logo

blog

My website can't be that messy, right? git clone https://hacktivis.me/git/blog.git

canary.asc (3243B)

    

  1. -----BEGIN PGP SIGNED MESSAGE-----
  2. Hash: SHA512
  4. This is an OpenPGP signed canary. The first attempt to do one failed… (I’m bad at having habits)
  5. I choosed OpenPGP because it allows to:
  6. • verify my identity (web of trust, meeting me, …)
  7. • have a crypto-signed: text, date, expiration date
  8. • make more use of good cryptography
  10. This canary will be updated around the end of each month if not needed to be earlier, cryptographicaly expires after 2 months.
  12. ## Why a canary?
  13. I originally started it for fun, but I ended up:
  14. • Hosting my own software, which is a good thing btw. https://hacktivis.me/git/
  15. • Being a proxy-maintainer for few gentoo packages
  16. • Hosting my own social-network instance
  18. And I will probably have more involvements in the future and I think it's better and or even mandatory to have a canary in thoses cases.
  20. ## Statements
  21. • anything that can harm and/or have harmed data, received or send to me and or my machines:
  22.         • SSID=orange, modifies few paquets, got fixed few hours later, no harmful data sent.
  23.                 • DNS gave a weird answer, fixed directly.[1]
  24.                 • SMTPS doesn’t works, SASL fails and certificate doesn’t match
  25. • no request from any law agency (warrants, court order)
  26. • no police raid or equivalent
  27. • no request for backdoors or equivalent
  28. • my disks for anything but datalove are encrypted(LUKS)
  29. • my keys are all safe and protected and old ones are revoked and few old ones unuseable(shred)
  30. 	• On 2016-12-17 I made myself a new keyring, the old one was a huge mess… sorry for the mess of revoked keys
  31. 	• On 2017-05-03 04:19:00 I made new (ECC) keys, after hardware failure and no backups or old keys, and so broke HPKP
  32. 	• On 2018-01-11 I changed my default OpenPGP key set to DDC9237C14CF6F4DD847F6B390D93ACCFEFF61AE and it’s now store only on a Nitrokey Start and a paperkey backup [2]
  34. ## Recent News
  35. • Some at the EU Parliement said that the signers of https://www.change.org/p/european-parliament-stop-the-censorship-machinery-save-the-internet aren’t real (it’s on change.org so I didn’t sign it btw) https://mamot.fr/users/doctorow/statuses/100599594052073583
  36. • IRC turned 30 years old. http://www.oulu.fi/university/node/54247
  37. • Landline Phones will be turned off in France if you use Orange(with bought the Historical Nationnal Phone Operator) http://www.leparisien.fr/economie/le-telephone-fixe-c-est-bientot-fini-25-08-2018-7864455.php
  39. ## Commands used
  40. • cp canary.asc canary
  41. • vis canary
  42. • gpg --default-sig-expire 2m --clearsign canary
  43. • shred -u canary
  45. ### TL;DR
  46. • I’m safe but you should not have a blind trust on me.
  48. - - -- 
  49. Inspired by: https://fyb.patternsinthevoid.net/canary.asc and https://github.com/QubesOS/qubes-secpack/blob/master/canaries
  51. 1: https://hacktivis.me/articles/La%20neutralit%C3%A9e%20du%20Net%20sur%20un%20wifi%20Orange%E2%84%A2,%20deuxi%C3%A8me%20mensonge
  52. 2: https://hacktivis.me/articles/I%20changed%20my%20OpenPGP%20keys
  53. -----BEGIN PGP SIGNATURE-----
  55. iHsEARYKACMWIQT4W9xj/ZtK9Ev2uBLVt6jkPJl97gUCW4Ll1QWDAE8aAAAKCRDV
  56. t6jkPJl97qucAQCFw+YVoI3QzhijlffZgiB5hFN+jH8FDqeLOiOBAiRhcwEA/rnC
  57. +xl4agRXlTjPE7tPwwyaK1y9kQ8N9EQDd5dYPgE=
  58. =JRvf
  59. -----END PGP SIGNATURE-----