I highly recommend this short story (When Alone Was Forgotten by Jeffrey Harrell) to anyone interested in privacy and speculative fiction: web.archive.org/web/2007082413 It’s also sold as part of a short story collection titled “The Glacier With Her Name Carved In It”.

What's a good way to make servers easily backuppable and the setups reproducible? NixOS? Docker feels iffy, but I do need backups, and I feel like my Pis could explode at any moment.

So, what do you folks think of our new official logo?

blog.privacytools.io/new-priva

Credits go to our lovely garbageman @dawidpotocki for the design :)!

In my complaints, apparently `gpg --fetch-keys` is affected by `keyserver-options` as I get a different result with it and `curl -LO` and `gpg --import`.

The `curl`ed file includes signature from my trusted key, while with `--fetch-keys` requires me to verify the key being correct again without giving me the hint that it may be reliable due to being signed previously.

I was verifying signature, but I could as well have been verifying .

Pro tip:

Memes that immediately polarize any two target groups are likely manufactured to manipulate social attitudes and stop the opposed groups from finding commonalities, and breaking down avenues of communication.

You should consider seeking values that bind us, not issues that divide us.

In honor of "fuck black friday", Varusteleka has raised their prices by 40% for today.

circleid.com/posts/20191127_wh

Remember the name Richard Barnes. Let him forever be known as the man who sold out the internet.

Is there nothing the internet can do to block this? Are there any non-profit domains left?
I feel like this really increases the need for decentralized #DNS. How is #Namecoin doing?

news.ycombinator.com/item?id=2
#org #por #icann

What next api Fedilab should support? #poll

Looking for volunteers who would be interested in translating privacytools.io to any variety of different languages (via Weblate). If you're interested shoot me a DM :)

> Aren’t commits from creation to revokation still supposed to be valid?

There is a tiny issue with this — if you revoked your key because the private key has been compromised then the attacker can backdate any signature (see gpg --faked-system-time).

Of course if Github wanted they could provide better UI — for example remembering when then saw the signature first (if it’s before revocation time then it’s good). At the end of the day OpenPGP just lacks proper secure timestamping features and that makes all dates suspect.

GnuPG UI just issues a bunch of WARNINGs: https://www.reddit.com/r/GnuPG/comments/9qhbs0/subkey_expiry_and_issued_signatures_validity/e8ckzs0/

So apparently doesn't allow me to have my previous revoked key on my account, because it contains a revokation certificate :(

Aren't commits from creation to revokation still supposed to be valid? Commits from after the revokation should obviously be invalid.

I cannot have a public key without revokation certificate available there as it's possible to export it from the API and thus miss the fact that it's revoked.

seems to handle this correctly.

There's a petition to Save the .org top level domain. Apparently, ICANN could still stop it from being sold.
savedotorg.org
I know, petitions rarely work, but I also know that _sometimes_ they do.
Please consider signing if you _run_ anything there, or if you _use_ or _care about_ anything that's on a .org domain. Also, boosting this to others who follow you, would be very much appreciated.
#SaveDotOrg

Mikaela Suomalainen's choices:

Mastodon 🔐 privacytools.io

Fast, secure and up-to-date instance. privacytools.io provides knowledge and tools to protect your privacy against global mass surveillance.

Website: privacytools.io
Matrix Chat: chat.privacytools.io
Support us on OpenCollective, your contributions are tax deductible!