Thursday, December 30, 2021

LibreOffice PGP key

I had a somewhat difficult time tracking down the LibreOffice OpenPGP signing key. The signing public key is handy for verifying the integrity and authenticity of a download such as an installation or update to the office suite. I am still unsure of which key is the right one since there does not seem to be a note of their key fingerprint on their website that I can see.


So if anyone is looking for their key to check if your download is authentic, then here is what I found.


I searched until I found this forum page: https://ask.libreoffice.org/t/where-is-the-signing-public-gpg-pgp-key-the-libreoffice-webpage/11606

That lead me to this mailing list archive: https://listarchives.libreoffice.org/global/users/2013/msg00712.html

Then the referenced key-server page would not connect securely due to some SSL error so I searched here: https://pgp.mit.edu/

I searched for the referenced keyID... not the full fingerprint because that was not something I could find. Here is the key ID and search result:

The file you can download has the fingerprint:  C2839ECAD9408FBE9531C3E9F434A1EFAFEEAEA3

Which with spaces is: C283 9ECA D940 8FBE 9531  C3E9 F434 A1EF AFEE AEA3

 


If anyone has any confirmation of this fingerprint belonging to the LibreOffice people then please let me know so I can revise this post and show that it can be trusted.

If anyone has a trusted fingerprint and thinks this one is bogus or forged... then DEFINETLY let me know so I can revise this page and show which one is real


However, it did verify a GPG signature of my last download from the LibreOffice website so it's probably a legitimate key.

Saturday, October 16, 2021

Email was never, is never, and can never be secure... OpenPGP can help with some of that.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

 Most people do not think about security or privacy when using email. Email was never designed for security or privacy. From the beginning, email was not secure and was not designed for privacy. OpenPGP will make email more secure, but it cannot encrypt the subject or the metadata (essentially data about data, like who sent the message, and to whom it was sent).

 What OpenPGP does is it can encrypt the message body so that only the intended recipients will be able to read the message. OpenPGP uses public key encryption. This is different from symmetric key based systems in that symmetric encryption relies on the recipients (all of them) having a shared secret that the all know... obviously this means on would have to physically meet all of the recipients to securely share the secret... kind of difficult to do that for people you cannot physically meet with. OpenPGP uses a system more like what is used by your web browser to securely download this post (HTTPS). Asymmetric or public key encryption relies on very complex math that is really, really, really hard to reverse compared to how much effort is needed to calculate the function normally. Essentially you keep a set of numbers, these numbers are kept in a special file so you don't have to remember them. The special numbers are mathematically related so that if I encrypt with the public set of numbers as the key, only your private numbers can be used to decrypt the message and vice versa. In a nutshell, OpenPGP leverages some clever math and programming to scramble data that you wish to protect in a manner than can only be reversed by people who know the secret key used to encrypt the message. This means that if someone wants to read anything protected by OpenPGP without the secret part of the key files, they would need an insane amount of effort to understand the message. This is not effort needed to crack a vault... actually a vault would be about a trillion times less difficult to crack than an OpenPGP key. The amount of work a computer would need to do to reverse engineer your keys would use enough energy to bring the oceans to a boil... Hence the name Open Pretty Good Privacy.

 Using OpenPGP is actually fairly easy. The most difficult part is finding out how to use it... PGP users are not always good at explaining how and why to do things... though there are a few really good tutorials out there. Linux users usually already have an OpenPGP compatible program on their systems, their systems actually use OpenPGP to verify the integrity and source of their updates and installations of programs. OpenPGP can still be used on Mac and Windows based computers as well as most smartphones but it usually is not pre-installed on them like it is on many Linux systems. OpenPGP is not a program that you can install, this can be confusing to some but OpenPGP is the name of the standard that many good programs use. The program I would recommend is the Gnu Privacy Guard or GPG for short. The GPG website has a list of programs for most platforms that are fairly good as well as detailed instruction on how to safely and securely install their program.

 GPG like any other security program is best installed directly from trusted sources such as the repository on Linux systems (like an "App Store" but everything is free) or in the case of GnuPG (GPG) the developer's website is sufficiently trustworthy since the developers are trustworthy. The other thing that makes GPG trustworthy is that the source code is open to be viewed by the public, and there are people who are far smarter than anyone that most people will ever meet who do look at this code and verify that nothing suspicious is happening. OpenPGP also does not have any central key signing authority so there is no company one must pay to become verified, instead it relies on a model known as the web-of-trust which is a little like asking a trusted friend if someone online really is who they claim to be. Basically you may need to know if someone claiming to be someone really is that person and you have not been able to meet in-person to verify their identity... if someone you trust has met this person then they can vouch for this person's identity.

