wowana.me
website source
commit cb1c762397eb9602395b628a29346c541f16d610 parent b14754450cb91f2c053fbad78562308bfdf82700 Author: opal hart <opal@wowana.me> Date: Fri, 10 May 2019 06:09:42 +0000 xmllint & fix links Diffstat:
| M | src/blog/my-and-your-pgp-habits-could-be-better.md | | | 4 | ++-- |
| M | src/blog/why-program-efficiency-and-usability-matters.md | | | 1 | - |
| M | src/contact.md | | | 2 | +- |
| M | src/donate.md | | | 8 | ++++---- |
| M | src/index.md | | | 2 | +- |
5 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/src/blog/my-and-your-pgp-habits-could-be-better.md b/src/blog/my-and-your-pgp-habits-could-be-better.md @@ -7,7 +7,7 @@ what's the issue then? well, I don't always do it religiously. I used to have a there are some other issues with my current use of PGP. check to see if the following also applies to you: -* [creating a perfect keypair?](https://alexcabal.com/creating-the-perfect-gpg-keypair/) forget it. I don't have an airgapped device to do this safely. and even if I settled for a special removable medium, I used to have some trouble importing my stripped keypair into [OpenKeychain](https://openkeychain.org/). not to mention, the GnuPG utility – or any utility, for that matter – doesn't really have first-class support for this kind of scenario. there are a lot of issues with PGP's user experience, and I'll go into more detail with those later. +* [creating a perfect keypair?](https://alexcabal.com/creating-the-perfect-gpg-keypair/) forget it. I don't have an airgapped device to do this safely. and even if I settled for a special removable medium, I used to have some trouble importing my stripped keypair into [OpenKeychain](https://openkeychain.org/). not to mention, the GnuPG utility – or any utility, for that matter – doesn't really have first-class support for this kind of scenario. there are a lot of issues with PGP's user experience, and I'll go into more detail with those later. * confirming trust of keys by signing them? signing keys and publishing my signatures to keyservers? it's difficult for me to remember to do this. so far, I'm pretty sure I have signed fewer than a dozen other people's keys. * confirming keys in general? I do basic checking, but I don't know how much is enough. * maintaining my key properly? who knows, honestly. I have not had a religious policy for subkey creation, deletion, and renewal. nor do I really know what is the <q>optimal</q> practice for maintaining my key. @@ -21,6 +21,6 @@ here are some issues I have seen with others' use as well as when I have been tr and lastly, usability and interface issues. it feels like XMPP all over again, what with all the different clients and none of them implementing the full standard in a correct and easy-to-use manner. there are practically no full-featured GUI frontends for PGP, and the GnuPG commandline implementation discourages newbies (and even people like me) from figuring out how to correctly maintain personal keypairs and a full keyring. I use keys for different purposes (some for E-mail, others for download signing) and it isn't immediately obvious that I could probably have two or more keyrings for that. also, is it possible to attach metadata to PGP keys (such as your XMPP account, website, or anything else that could possibly help verify people)? if it's possible, I surely don't know how to do it, nor do I know where I can search for more information. -so, my suboptimal use of PGP is everyone's fault. and if you use PGP, you're probably using it suboptimally as well. I don't want to bash PGP outright for being a poor standard – I mean, come on, it has been around for decades, and it's still suggested by security professionals. but over those decades, *very little* has been done to change the state of affairs, and it's so easy to use it wrong. +so, my suboptimal use of PGP is everyone's fault. and if you use PGP, you're probably using it suboptimally as well. I don't want to bash PGP outright for being a poor standard – I mean, come on, it has been around for decades, and it's still suggested by security professionals. but over those decades, *very little* has been done to change the state of affairs, and it's so easy to use it wrong. as always, I accept E-mail replies to my posts, but I especially want to hear readers' thoughts on this. I want to gauge how others use PGP, and I want to see what others believe should be the <q>correct</q> way of using it. diff --git a/src/blog/why-program-efficiency-and-usability-matters.md b/src/blog/why-program-efficiency-and-usability-matters.md @@ -30,7 +30,6 @@ I'm making this post today because someone sent me a link to a post Casper Beyer > <q>Well, it works fine on my machine, and I only have 32 gigabytes of ram.</q> - Silicon Valley Developer, 2017 > > If that’s you, well then that’s good for you, but just because something performs <q>well enough</q> on your machine doesn’t mean there are not any performance problems. You are not your end-users, and you if you are a developer most likely do not run average hardware. -</blockquote> ^ I made this point in my 2016 rant -- people have different hardware and developers need to keep this in mind, lest they want their programs only to run on a small set of machines in the world. diff --git a/src/contact.md b/src/contact.md @@ -2,7 +2,7 @@ you can reach me via E-mail at <opal@wowana.me>, or if you use tor mail, <wowaname@vola7ileiax4ueow.onion>. -* [PGP is suggested.](/pgp) *please give me a well-formed PGP public key so I may reply.* +* [PGP is suggested.](/pgp.xht) *please give me a well-formed PGP public key so I may reply.* * if you E-mail me, *use a proper subject line or else I will not respond*. if you need an alternate contact method, please ask me over E-mail. I have semi-private XMPP, Discord, and IRC handles but I much prefer E-mail for correspondence from strangers. diff --git a/src/donate.md b/src/donate.md @@ -1,4 +1,4 @@ -# costs and donating</h2> +# costs and donating starting 2018 September, I will publicly track expenses and donations for my services. @@ -49,12 +49,13 @@ my servers and domains cost around *US$2 000 a year* to maintain: click on any name below to view details about the donation or earning. since Bitcoin is not anonymous and you can find these payments attached to my address anyway, I provide BTC/BCH transaction IDs in the details. -<ul> * <details> <summary><em>2019 non-donation (and unknown) earnings</em></summary> <p>~0.329 BTC since 2019 Apr 12</p> </details> -<hr/> + +---- + * <details> <summary><em>2018 non-donation (and unknown) earnings</em></summary> <p>~0.069 BTC</p> @@ -84,4 +85,3 @@ click on any name below to view details about the donation or earning. since Bit <p>Donated ~0.0009 BTC on <time datetime="2018-07-24T20:50" title="2018-06-30T13:49">2018 Jun 30</time></p> <pre>3655a53b4040a8b1171916f08868050b4a6e4231ed8ba7fd9bb8d8233baf926f</pre> </details> -</ul> diff --git a/src/index.md b/src/index.md @@ -3,7 +3,7 @@ I have a few things: * git: [git.volatile.bz/wowaname](/redir/git.volatile?cgit/wowaname) * microblogging: [@wowaname@anime.website](/redir/anime.website?users/wowaname) * nextcloud: wowaname@nx.volatile.bz -* E-mail and XMPP: [contact me](/contact) +* E-mail and XMPP: [contact me](/contact.xht) * [Volatile](/redir/volatile) * [krustykrab.restaurant](https://krustykrab.restaurant/)