When I perform a service for the community (commons), I am looking to do the following:
Generally; increase happiness as a result of my efforts.
- Improve the quality of life for my self.
- Improve the quality of life for others that exist now, as well as others that exist in the future.
I believe that quality of life is most easily compared to improving over the state of being a fudal serf:
- Education: Knowledge of Language: gain knowledge, participate in the creation of culture
- Education: Critical Thinking: recognize and solve problems
- Education: Logical Thinking: deconstruct and break down issues to manageable observations and subjective truths
- Empathy: recognize that the truths of others are frequently not the same as your own
- Compassion: desire for everyone to get ahead, not just the self
- Pragmatism: you still must save your self first so that you will have the strength to help others
- Liberty: Freedom to do what you want as long as it does not negatively impact someone else* (*failure to produce positive impacts is not a negative impact)
- Empowerment: aligning with others that share your interests and goals
Libre software (software liberty):
- Provides a language and commons that is centered on personal and organizational liberty for the infrastructure of computing that increasingly drive our lives
- Ensures that there is a level playing field, withholding advantages from individuals, corporations, and organizations that might use secrecy and obscurity to disadvantage end users
- Empowers all users with the freedom to take their data, their culture, their digital lives, and migrate to different Libre platforms.
Libre software helps to fulfill several important goals recognized as critical to freedom even 200 years ago, as seen in the US Constitution and the (US) Declaration of Independence.
- Freedom of Speech and Assembly; the ability to communicate ideas to others both in the present and future, without censorship or reservation (though others have no obligation to listen).
- Security of an individual's person, residence, 'papers' and property: Libre software and the communication of mathematical formulas and concepts there in allows for Strong Cryptographic locks and the communication of methods of handling secrets that promote information security.
- Liberty and the Persuit of Happiness, in my opinion, require freedom of speach, assembly, (thought), and security to think, to write, and to be the actual owner of the devices that are their possessions.
As a citizen of a culture that supposedly values leadership of the people, it is my responsibility as a citizen to help maintain and improve the health of that culture and it's people. To educate and empower them in their freedoms and responsibilities within that culture. It is not a task that I can do alone, but one that others must cooperate with.
outdated saved for historical reference
Sign the important things.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bitcoin Address as of 2014-03-12 : 19dxhXhjEFjikEPEVAR2Q2iwSiYNUriXw2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTITqkAAoJEGyZ1DO2zQg14NYIAJfb8pbBWOdXskwGxJFGovII 5zEFZFzLFpgRr1tReno9RPKi57+B2xb9w5Wcv/uhheJf4InFsplVyN8Ayd4skAAE 6hjRRlLj1gycc/cqVlvA4uOYHIZQteQiVgqbN2SVaQ+WRu7iW6DJ8QCEgKk3Uwf1 ITV6YXIuPRGbZiOJygKHaH6LieADZmWXu1IJ9zJ5urAJiq2xTIAwL6t2y6FeN+Yt QwfgrcRLoYdzbMH/L9RNwMMhJLta+Hk2ZA0B/A2WwztRRm6eRs2M55wQUScxzo9h H5jnO7XgQDdyLA6X9kDDhe5Fa1TOA68/gzfmZqzoZd+ae7RnoYRchqhZJBj5XC0= =49u5 -----END PGP SIGNATURE-----
Portable Security - Constructing your digital key-ring
db79d463072da26b91c14e08b5a77a77bec9476ad1e5b0d2241228e4d59233f12c74477e77d427e407e1f45da4d2414c76367554352f57480fc7c00dde164028 db79d463072da26b91c14e08b5a77a77bec9476ad1e5b0d2241228e4d59233f12c74477e77d427e407e1f45da4d2414c76367554352f57480fc7c00dde164028 e7e9433973f082a297793c3c5010b2c5 e7e9433973f082a297793c3c5010b2c5 debian-7.4.0-amd64-netinst.iso 015b0eadeac8e5fb18c74f62d1cc06fb2fbe3eb5 015b0eadeac8e5fb18c74f62d1cc06fb2fbe3eb5 debian-7.4.0-amd64-netinst.iso b712a141bc60269db217d3b3e456179bd6b181645f90e4aac9c42ed63de492e9 b712a141bc60269db217d3b3e456179bd6b181645f90e4aac9c42ed63de492e9 debian-7.4.0-amd64-netinst.iso
The NetInstall disk is the smallest Debian disk which is signed by their packaging system
Download sums + signature files from one system Download iso on another (with differenet network provider)
Validate sums + iso + etc
Create USB 'disk' from iso; verify to sums
Cold boot target environment with Install drive.
