Article on fun things you can do
with your PGP/GnuPG key - So I
finally got around to
posting an article on
the topic of fun things you can do with your PGP/GnuPG key beyond the usual
signing/encrypting of files and e-mail. I will be very interested to see
what response are posted.
H.323 security advisory - A good bit of time about a week ago (sheesh, it's been a bit since I've written!) was consumed by the
widely reported
H.323 vulnerability. I was able to get a statement posted there
about our (Mitel Networks) lack of vulnerabilities (with one exception still
under investigation). Still working on getting such a statement posted at
CERT as that is being much more of an involved process to get set up with CERT.
MIMAIL/MyDoom/Novarg - And how
many virus alerts
did you receive today? Our anti-virus software caught the messages, of course, but our inboxes filled up with "A virus has been detected...", etc.
Not a fun day to be in a corporate IT department...
MacOS X articles - If you haven't
seen it, Tony Lawrence's collection of
MacOS X essays makes for a fun read. He has an entertaining style
along with good technical info. I enjoyed the one about why his wife hates his Mac. Fun stuff.
Ice Palace movie -
forrest: Very cool! Thanks for sharing it.
RSS Aggregator for Windows? - All of
the recent discussion about RSS made me interested in checking it out again,
but unfortunately my desktop is Windows. Any opinions about what is the best
RSS aggegator for that other operating system? (Thanks)
GnuPG/PGP - Recursively Retrieving
Keys - One of the small annoyances with
GnuPG, or any of the PGP variants I
have so far seen, is that there does not seem to be an easy way to
recursively retrieve keys from the public key servers.
Now, why would you want to do this? Primarily because if you import
someone's key and do a "gpg --list-sigs" with their keyid, you see the
names of people you already have in your keyring who happen to have signed
this person's key - and a whole bunch of key ids that are really meaningless.
Sometimes, not always, but sometimes you just wish you could pull into your
keyring all the keys for someone whose key you have.
It's like 'gpg' needs to have a "-r 1" to recurse 1 level and pull down those keys. (If you just left it open you might wind up pulling down the whole web of trust and tens of thousands of keys later......) A colleague found that he
could do it this way (where the 'x's are for the key id):
gpg --list-sigs xxxxxxxx | cut -b 13-20 | xargs gpg --recv-keys
but that's not overly fun. It would be nice if there was some simpler way.
(And yes, I could write it, but I don't even remotely have the time to think
about that let alone write a patch that could do it.)
WoT stats - Amazingly, although
I haven't attended any keysignings for quite a while, I'm still 536 on
the
top 1000. Pretty wild, given that most of that comes from going
to the OLS keysigning last year,
as well as a OCLUG keysigning.
PGP for Panther - Interesting
column about the PGP Freeware 8.0.3 version for MacOS 10.3.
As the comment suggests, there is also
GPGMail that works with Apple's Mail program and
GnuPG. Still, interesting to see
the review of PGP freeware for the Mac.
Green Vehicles -
jdhildeb: Thank you for the link to the EPA's
Green Vehicle Guide. Good stuff.
Glad to see that Subaru's wagons rate highly, at least for 2004. (Our 1996
Subaru wagon, I am sure, no longer rates that highly.)
Children - Congratulations,
chalst! May she bring as much joy to your lives as our
wee one has to ours!