This post contains a canary message that’s cryptographically signed by the official BusKill PGP release key

BusKill Canary #009
The BusKill project just published their Warrant Canary #009

For more information about BusKill canaries, see:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Status: All good
Release: 2025-01-14
Period: 2025-01-01 to 2025-06-01
Expiry: 2025-06-30

Statements
==========

The BusKill Team who have digitally signed this file [1]
state the following:

1. The date of issue of this canary is January 14, 2025.

2. The current BusKill Signing Key (2020.07) is

   E0AF FF57 DC00 FBE0 5635  8761 4AE2 1E19 36CE 786A

3. We positively confirm, to the best of our knowledge, that the 
   integrity of our systems are sound: all our infrastructure is in our 
   control, we have not been compromised or suffered a data breach, we 
   have not disclosed any private keys, we have not introduced any 
   backdoors, and we have not been forced to modify our system to allow 
   access or information leakage to a third party in any way.

4. We plan to publish the next of these canary statements before the
   Expiry date listed above. Special note should be taken if no new
   canary is published by that time or if the list of statements changes
   without plausible explanation.

Special announcements
=====================

None.

Disclaimers and notes
=====================

This canary scheme is not infallible. Although signing the 
declaration makes it very difficult for a third party to produce 
arbitrary declarations, it does not prevent them from using force or 
other means, like blackmail or compromising the signers' laptops, to 
coerce us to produce false declarations.

The news feeds quoted below (Proof of freshness) serves to 
demonstrate that this canary could not have been created prior to the 
date stated. It shows that a series of canaries was not created in 
advance.

This declaration is merely a best effort and is provided without any 
guarantee or warranty. It is not legally binding in any way to 
anybody. None of the signers should be ever held legally responsible 
for any of the statements made here.

Proof of freshness
==================

14 Jan 25 01:01:33 UTC

Source: DER SPIEGEL - International (https://www.spiegel.de/international/index.rss)
A Miracle? Pope Francis Helps Transsexual Prostitutes in Rome
Boost for the Right Wing: Why Did a German Newspaper Help Elon Musk Interfere in German Politics?

Source: NYT > World News (https://rss.nytimes.com/services/xml/rss/nyt/World.xml)
What an Upended Mideast Means for Trump and U.S. Gulf Allies
Russia and Ukraine Battle Inside Kursk, With Waves of Tanks, Drones and North Koreans

Source: BBC News - World (https://feeds.bbci.co.uk/news/world/rss.xml)
Gaza ceasefire deal being finalised, Palestinian official tells BBC
Watch: Moment man is saved from burning LA home

Source: Bitcoin Blockchain (https://blockchain.info/q/latesthash)
0000000000000000000042db9e17f012dcd01f3425aa403e29c28c0dc1d16470

Footnotes
=========

[1] https://docs.buskill.in/buskill-app/en/stable/security/pgpkeys.html

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEeY3BEB897EKK3hJNaLi8sMUCOQUFAmeFuPcACgkQaLi8sMUC
OQXctQ//Zv7RZXPKMMyjMjfE2LjrL6RVESIZMT2tUO/y0wx8XTXKBpgOA7fTh2eC
BHkLajpU/S3LOb+wBniuo29tpGJHG5MBWDwyNUAWXqZfJ/A9YNikNYq9lOn6nKSH
oHyLB8h2nP9rfQ2wXUtN6lFJVKWU5Ef5pjMQb8flJO2kbou7QpgcOzxvRqrXOUcN
UumjSlDTtwIOYOX+Ee8SamI4LyApOlwxIGMbFcbRMcJNhtioS4qCGNGw1pqhvqmF
pi1kIaqd79I8y1U9ufncvC+pbCEvRdo+wb7ZsXA9ZYpYfJSQJzSkdCGgkbe0b1Tx
6CNlcgoXIVaEH6/W+C2DFlyG1u4JuH22eXIrloYnjOxlqSJCd0Dw1EeO33tg3xg3
tfeO9pGOcZPOwlBL509VlE9z6W3czyKJk7Z4RwYXCFYWWi8vlHvRQg0LNu0C4Jyw
fRV2LlMSeUgBz9xyE62jh/BUNZzXsD0ntprR1eRTkeW4kOGEc6Wql4lBKE08sajT
YdgTi4ojrcfTdS7Sgzh1Onh5h/nF7hoyCX0lINgyTrJFMynC6qadTZtiJ2yO8GT+
Ovk9ZJMggBMNr4Vbw6CyrU/4yYMyrEd5dzXYZLZ41lMMpjwM8OBJ/yp1pcGo9vk4
NTAjUQUvOj6nrA/r3j2ywFMDZtFR/jBjXULWE77ca3iJmc/FUdg=
=xahN
-----END PGP SIGNATURE-----

To view all past canaries, see:

What is BusKill?

BusKill is a laptop kill-cord. It’s a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.

What is BusKill? (Explainer Video)
Watch the BusKill Explainer Video for more info youtube.com/v/qPwyoD_cQR4

If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys – thus keeping your encrypted data safe from thieves that steal your device.

  • monk@lemmy.unboiled.info
    link
    fedilink
    arrow-up
    4
    ·
    14 days ago
    1. What’s the significance of the particular canary, what’s omitted?

