diff options
| -rw-r--r-- | hw/talk/oslo.mkd | 124 | ||||
| -rw-r--r-- | me/index.rdf | 21 | ||||
| -rw-r--r-- | me/index.rdf_sig.pgp | 26 | ||||
| -rw-r--r-- | me/index.ttl | 18 |
4 files changed, 150 insertions, 39 deletions
diff --git a/hw/talk/oslo.mkd b/hw/talk/oslo.mkd new file mode 100644 index 0000000..01a6b26 --- /dev/null +++ b/hw/talk/oslo.mkd @@ -0,0 +1,124 @@ +% Trustworthy computers +% Jonas Smedegaard +% Oslo, Norway, January 9th, 2018 + +# Overview + + * "Secure" is bullshit + * Trustworthy systems + * Trustworthy computers + * Not just you + * Conclusion + +# "Secure" is bullshit + + >* **Secure** covers anything and everything + * Secure = stable + * Secure = boring + +# Keep safe from harm + + * Nothing to hide... + +# Keep safe from harm + + * Nothing to hide, loose, hijack, disturb, disrupt, block, plagiate, impersonate... + * No precious digital information or activites + +# Keep safe - establish trust + + * Free software, actively and carefully maintained + +# Systems + +Debian +: Avoid addons (install e.g. Firefox plugins only from Debian) + +LineageOS (or Replicant) +: Addons from [F-Droid][] and the [Guardian Project][guardian] + +[F-Droid]: https://f-droid.org/ + "F-Droid app manager for Android" +[guardian]: https://guardianproject.info/fdroid/ + "Android app repository, by the Guardian Project" + +# Keep safe - establish trust + + * Free software, actively and carefully maintained + * Free hardware, actively and carefully maintained + +# Computers - recommended + +Phone +: Medium: Refurbished [Samsung Galaxy S3 (i9300)][i9300] + +Desktop / Home server +: Most [Linux-ready desktop PC][pc] (avoid NVIDIA/Broadcom stuff) +: Light: [Olimex LIME2][lime2] + +Laptop +: Medium: Refurbished [LibreBoot T400][t400] +: Strong: Purism [Librem 13 or 15][librem] + +# Computers - recommended later/assisted + +Phone +: (Light [tricky]: Refurbished [Nokia N900][n900]) +: Medium: Refurbished [Samsung Galaxy S3 (i9300)][i9300] +: (Medium [future]: [Neo900][neo900]) +: (Strong [future]: Purism [Librem 5][librem]) + +Desktop / Home server +: Most [Linux-ready desktop PC][pc] (avoid NVIDIA/Broadcom stuff) +: Light: [Olimex LIME2][lime2] + +Laptop +: (Light [tricky]: [ASUS ChromeBook C201][c201]) +: (Light [tricky]: Olimex TERES-1) +: Medium: Refurbished [LibreBoot T400][t400] +: Strong: Purism [Librem 13 or 15][librem] + +[n900]: https://en.wikipedia.org/wiki/Nokia_N900 + "N900, by Nokia" +[neo900]: http://neo900.org/ + "Neo900" +[i9300]: https://en.wikipedia.org/wiki/Samsung_Galaxy_S_III + "Galaxy S3 (i9300), by Samsung" +[pc]: https://linuxpreloaded.com/ + "Linux-ready desktop PC (avoid NVIDIA/Broadcom stuff)" +[lime2]: https://en.wikipedia.org/wiki/OLinuXino#A20-OLinuXino-LIME2 + "OLinuXino LIME2, by Olimex" +[c201]: https://en.wikipedia.org/wiki/Chromebook#List_of_Chromebooks + "Chromebook C201, by ASUS" +[t400]: https://minifree.org/product/libreboot-t400/ + "LibreBoot T400, by Ministry of Freedom" +[librem]: https://en.wikipedia.org/wiki/Purism,_SPC#Products + "Librem computers, by Purism" + +# Keep friends safe too + + >* Help your friends stay safe too + * Help your enemies as well + * fsociety + +# Keep safe - Blind trust is for babies + +Blind trust = giving