Article on fun things you can do with your PGP/GnuPG key - So I finally got around to posting an article on the topic of fun things you can do with your PGP/GnuPG key beyond the usual signing/encrypting of files and e-mail. I will be very interested to see what response are posted.
H.323 security advisory - A good bit of time about a week ago (sheesh, it's been a bit since I've written!) was consumed by the widely reported H.323 vulnerability. I was able to get a statement posted there about our (Mitel Networks) lack of vulnerabilities (with one exception still under investigation). Still working on getting such a statement posted at CERT as that is being much more of an involved process to get set up with CERT.
MIMAIL/MyDoom/Novarg - And how many virus alerts did you receive today? Our anti-virus software caught the messages, of course, but our inboxes filled up with "A virus has been detected...", etc.
Not a fun day to be in a corporate IT department...
MacOS X articles - If you haven't seen it, Tony Lawrence's collection of MacOS X essays makes for a fun read. He has an entertaining style along with good technical info. I enjoyed the one about why his wife hates his Mac. Fun stuff.
Ice Palace movie - forrest: Very cool! Thanks for sharing it.
RSS Aggregator for Windows? - All of the recent discussion about RSS made me interested in checking it out again, but unfortunately my desktop is Windows. Any opinions about what is the best RSS aggegator for that other operating system? (Thanks)
GnuPG/PGP - Recursively Retrieving Keys - One of the small annoyances with GnuPG, or any of the PGP variants I have so far seen, is that there does not seem to be an easy way to recursively retrieve keys from the public key servers.
Now, why would you want to do this? Primarily because if you import someone's key and do a "gpg --list-sigs" with their keyid, you see the names of people you already have in your keyring who happen to have signed this person's key - and a whole bunch of key ids that are really meaningless. Sometimes, not always, but sometimes you just wish you could pull into your keyring all the keys for someone whose key you have.
It's like 'gpg' needs to have a "-r 1" to recurse 1 level and pull down those keys. (If you just left it open you might wind up pulling down the whole web of trust and tens of thousands of keys later......) A colleague found that he could do it this way (where the 'x's are for the key id):
gpg --list-sigs xxxxxxxx | cut -b 13-20 | xargs gpg --recv-keys
but that's not overly fun. It would be nice if there was some simpler way. (And yes, I could write it, but I don't even remotely have the time to think about that let alone write a patch that could do it.)
WoT stats - Amazingly, although I haven't attended any keysignings for quite a while, I'm still 536 on the top 1000. Pretty wild, given that most of that comes from going to the OLS keysigning last year, as well as a OCLUG keysigning.
PGP for Panther - Interesting column about the PGP Freeware 8.0.3 version for MacOS 10.3. As the comment suggests, there is also GPGMail that works with Apple's Mail program and GnuPG. Still, interesting to see the review of PGP freeware for the Mac.
Green Vehicles - jdhildeb: Thank you for the link to the EPA's Green Vehicle Guide. Good stuff. Glad to see that Subaru's wagons rate highly, at least for 2004. (Our 1996 Subaru wagon, I am sure, no longer rates that highly.)
Children - Congratulations, chalst! May she bring as much joy to your lives as our wee one has to ours!