Skip to main content

Public key transition statement 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

So, I've generated a new GPG keypair. It has a set of subkeys (one per usage),
which, theoretically, should make it all more convenient and secure. Also it
uses currently-recommended algorithms (4096-bit key RSA and SHA512) and was
generated using my new hardware entropy source which was the main reason for
this change. The old key will be expired in a couple months unless I revoke it
as superseded first. There is no reason to believe it was compromised or
anything.

New key's fingerprint is

F819 3F12 6021 6B7D D53B  959F E273 25A3 92D7 0FFB

for copying and pasting: 0xF8193F1260216B7DD53B959FE27325A392D70FFB ),
long key id is 0xE27325A392D70FFB.

Please import my new public key from the keyserver you prefer or using PKA dns
records. You can use this command on most platforms:

    gpg --search-keys 0xE27325A392D70FFB

(Unfortunately, GnuPG or/and keyservers don't really support search by
fingerprint or showing it in the import dialog so make sure to --list-keys
later to verify it).

I'd appreciate if you signed this new key for the web of trust (revokable with
check level 2 sounds appropriate since you didn't verify my government-issued
photo ID prior to signing :) unless you happen to know me personally and can,
for example, call me and verify my voice while I'm reading the fingerprint).

Obviously, verifying signature on this message, old key's signature on the new
one, and checking PKA dns record is highly recommended before performing any
further steps. Feel free to contact me if you have any doubts.

What this all means to you personally? Probably nothing if you have never sent
me any encrypted messages or received signed ones. Otherwise you probably
already know what to do with this information.
-----BEGIN PGP SIGNATURE-----

iF4EAREKAAYFAlhuTdYACgkQ0rP4P63gxstL1AD7BsNMR78Nz4tVp2UroTQps+Oj
8+2baCd2BPX/sYD7ItMA/2KiJJM1dCVgxJOhF/7NjGYwFJ/+G73xUjPexph/elHT
=7VqE
-----END PGP SIGNATURE-----
Labels:

Popular posts from this blog

Russia becomes an internet outcast for some reason

It's starting to happen more and more often to me. I'm trying to use some service and all of a sudden I see an error page, sometimes a custom one but more often generated by cloudflare or a similar service, with error message effectively saying that IP addresses from Russia are banned on the service. And what is even more interesting, most of this services don't have any particular policy reasons not to allow Russian users, it's not not like they are publishing prescribed materials or doing anything interesting whatsoever. A payment processor, a popular online course provider, some random forums and information sites, one site with educational videos that I like (that one is especially funny because I'm banned from the subscription page and so can't pay them but their cdn does't care and I can actually download any video I want). But why does it happen? Is there some recommendation in some popular security guideline "block Russia, Cambodia, and Afghan
Read more

ORICO — small things that stand out

More than once I've written about stuff made by Big Brand manufacturers so I decided to balance things out by writing about a mostly-unknown but good things. In short, if you need something small like HDD enclosure or some cable or USB hub or a dongle of some kind, check if ORICO makes it and chances are you won't be disappointed. It's usually slightly more expensive than low-end stuff from aliexpress but, in my opinion, it's usually worth it. Disclaimer. This post is a shameless promotion of their brand although, unfortunately, nobody paid me for it or even sent me any free stuff. Guys from ORICO and not, if you read this, I'll gladly review whatever free goodies you send me :) I only do honest reviews so better make sure to send the good stuff. At this point I own a USB hub, three different 2.5" HDD enclosures, and a precision screwdriver set from them. And probably something else I don't remember. Here are the pics: USB hub in its natural habitat
Read more

Terrible experience with bluetooth headsets and what to do about it

If you own a Bluetooth A2DP headset and any kind of personal computer, good chance is you tried connecting them together. Isn't it nice to watch movies and listen to music free from cluttering wires? Well, good chance is you hated that experience and if that was the reason for buying the headset, you might've even considered throwing it away (or using it only with your phone). Why do they suck so much? Everything points to the fact that it's not a hardware problem. The same headset most likely will work flawlessly paired with an android device or even the same computer under a different operating system (windows users report huge difference between, like, 8.0 and 8.1, and not in favor of the latter, surprisingly, I think only mac users report good stuff about their macbooks and beats although I didn't try it myself so they might all be faking it :) ). And most likely it's not even the drivers or other low-level stuff, android and desktop linux has mostly the same
Read more