Install on to Target drive - Since I plan on using it mostly on my laptop I'm using the Laptop + Standard system utilities profiles. I de-selected Desktop since I want to pick a custom DE.
I added tmux, htop, keychain, an ssh-askpass, gnupg2, gnupg, seahorse (I'm a little confused; I can't seem to locate /any/ frontends which depend upon gnupg2?), firmware-* (most)
See https://wiki.debian.org/caff for setting up caff, I also suggest ssmtp for connecting to your smart mail gateway.
See http://wiki.debian.org/WiFi for wireless support.
Pragmatically, I'm using the non-free repository for the firmware blobs because those /should/ have either been burned in to ?ROM for the devices OR included in a system shared bios/kernel/firmware blobs basic flash FS. /where possible/ I intend to use open source drivers and other software.
If I were handling HUGE sums of currency (big target) I would prefer fully open devices; published hardware, firmware, and drivers.
echo 'APT::Default-Release "wheezy";' >> /etc/apt/apt.conf.d/00local-default-release nano -w /etc/apt/preferences.d/pinning Package: * Pin: release a=wheezy Pin-Priority: 991 Package: bitcoin-qt Pin: release a=unstable Pin-Priority: 995
- bitcoin-qt from debian - unstable
- multibit from multibit.org
In my case, I've created both a DSA and an RSA Master Key and added both a DSA and RSA signing subkey to my RSA Master Key.
For less trusted workstations the Master Key's secret key has been removed via the above procedure prior to export from my secure environment.
Make normal keys: RSA - 4096 bit, DSA + Elgamel 3072 bit
Generate Revocation Certificate
- gpg --list-keys
- gpg --output ~/.gnupg/revocation-certificate.KEYID.asc --gen-revoke KEYID
Make a backup
- cp -a ~/.gnupg ~/.gnupg-pre-subkeys
- gpg --list-keys
- gpg --edit-key MASTERKEY
- gpg> addkey
- (RSA/DSA) (Sign Only)
- etc, finish parameters to taste, the defaults are usually good here.
- Repeat addkey as desired, I added /both/ an RSA and a DSA subkey
- gpg> save
Exporting Public Keys
- gpg --list-keys
- gpg --export KEYID > /run/lock/tmpfs-temp-public-key.asc
Exporting Primary Key
- DANGER: Normally you won't do this... just make a backup of your key-ring.
- gpg --export-secret-keys KEYID > /run/lock/tmpfs-temp-secret.asc
- gpg --list-secret-keys
- NOTE: "When using gpg an exclamation mark (!) may be appended to force using the specified primary or secondary key and not to try and calculate which primary or secondary key to use."
- gpg --export-secret-subkeys SUBKEYID! ... SUBKEYIDn! > /run/lock/tmpfs-temp-subkeys.asc
Remove Master Key (retain subkeys)
- Backup your keyring. No really. Back it up.
- umask 077 ; cp -a ~/.gnupg ~/.gnupg-$(date +%Y%m%d-%H%M%S)
- Export Primary (public) Key (as above)
- Export Secret Subkeys (as above)
- gpg --delete-secret-key MAINSECRETKEY
- gpg --import /run/lock/tmpfs-temp-public-key.asc /run/lock/tmpfs-temp-subkeys.asc
- gpg -K
- should now show sec# indicating the secret subkey is missing
- The subkeyring can now be backed up and restored on less trusted devices.
Signing keys manually
- gpg -K
- gpg -u ID|PUB|KEY|SUBKEY --sign-key ID|PUB|KEY|SUBKEY
Secure a file
- gpg --output secret-file.orig.asc --encrypt --recipient KEYID secret-file.orig
Open a secure file
- gpg --output clear-file.txt --decrypt secret-file.orgi.asc
How to revoke a subkey (only)
gpg2 --edit (keyid/ref) # Select the UID of the primary key container gpg> list gpg> uid (number) # Select the key (number) from the list of keys... NOTE THE * indicating which key(s) are selected. gpg> key (number) gpg> revkey gpg> list # You didn't quite get it right, abort the edit. gpg> quit # If you're happy, and you're really sure that this is a correct change set... gpg> save