    2. Why would one need a special USB device for that if literally any USB device would work with, like, half a dozen lines of configuration?

    • BusKill@lemmy.sdf.orgOP
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      14 days ago
      1. Sorry, I don’t understand your question. It’s a warrant canary. Can you please be more specific?
      2. This one has a magnetic breakaway in the middle. We sell it for convenience – to make this tool more accessible to folks with little time or technical literacy (eg journalists, whistleblowers, etc)

      Yes, you can make your own cable. We have instructions for this in our documentation:

      https://docs.buskill.in/buskill-app/en/stable/hardware_dev/bom.html

      • mox@lemmy.sdf.org
        link
        fedilink
        arrow-up
        1
        ·
        14 days ago

        I’m not GP, but regarding 1:

        Warrant canaries are only noteworthy when they are updated. GP is asking if this one was updated, as in whether some attestation was removed, implying that a warrant affecting that attestation has been served since the last one.

        If no such change has taken place, then it’s still useful to have a copy of the canary publicly archived (e.g. here) for comparison to future versions, but there’s no reason for the people in this community to spend their time reading it.

        • BusKill@lemmy.sdf.orgOP
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          14 days ago

          Sorry, I don’t agree with this.

          Warrant canaries are most noteworthy when they’re not published. The only way to know that it’s not published is to – publish it. Widely. And routinely. We publish our warrant canaries twice per year.

          This canary expires 2025-06-30. If you don’t see a new canary published by that date, then you should be concerned.

          You do a diff of this canary and our last canaries here:

          • mox@lemmy.sdf.org
            link
            fedilink
            arrow-up
            3
            ·
            edit-2
            14 days ago

            I think you’ve misunderstood my comment.

            Warrant canaries are most noteworthy when they’re not published.

            Something cannot be a warrant canary at all unless it is published. Did you mean to say it is most noteworthy when it has been published at least once, and then stopped being published? That would be an example of what I meant by a “change” in my comment.

            Back to the original point: You said you don’t understand monk’s first question, so I tried to explain it to you: It was asking whether some change has taken place; some cause for alarm. A change in the document, or its removal, or a failure to update it.

            The only way to know that it’s not published is to – publish it. Widely. And routinely.

            Indeed. As I said in the last paragraph of my earlier comment.

            Edit: In the future, if you’re going to post canaries to general forums like this one, you might want to include a short explanation for community members who aren’t familiar with warrant canaries, or who wonder why you’re posting one here of all places. You didn’t provide any context. I understand the value of posting it, but to most people, your post can easily be seen as irrelevant noise polluting their news feeds.

            • BusKill@lemmy.sdf.orgOP
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              14 days ago

              You might want to include a short explanation for community members who aren’t familiar with warrant canaries

              Thank you for the feedback. The second line of this post contains the text:

              For more information about BusKill canaries, see:

              That link explains everything. Are you suggesting that we copy and paste the contents of that link into the post directly? Or maybe just the first 3 sentences?

              It was asking whether some change has taken place; some cause for alarm.

              If you want a very, very quick way to glance at the canary and determine this, see the Status on the first line of the signed message. In this case, it says

              Status: All good

              And I think #3 and #4 below that explain the canary clearly. We took this format from best-practice standards of other warrant canaries to be both human- and machine-readable.

              1. We positively confirm, to the best of our knowledge, that the integrity of our systems are sound: all our infrastructure is in our control, we have not been compromised or suffered a data breach, we have not disclosed any private keys, we have not introduced any backdoors, and we have not been forced to modify our system to allow access or information leakage to a third party in any way.

              2. We plan to publish the next of these canary statements before the Expiry date listed above. Special note should be taken if no new canary is published by that time or if the list of statements changes without plausible explanation.

              Is there any other changes that you recommend we make to the signed message to make it clearer that this is a “good” canary?

              • mox@lemmy.sdf.org
                link
                fedilink
                arrow-up
                5
                ·
                edit-2
                14 days ago

                I am not suggesting specific changes to your canary document. I am (a) explaining someone else’s question that you said you didn’t understand, and (b) pointing out that you might find better response if you clearly and briefly explained at the top of your post why you are posting it here.

                To underscore (b): This community is not typically used as a vault for warrant canaries. An argument could be made that they don’t belong here. I don’t feel strongly about it so long as they don’t become a common source of noise, but if you can’t find a better place for them, I think the least you could do is say in one or two sentences why you’re posting one. Without requiring eighteen thousand subscribers (and uncounted additional readers) to sift through off-site links, or make sense of a single field in a wall of monspaced copypasta that has no obvious meaning to the majority of readers.

                • BusKill@lemmy.sdf.orgOP
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  14 days ago

                  I’ll add this to the top next time, thanks.

                  What is a Warrant Canary?

                  The BusKill team publishes cryptographically signed warrant canaries on a biannual basis.

                  Although security is one of our top priorities, we might not be able to inform you of of a breach if served with a State-issued, secret subpoena (gag order).

                  The purpose of publishing these canary statements is to indicate to our users the integrity of our systems.

                  For more information about BusKill canaries, see: