set to DDC9237C14CF6F4DD847F6B390D93ACCFEFF61AE and it’s now store only on a Nitrokey Start and a paperkey backup [2]
     33 
     34 ## Recent News
     35 • Some at the EU Parliement said that the signers of https://www.change.org/p/european-parliament-stop-the-censorship-machinery-save-the-internet aren’t real (it’s on change.org so I didn’t sign it btw) https://mamot.fr/users/doctorow/statuses/100599594052073583
     36 • IRC turned 30 years old. http://www.oulu.fi/university/node/54247
     37 • Landline Phones will be turned off in France if you use Orange(with bought the Historical Nationnal Phone Operator) http://www.leparisien.fr/economie/le-telephone-fixe-c-est-bientot-fini-25-08-2018-7864455.php
     38 
     39 ## Commands used
     40 • cp canary.asc canary
     41 • vis canary
     42 • gpg --default-sig-expire 2m --clearsign canary
     43 • shred -u canary
     44 
     45 ### TL;DR
     46 • I’m safe but you should not have a blind trust on me.
     47 
     48 - - -- 
     49 Inspired by: https://fyb.patternsinthevoid.net/canary.asc and https://github.com/QubesOS/qubes-secpack/blob/master/canaries
     50 
     51 1: https://hacktivis.me/articles/La%20neutralit%C3%A9e%20du%20Net%20sur%20un%20wifi%20Orange%E2%84%A2,%20deuxi%C3%A8me%20mensonge
     52 2: https://hacktivis.me/articles/I%20changed%20my%20OpenPGP%20keys
     53 -----BEGIN PGP SIGNATURE-----
     54 
     55 iHsEARYKACMWIQT4W9xj/ZtK9Ev2uBLVt6jkPJl97gUCW4Ll1QWDAE8aAAAKCRDV
     56 t6jkPJl97qucAQCFw+YVoI3QzhijlffZgiB5hFN+jH8FDqeLOiOBAiRhcwEA/rnC
     57 +xl4agRXlTjPE7tPwwyaK1y9kQ8N9EQDd5dYPgE=
     58 =JRvf
     59 -----END PGP SIGNATURE-----