logo

blog

My website can't be that messy, right? git clone https://anongit.hacktivis.me/git/blog.git/

canary.asc (3243B)


  1. -----BEGIN PGP SIGNED MESSAGE-----
  2. Hash: SHA512
  3. This is an OpenPGP signed canary. The first attempt to do one failed… (I’m bad at having habits)
  4. I choosed OpenPGP because it allows to:
  5. • verify my identity (web of trust, meeting me, …)
  6. • have a crypto-signed: text, date, expiration date
  7. • make more use of good cryptography
  8. This canary will be updated around the end of each month if not needed to be earlier, cryptographicaly expires after 2 months.
  9. ## Why a canary?
  10. I originally started it for fun, but I ended up:
  11. • Hosting my own software, which is a good thing btw. https://hacktivis.me/git/
  12. • Being a proxy-maintainer for few gentoo packages
  13. • Hosting my own social-network instance
  14. And I will probably have more involvements in the future and I think it's better and or even mandatory to have a canary in thoses cases.
  15. ## Statements
  16. • anything that can harm and/or have harmed data, received or send to me and or my machines:
  17. • SSID=orange, modifies few paquets, got fixed few hours later, no harmful data sent.
  18. • DNS gave a weird answer, fixed directly.[1]
  19. • SMTPS doesn’t works, SASL fails and certificate doesn’t match
  20. • no request from any law agency (warrants, court order)
  21. • no police raid or equivalent
  22. • no request for backdoors or equivalent
  23. • my disks for anything but datalove are encrypted(LUKS)
  24. • my keys are all safe and protected and old ones are revoked and few old ones unuseable(shred)
  25. • On 2016-12-17 I made myself a new keyring, the old one was a huge mess… sorry for the mess of revoked keys
  26. • On 2017-05-03 04:19:00 I made new (ECC) keys, after hardware failure and no backups or old keys, and so broke HPKP
  27. • On 2018-01-11 I changed my default OpenPGP key set to DDC9237C14CF6F4DD847F6B390D93ACCFEFF61AE and it’s now store only on a Nitrokey Start and a paperkey backup [2]
  28. ## Recent News
  29. • Some at the EU Parliement said that the signers of https://www.change.org/p/european-parliament-stop-the-censorship-machinery-save-the-internet aren’t real (it’s on change.org so I didn’t sign it btw) https://mamot.fr/users/doctorow/statuses/100599594052073583
  30. • IRC turned 30 years old. http://www.oulu.fi/university/node/54247
  31. • Landline Phones will be turned off in France if you use Orange(with bought the Historical Nationnal Phone Operator) http://www.leparisien.fr/economie/le-telephone-fixe-c-est-bientot-fini-25-08-2018-7864455.php
  32. ## Commands used
  33. • cp canary.asc canary
  34. • vis canary
  35. • gpg --default-sig-expire 2m --clearsign canary
  36. • shred -u canary
  37. ### TL;DR
  38. • I’m safe but you should not have a blind trust on me.
  39. - - --
  40. Inspired by: https://fyb.patternsinthevoid.net/canary.asc and https://github.com/QubesOS/qubes-secpack/blob/master/canaries
  41. 1: https://hacktivis.me/articles/La%20neutralit%C3%A9e%20du%20Net%20sur%20un%20wifi%20Orange%E2%84%A2,%20deuxi%C3%A8me%20mensonge
  42. 2: https://hacktivis.me/articles/I%20changed%20my%20OpenPGP%20keys
  43. -----BEGIN PGP SIGNATURE-----
  44. iHsEARYKACMWIQT4W9xj/ZtK9Ev2uBLVt6jkPJl97gUCW4Ll1QWDAE8aAAAKCRDV
  45. t6jkPJl97qucAQCFw+YVoI3QzhijlffZgiB5hFN+jH8FDqeLOiOBAiRhcwEA/rnC
  46. +xl4agRXlTjPE7tPwwyaK1y9kQ8N9EQDd5dYPgE=
  47. =JRvf
  48. -----END PGP SIGNATURE-----