Capture the Flag
blag and stuff


  1. 2016 Dec 11

    New GPG Key

    Hash: SHA1
    Title: New GPG Key
    Date: 2016-12-11
    Author: Stefan Lengfeld
    Since my current GPG key will expired at the end of this year, I
    uploaded a new GPG key to the keyservers and to my homepage.  The
    key ID is *0xE44A23B289092311* and the fingerprint is
        CAFC B28D 1612 3A5C 2D31  45F0 E44A 23B2 8909 2311
    You can download it from the keyservers and from my homepage, section
    'Personal'. Here is the direct download link:
    My old GPG key *0x7B9E49D4117C3CFA* (Stefan Christ (student key)
    _anti_stcim_de_) will expire at 2016-12-31.
    To import my new key into your gpg keyring, you can execute the
        $ wget
        $ gpg --with-fingerprint Stefan_Lengfeld_0xE44A23B289092311.asc
        pub  4096R/89092311 2016-12-08 [expires: 2021-12-31]
              Key fingerprint = CAFC B28D 1612 3A5C 2D31  45F0 E44A 23B2 8909 2311
              uid                            Stefan Christ (public) _contact_stefanchrist_eu_
              uid                            Stefan Lengfeld (my birth name is Stefan Christ) _anti_stcim_de_
              sub  4096R/A40AA9D9 2016-12-08 [expires: 2021-12-31]
        $ gpg --import Stefan_Lengfeld_0xE44A23B289092311.asc
    Don't forget to check the fingerprint! I have signed the new key with
    my old key. So if you have trusted the original key *0x7B9E49D4117C3CFA*
    _and_ you assume that the key was not compromised you can be relatively
    sure that my new key is also trustworthy.
        $ gpg --list-sigs 0xE44A23B289092311
        pub   4096R/89092311 2016-12-08 [expires: 2021-12-31]
        uid       [ultimate] Stefan Lengfeld (my birth name is Stefan Christ) _anti_stcim_de_
        sig 3        89092311 2016-12-08  Stefan Lengfeld (my birth name is Stefan Christ) _anti_stcim_de_
        sig    R   1 117C3CFA 2016-12-08  Stefan Christ (student key) _anti_stcim.de_
        uid       [ultimate] Stefan Christ (public) _contact_stefanchrist_eu_
        sig 3        89092311 2016-12-08  Stefan Lengfeld (my birth name is Stefan Christ) _anti_stcim_de_
        sig    R   1 117C3CFA 2016-12-08  Stefan Christ (student key) _anti_stcim_de_
        sub   4096R/A40AA9D9 2016-12-08 [expires: 2021-12-31]
        sig          89092311 2016-12-08  Stefan Lengfeld (my birth name is Stefan Christ) _anti_stcim_de_
    Nevertheless before you sign my new key, we should compare the
    fingerprints over another secure channel.
    This message is also signed with my old key *0x7B9E49D4117C3CFA*. You
    can check the signature by copy and paste the verbatim content into
    a text file and using the command *gpg --verify*. Or the same via some
    shell commands and sed-magic:
         $ wget -O - -q \
          | sed -n -e '/^-----BEGIN PGP SIGNED MESSAGE-----$/,/^-----END PGP SIGNATURE-----$/p' \
          | tee post.txt.asc
         $ cat post.txt.asc
         $ gpg --verify post.txt.asc
    For the above commands to work, you need my old key *0x7B9E49D4117C3CFA*
    in your keyring.
    I will also send all of my known gpg email contacts my new key.
    Happy encrypting and signing.
    Btw: Here is an article about the concept of long term private keys in
    PGP/GPG and the web of trust. Title "Op-ed: I’m throwing in the towel
    on PGP, and I work in security":
    v2: (2016-12-18) Use 64 bit key ids. 32 bit key ids are deprecated.
    End of message.
    Version: GnuPG v2
    -----END PGP SIGNATURE-----
  2. 2016 Dec 04

    My OpenSource Contributions

    Here is a personal note for the internet. If you try to find my personal opensource contributions as a software developer (hobbiest and professional), you need to search for my birth name Stefan Christ and my new married name Stefan Lengfeld, since I got married this summer.

    Here is a list of opensource projects that I already contributed to:
    read more…
  3. 2016 Aug 05

    Happy Jogustine Version 1.5.0

    Soeben habe ich eine neue Version des Firefox Addons Happy Jogustine veröffentlicht. Es wird automatisch im Browser aktualisiert oder kann über den folgenden Link happy-jogustine-1.5.0-fx.xpi manuell installiert werden. Im Grunde gibt es keine funktionale Änderung für den Benutzer. Es wurde nur die Codebasis für die neuen Firefox Versionen fit gemacht. So wird das Addon nun mit jpm anstelle von cfx gebaut und es sollte Electrolysis/Multiprocess Firefox fähig sein.

    read more…
  4. 2016 Jun 16

    Git cherrypick and git revert

    Last Friday I dived into the internals of git cherry-pick and git revert. I am currently working on some git subtree merge improvements and was curious whether I can add an extra argument in cherry-pick. Searching for the internals of cherry-pick reveals the first surprising fact to me:

    read more…
  5. 2016 Jun 03

    Signals, pthreads and getaddrinfo

    This morning I tried to fix a shutdown issue with systemd's systemd-timesyncd. This journey took my in into the glory world of Linux/POSIX's signal handling, POSIX pthreads, the glibc library function getaddrinfo and how all of them interact.

    read more…