up control = **non-free** + +# Keep safe - Trust paths + + * Debian secured by PGP Web-of-Trust + * Debian operates transparently, securing sane choices through "mockery guarantee" + * Free software - "Given enough eyeballs, all bugs shallow" + * Open Source Hardware secures longevity: Create spare parts independently + +# The end + + * Don't blindly trust promises of "secure" or "safe". + * Don't blindly trust me. + * Trust what convinces you is trustworthy! + * Discuss your assessments with friends and anyone. + * Get elected, and integrate into laws. + +Me: <dr@jones.dk> +This talk: <http://dr.jones.dk/hw/oslo/> diff --git a/me/index.rdf b/me/index.rdf index bb71b23..8e8fdc0 100644 --- a/me/index.rdf +++ b/me/index.rdf @@ -19,7 +19,6 @@ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:rel="http://purl.org/vocab/relationship/" - xmlns:rsa="http://www.w3.org/ns/auth/rsa#" xmlns:state="http://www.daml.ri.cmu.edu/ont/State.daml#" xmlns:trust="http://trust.mindswap.org/ont/trust.owl#" xmlns:usstate="http://www.daml.ri.cmu.edu/ont/USRegionState.daml#" @@ -491,6 +490,13 @@ <air:sameIndividualAs rdf:resource="http://www.daml.org/cgi-bin/airport?RKE"/> </wn:Airport> </contact:nearestAirport> + <cert:key> + <cert:RSAPublicKey> + <cert:exponent rdf:datatype="http://www.w3.org/2001/XMLSchema#integer">65537</cert:exponent> + <cert:identity rdf:resource="#me"/> + <cert:modulus rdf:datatype="http://www.w3.org/2001/XMLSchema#hexBinary">c66aefe1853019570751c9cd45deede0133539e5b9c45045b156ce1057e3a19e292517ae36382801a2714a615cfa66a8687ccdb753c4fd1d868c28d71a8135b285bcf4a9b4e1b9558caaf6b8eb4995a1d996c29e09739faba85c2f7144ab44fa829b9ec6df51a8107587187107fa4d9ed489b7be9d1f8a523e8470c308a9fe79</cert:modulus> + </cert:RSAPublicKey> + </cert:key> <foaf:account> <foaf:OnlineAccount> <foaf:accountName>jonas.smedegaard</foaf:accountName> @@ -730,17 +736,4 @@ <wot:PubKey> <wot:pubkeyAddress rdf:resource="index.rdf_sig.pgp"/> </wot:PubKey> - <rsa:RSAPublicKey> - <cert:identity rdf:resource="#me"/> - <rsa:modulus> - <rdf:Description> - <cert:hex>f37ff8c4c76b7cfbcb325e8cf26338d1f7fc9327806fb03a1755aae657bb64cf6e65d1eb55c6674ef3caf58c4cdc798d8882eb0788e5373152364f8a3c083203af85a641ff347b10645f865b5010960da4a0c1952096fe05599a6e9d8e2e04f5adcd88c74ce1394f0ef0134293be471846f76e5916add9bf84caf92c96df0d81</cert:hex> - </rdf:Description> - </rsa:modulus> - <rsa:public_exponent> - <rdf:Description> - <cert:decimal>65537</cert:decimal> - </rdf:Description> - </rsa:public_exponent> - </rsa:RSAPublicKey> </rdf:RDF> diff --git a/me/index.rdf_sig.pgp b/me/index.rdf_sig.pgp index 213a461..417300d 100644 --- a/me/index.rdf_sig.pgp +++ b/me/index.rdf_sig.pgp @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAloclQ8ACgkQLHwxRsGg -ASE9Eg//W4gGCQmPa016Ovq2As/6F+osh9TF1jM0XRAynfa5xUn+58cJ429XJ1ck -2NQXKQU9RHNjuB3516ZlusLyQRKYqSD32oylTZENdhSWXxOvzMzvBolJoy+vJ8iX -0vqHsH1vwrejzDibIAZWXLIZ4qnPrCtRyFl5OzP+7lwJ3sbFWx4enBjXxumQKyfM -hKWCXVWQ1zjbTaRxWVK4qrOlFjBOh6WV/Z08dSSmZ4ojyVoOy9WsgoyOh6f4jEV7 -PTG1nPBYqjE88L5bblo3a4+iq8Nfi/R+aBE6CA5SAuJtk83m2GigkcURKiddV55I -OotpDbRc55B3CXWyfQJvHjdvpziA1EicKS/GP039sL7foJFLcCafzXMh7Z01NCHJ -FfI7rXQ/5vrZrExJ4WqQOU8j3kQVocj4aAmKFp8z9//afdAnOqtAuii16KBVGL/l -hku9Eig3d0EGNRfMY8PJdeKSHxnIhx43zNQ7dnZytnY3SH4b7ZvIFsTvRrhykuCs -LLBkGr+ooO9SpOq+qJAM/RtJUjDdmCkpa6vNVjg86NrB7EhqO32vwKLX9cWbQzuF -tMyJwAZmHlgZDzu9P6VE2DImQI1FuafbaTidEJHCD4iI5jELMaVgdr1UBUwUdvO4 -7KxLha/UuvWhoPyUghsiR27+t7FvSaI6EpyiVH1imfA2m9sGItI= -=g3Me +iQIzBAABCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAlpvAEsACgkQLHwxRsGg +ASGp9Q//bocsHWQI9t72Z9QGv4vuEmwfNOxzHn7IGQ4i1wfJ+Mt42466Rk9dheVZ +ZJaMP5tQnkmodA3m1CLcTcRk19RoTvGrgkp/n7GeSy98kdG8lTqbfggBHZ8tvM3H +YHa2VBjynezDgraTxKy65SfNBBxouKpmEojDwLUR/nvFj8QUfLD7gfuFpq+okVKm +D+sWeNPCsxVvc9LVNJT0txvpguMqrQffUkLdlMjJa9fXG1e+Jjw5sRbcKPRkXosN +fPwvlplswJ8p7b3wbvih0x5yv1b8Kfdq/L1PbRI4+8yTTwMA54qUXxQzYp/6HRXl +42SOeMoeXS7jBCfUAQ6Sd3v+OxGeBJVVRlk8OxzKcOmvVvAVx8SUb8a3+U9hTZK0 +/fQPOMvJs81jIUi8uUghFLfB2OodLdz98Y5+3nAjj+UCSZKHYLzruBj5THHcJSEi +U+ggOThqcHkAm+w42Y+xoFseGjWI4mntDJF6aP/81APQNyBxMwZUYXtJstuDkDH/ +fC6+m6IejU4NKRtiO/4kBNZGUzR+s+9u8g2THeJP0/nDdsr3OKmM8IWoGCs0CqGZ +q9ahwPTeyR+H03GE49KJ1W3z0oxglfpkQqSbojjnH90irxKC9mgZ4GqZFmFsTtJ0 +eyA+NIXWhhbe2I6zwVTL4fsNmxbHY8sMSJvzD5bxxTMrfq2LvMg= +=hM46 -----END PGP SIGNATURE----- diff --git a/me/index.ttl b/me/index.ttl index 459e5cc..1849335 100644 --- a/me/index.ttl +++ b/me/index.ttl @@ -19,7 +19,6 @@ @prefix lang: <http://purl.org/net/inkel/rdf/schemas/lang/1.1#> . @prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> . @prefix rel: <http://purl.org/vocab/relationship/> . -@prefix rsa: <http://www.w3.org/ns/auth/rsa#> . @prefix state: <http://www.daml.ri.cmu.edu/ont/State.daml#> . @prefix trust: <http://trust.mindswap.org/ont/trust.owl#> . @prefix usstate: <http://www.daml.ri.cmu.edu/ont/USRegionState.daml#> . @@ -202,6 +201,12 @@ dbpedia:Linux bio:olb "Jonas Smedegaard is a freelance systems administrator and developer working with resource sharing within and between organisations, mostly schools and NGOs; designing systems both intuitive to use, strictly based on open standards, and purely built from Free Software.", "Jonas Smedegaard er selvstændig systemadministrator og udvikler med resourcedeling mellem organisationer som speciale, mest skoler og NGOer; designer systemer som er både intuitive at bruge, baseret udelukkende på åbne standarder, og bygget alene med Fri Software."@da ; a foaf:Person ; rdfs:seeAlso <facebook/#me>, <linkedin>, <presence/#me> ; + cert:key [ + a cert:RSAPublicKey ; + cert:identity :me ; + cert:exponent 65537 ; + cert:modulus "c66aefe1853019570751c9cd45deede0133539e5b9c45045b156ce1057e3a19e292517ae36382801a2714a615cfa66a8687ccdb753c4fd1d868c28d71a8135b285bcf4a9b4e1b9558caaf6b8eb4995a1d996c29e09739faba85c2f7144ab44fa829b9ec6df51a8107587187107fa4d9ed489b7be9d1f8a523e8470c308a9fe79"^^<http://www.w3.org/2001/XMLSchema#hexBinary> + ] ; contact:home [ contact:address [ contact:city "Holbæk" ; @@ -615,14 +620,3 @@ usstate:NY [] a wot:PubKey ; wot:pubkeyAddress <index.rdf_sig.pgp> . - -[] - a rsa:RSAPublicKey ; - cert:identity :me ; - rsa:modulus [ - cert:hex "f37ff8c4c76b7cfbcb325e8cf26338d1f7fc9327806fb03a1755aae657bb64cf6e65d1eb55c6674ef3caf58c4cdc798d8882eb0788e5373152364f8a3c083203af85a641ff347b10645f865b5010960da4a0c1952096fe05599a6e9d8e2e04f5adcd88c74ce1394f0ef0134293be471846f76e5916add9bf84caf92c96df0d81" - ] ; - rsa:public_exponent [ - cert:decimal "65537" - ] . - |