 This is slightly oversimplified and so sounds more complex than it is in practice. Many people may not think they need the security that OpenPGP can provide but another reason to use it is that there are users that genuinely need the security this system can provide and they can use OpenPGP with more success if more people can use OpenPGP. OpenPGP is like a telephone... it works best if you have someone else to converse with. One major example of a legitimate use for OpenPGP would be people communicating with journalists, not all countries are tolerant of journalism and a free press so they may use heavy handed tactics such as dispatching their police forces on perfectly peaceful civilians if they learn of their identities. If everyone or at least a large number of people are using OpenPGP then the one person needing the security it provides for life and death matters can more easily stay safe since they cannot be singled out of the crowd.

 Please consider using OpenPGP, programs exist that can integrate with most email providers and it can also be used for a vast array of privacy and security related tasks. Considering all the functionality OpenPGP provides it really is not that difficult to use. OpenPGP is far more than just email encryption, it also has the ability to function like a digital identity that is decentralized by design and still really secure. OpenPGP can be used to protect sensitive documents and also to and and remove something called ASCII Armour... which is a way to transform any file into a format that uses nothing but letters and numbers for transmission over mediums that cannot handle normal files (email usually does this internally because some email services will corrupt files that are not transformed this way).

 Given how long OpenPGP has been available, I am somewhat disappointed that most people have never heard of it. Even if you have not heard of OpenPGP until today, you can be sure that it was one of the technical inventions that make the modern world possible since it was one of the foundations that allowed us civilians to use strong encryption that we take for granted such as the HTTPS standard that most websites support, and is a necessity for things like online banking. Encryption is not just for the so called "bad guys" but instead is the best tool (and often only tool) to protect the general public from said "bad guys". With strong cryptography, even the full power of an enemy nation-state cannot break even the keys of the average civilian in any reasonable time frame (reasonable being in less than 100 000 years running the attack on a large super computer).
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQTdEHZzdRj88+sPHs2DGTsp04R9UwUCY9YGbwAKCRCDGTsp04R9
Uy2CAP9pysEVL/MxQmeXK13chEATu7UVQ+vtNbJb6SR2SPJSqwD/YEOkT+J1TA55
7dQ3rx/RoFc4I3+JuGjk3usiyGoNsA4=
=/OW1
-----END PGP SIGNATURE-----

Monday, August 30, 2021

Dell XPS 7590 review after one year of usage.

Last summer I bought a new laptop because my ASUS K501UX was literally falling apart. This new laptop was the Dell XPS 7590. Good but has some room for improvement. I flashed the SSD to an external image file on an external drive so that I would be able to flash the machine back to factory defaults if I ever needed to. This is my personal standard practice when getting a new laptop. I am happy with the machine and while it is not the very best of machines it was the best decision I could have made at the time given the constraints I had to work with. I hope someone at Dell sees this and will consider some of my suggestions.


I installed Linux Mint 20 on the machine immediately after confirming it all worked and that I would not be sending it back for any defective parts related reasons. It actually ran Linux mostly fine but the graphics chip just would not shut down and was burning through a battery in less than two hours that normally lasts for eleven hours. Oddly enough I solved this power draw issue when I installed the Nvidia drivers and set the GPU to maximum performance... not sure why. The best battery life I get is when the laptop has the graphics driver set to "ondemand" mode and for some reason the GPU starts drawing its full power whenever constantly whenever the "powersave" mode is selected that should in theory power off the Nvidia GPU and only use the Intel one.


Compatibility is good. It runs Linux almost the way I want and this unit has been a far better experience than my ASUS K501UX has ever been... though it did cost a lot more to buy so that might have something to do with that. However, the number of USB ports could be improved because I only have three ports total if I include the USB type C port. I would have liked to see a second USB A port or USB C port on the right hand side of the machine where the battery meter is located (love that meter though, quite handy).


I have a few issues I want to see on future models moving forward if they're not already in current XPS models.

  1. The display while not bad for color once calibrated should - ideally -  not have a strong green tint to it. Displaycal was not happy with me about that... but it does look alright once calibrated.
  2. The display in the base model is really slow for a modern laptop. Fine for office work or photography but anything with significant motion is going to show slight streaks on the display even at the relatively slow but standard 60hz refresh rate. Please make the display pixels a little faster because even at 60hz the mouse makes trails rather than discrete images of the pointer.
  3. Cleaner audio circuitry would have been nice to have, the included headphone jack is not bad and not exactly to be taken for granted these days but I would like to not be able to hear a hissing in the background when a quiet but not silent sound is playing (the amp cuts out during silence to mask its hissing, clever but I can hear it cut in and out a little too much)
  4. Ports. We need ports. USB A is not yet dead which is why I got the last model with both USB C and USB A (both the rounded and square USB ports for the less tech savy). Please add another USB port either type A or type C for a total of four ports because that makes things so much easier when trying to keep a mouse dongle plugged in.
  5. CPU. The Intel CPU was king in laptops for a while but now they have fallen behind AMD for power usage and performance. If at all possible please make a model with either an AMD or ARM CPU even if that means scrapping the Nvidia graphics for those models.
  6. Graphics. The GPU from Nvidia is not slow and performs well in my limited use case but there is a huge amount of lag on the screen. This is not present when something is running on the Intel graphics. Please either wire the GPU to either the HDMI or to the USB C DisplayPort Alt mode or use a MUX chip (allows both GPUs to talk to all displays and switches them for you) so the GPU can draw directly to the screen and there will be no noticeable lag.
  7. Linux. The 13 inch version has a "developer edition" model that ships with Linux preloaded. Even if price is the same I would love to see officially supported Linux preloaded on the 15 inch version preferably with some basic optimizations for the graphics and battery life.
  8. Keyboard. It's not bad but I would prefer more key travel and some slight tweaks even at the cost of one more millimetre extra thickness.
  9. Basic ability to tune the fan curves would be nice since I would prefer to have the fans more aggressively ramp up for more performance when plugged in but keep their current and quiet profile when on battery.
  10. If possible I would like some Ethernet port even if its a folding port or something. I rarely use Ethernet when not gaming because the Wifi 6 card is really fast but there are rare times where Ethernet makes my life so much easier but if I forget my dongle then I cannot use Ethernet... Even a low quality connector for Ethernet would suffice for me for the once a month I need Ethernet.

Overall this machine is not bad even though it does not have a Linux preloaded option. I have not tested on Windows nor do I intend to run Windows on it ever again. My next machine will likely be a gaming machine though for their superior cooling systems that allow the CPU to run faster for longer and also for their usually slightly better keyboards with more travel due in part to the thicker case they have to make room for airflow. I may buy another Dell in the future because I like to support them releasing a service manual and selling parts like the battery. The ability to repair a device even in theory makes the device feel like it's yours rather than a leased unit the belongs to someone else. I like that it can charge on USB C PD power adapters so I can leave the full power charger at home and save on weight and space in my bag. Even though it only does 60 watt USB Power Delivery from a non-Dell adapter, just having the option to use a universal power adapter than can replace my phone charger is really handy. Mind you it still uses the old style barrel jack for most of the charging which I really don't mind so long as it has 30 or 60 watt USB Power Delivery compatibility for those times I am unable to lug around the included charger.


I did not mention the webcam because like most laptops it is unusably bad. I have been on video calls with others using their laptop webcams from all different manufacturers and they are generally low quality thanks in part to their pitiful size optics and sensor along with the generally poor lighting that most people have near their PC... I never use the included webcam in my devices and generally disable them in the BIOS settings so the system and programs are not even aware there is a webcam. I plan to remove the wires powering the webcam if I ever find out where they are in the machine at some point.I recommend using your phone camera instead of a webcam since everyone has a phone these days and their cameras have smarter computer algorithms and better optics behind them than a laptop webcam. Personally I use a Nikon Z5 mirrorless camera with its massive full frame sized sensor (FX format in Nikon land means full frame). Because the sensor is the size of a 35mm film exposure and the lenses were made to specs that professional photographers can use, my camera will decimate any and all webcams in any and all lighting. However I do not recommend people drop a few grand on photography gear just to do a video call... even if everyone notices how much clearer and cleaner my video feed is compared to their phone's "selfie" camera or their laptop webcam. The rear camera on a modern phone is good enough for most video conferences and doesn't cost you anything extra to use since you already bought the cell phone for other reasons. I use the large camera so I can get away with dimmer lights that I find more comfortable and also because I already bought the camera because I got interested in photography so for me the cost to use the camera was essentially zero.


I would have preferred Dell add a second NVMe slot for a second SSD so I could maybe keep a copy of Windows on a small SSD and keep Linux on the main SSD or keep a Windows virtual machine on the second SSD and Linux of the main SSD or even just use the second SSD as a media and bulk storage slot with a cheap SSD to keep my main (and expensive) SSD free from my media library thus allowing more write cycles on the main SSD before failure. SSD drives last a long time but each cell wears out a little each time it get written to, most SSDs have a ton of cells due to being hundreds of gigabytes to a few terabytes in size and also have smart wear leveling programming that extends their lifespan by spreading out all the wear so no one area fails before the entire drive is pooched. Empty SSDs can spread wear out easier and thus will be able to write data faster than a full drive and will also survive more data being written before they wear out... it also allows me to keep my media and games on one drive and just move that from laptop to laptop without having to actually copy anything over... even with my network where files are stored on a local NAS and not on "the cloud" this is a significant time savings because most of my network is standard gigabit speeds... or Wi-Fi which is even slower than normal Ethernet, but most people store their files on "the cloud" which is really just a fancy way to say their data is stored on some server farm somewhere in the world and would have to be downloaded at the painfully slow speeds most people call residential internet. A local NAS is faster than the traditional cloud but even it is far slower than the time it takes me to transfer the data that could be stored on a large secondary SSD by physically moving the SSD into the new machine.


Dell was not my first choice but they were an okay choice. Lets hope they improve their line up in the future. The XPS is good but not as great as I would have wanted for the price I paid... though its not like there were any better options for me at the time... at least in the under $4000 CAD price bracket. I prefer not to spend four grand on a laptop if I can avoid doing so. I would rather save that money for something more meaningful like a camping trip with friends or something.

Tuesday, April 27, 2021

Electronic voting. WHY!?!?!?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

 I live in Alberta, Canada, I have lived here since the day I was born. Canada has a sort of democracy for our government as many people know. Despite our elections being lower stake than those for our southern neighbor (The USA), our elections are still to be considered a target for those with evil intent. I do not understand why we should support E-Voting, I do not understand what possible advantage there is to an electronic election. More importantly, lets assume the security of an electronic election is higher than a traditional one... how do explain this security to someone without a background in technology like many senior citizens and also most casual users? It's impossible. Not only are electronic elections a bad idea for security and trust reasons but also they are not solving any problems with regards to elections that I am aware of. Tom Scott with Computerphile has done a better job of explaining this than I ever could. I value both privacy and security, my family has been in the security industry for four generations (Great grandpa, grandpa, and father are/were all locksmiths for most of their lives). My mind is geared to see flaws in systems and find ways to make them more secure, and the attack surface on physical ballot voting is far smaller than electronic voting.
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQTdEHZzdRj88+sPHs2DGTsp04R9UwUCY9YH5AAKCRCDGTsp04R9
U5w+AQDNjne3/tFgyG/1AlxpjWbtqWE+NZvKONg8mm46oXrZsQD+ISsO+StOoDYM
orjgvJzL9qbu7zAt9/AiJLklgT6ClQ4=
=M6xM
-----END PGP SIGNATURE-----





Wednesday, January 20, 2021

When you feel droopy, have a puppy.

 My dog doesn't exactly listen when taking photos... she usually looks directly away from the camera. Here she is after her trip to the groomer and a few weeks later when she had a nap in the sun.

Dog looking away from the camera

I'm not looking at the camera, but I am fluffy from the groomer.


 

Ok I will look at the camera this one time but only because there might be a squirrel inside it.

 
Dog rolling over for a belly scratch.

Ummm... Are you going to give me a belly scratch or just point that camera at me all day?




After a few weeks I found her napping in the sun. Here she is feeling like dozing off at my feet. Fortunately I had a camera close by.


I'm dozing in the sun. 

 
I sense a disturbance.

And back to dozing in the sun

My eye is drifting awake... I sense you moving.

Roll a little to my side and now back to dozing. 

Tuesday, January 12, 2021

First city skyline photos.

 A while ago I purchased a Nikon Z5 camera and a few lenses for said camera. I have since been trying different types of photography. A short while ago I took a few shots of the city of Edmonton which is the closest city to my home. 


I misread the shutter speed and shot it too dark





Latest Post

Steam on Linux Mint Cinnamon

Most viewed