GPG key transition: 7BD22F74 → D28DA8DC

June 1, 2013 anthony Leave a comment

I should have transitioned my old GPG key to a stronger one for long time, it’s finally done today, with the help of here and here. You can find my signed letter at http://ubuntuone.com/6O2OCf1rg9ulw1eWi13zc2. I am also copying the letter below for your convenience.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256,SHA1

Due to rapid advancement of computing, my old 1024-bit DSA GPG key,
which was created 14 years ago in 1999, has long been deemed insecure.
Therefore, I am transitioning to a much stronger 8192-bit RSA key, by
using a slightly modified gnupg in [1], as the default gnupg does
not allow creation of keys greater than 4096-bit. Hopefully this new
key can survive much longer.

The old key will continue to be valid for some time, but I prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust.  This message is
signed by both keys to certify the transition.

If you have signed my old key, I would appreciate signatures on my new
key as well, provided that your signing policy permits that without
reauthenticating me.

The old key, which I am transitioning away from, is:

pub   1024D/7BD22F74 1999-09-12
      Key fingerprint = CD09 4F7B BBEE 93CD 7966  6299 34B3 A9A0 7BD2 2F74
uid          Anthony Y. P. Wong (Personal) <ypwong@ypwong.org>

And the new key is:

pub   8192R/D28DA8DC 2013-06-01
      Key fingerprint = 8DF0 9030 F103 F760 C18C  BA06 605A A53D D28D A8DC
uid          Anthony Y. P. Wong (黃彥邦) <ypwong@ypwong.org>

To fetch the new key from a public key server using GnuPG, run:

  gpg --keyserver pgp.mit.edu --recv-key D28DA8DC

If you have already validated my old key, you can then validate that the
new key is signed by my old key:

  gpg --check-sigs D28DA8DC

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate if you would sign my new key.

A simple and safe way to do that is by using caff (shipped in
Debian/Ubuntu as part of the "signing-party" package) as follows:

  caff D28DA8DC

Alternatively, you can sign the key by using gpg and send it to me (if
you have a functional MTA configured on your system) or upload the
signatures to a public keyserver directly:

  gpg --sign-key D28DA8DC
  gpg --armor --export D28DA8DC | mail -s 'OpenPGP Signatures' \
    ypwong@ypwong.org
  gpg --keyserver pgp.mit.edu --send-key D28DA8DC

Please let me know if there is any trouble, and sorry for the
inconvenience.

[1] https://launchpad.net/~anthonywong/+archive/ppa

Thanks,
Anthony Wong

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQQcBAEBCAAGBQJRqdnMAAoJEGBapT3SjajciuYf/isb8jX/+SXxnxr6veAS4VTL
rKG2Up6cGjAPsfNX4AmKUojiiGzWyqXOa3qTfRReXf2Xl+NroI6jMdN2zBEe4D7J
UZYDzvEVWDhhATbWIqL2mcxZYbInX4sd18UW5cw58Tx+uBATAIHSJdHiLMjLDbvc
uKpbIqwZDC1zgJIV1+vosgtR3KQFO0bJyeqEBMpjvzJ2Zy60ZFgBycNOZL2aIdav
HnbCBSttqdfUE+TuXMgHSSTgx0WUromRa9d4X/OaT+1veX2CRD/K9X+Qt4ac6dop
Tze43U4ns2Ijz8Mwb603rlkh5e+FFfI7VxehCpIPv2oYlpNHYt5BoJbNj5Hl8LYn
6DMmbJSugz5Ov94Q5/QLFPRprnwXRVmHuvm1sbxznQGrCDgJhxVLJuTTTSNjuUiL
5VVwqKJ8RrG8gFcqmcZhG1+U2tQvBfJU/NR7BF6LMqB9FrJNyBTvg0w460XnUiOc
2ZKubdDn7qj7iEhUru4Mmu1yz9tANjYP7ObCxsvWvMOt8basOn1EobgUywIVsQsz
QdCR5SYNvWT7fgKjbpMM6RwTOa7mqOvk+IF9SCgZcSy4KVkLr6PrB0VSNueMy7bz
iJqF+j06ur79/0IHK33iFj02OqXIXG99g6hGm86NgSIlBM0EZwX52O7XmfSfTcg0
DlKuAy/ZBZOltxujkTaUSECWmfRzT2FtGgDsNj9PGZ+RbSTIT0J3/P46Umg55IBq
ptNFg5e0VNSewVT5sQVGxZDesPmrcVH6KjmFI0HYihZp2SUjshoT9TmyeKIdZcGa
PtLKSlhuwVAgEEsMPKQb4x/8xwZa2D5ZuiSOWP0NWptzdE2g2qAMGVttgu19B1+X
Iv9FUts5BYI5xiocbBq0t/MSioEwQG4Q4fBjMltMKu062lXnHNj8bP2W0Z1lBOTy
/GxHRrRnvfdmsWjn5DTfY3Cg5LlOHWMxd0JnCYMrEMrdQb78+1sc/qpbhfW3cKeR
vL8nGw7GZthOLOTVHUMtMthVSvWcymWfuJ4pfwP+Im6PqHmV+aC8GfwsSBDoLjPn
6AkdoinofPTh7RziNK/bJ36qS5QVL4bITeIw5qBYG9cXGSyuX15clK8CiuMG6RqG
1ztp3rQbLp1a0/1fW4xuhZUfUo4kXPYwR5Tm8Emx9dnS1IDk6avbUYMw+30JUqPO
KLCSGQnsjXyBPD6Z+qxENUgk1046JNxUFZLoc9mbbU9CXWKlGDDAoF+moLcWmR4D
BX9JbQAkmTQkuvPuH9x7aYoFSJKcmJ7Zz6PTdD8PHAT0vm92Kg3viIu/2BhoyvyD
oKLf/yQ1d8y1/iZYuyOrnM7eT56BtcvSHlSXQSmyACiB4bR3YYz6SNS2KDjmWWCI
RgQBEQIABgUCUanZzAAKCRA0s6mge9IvdMFJAKDlnUHGERTnlUGTZTB5SH4IREKb
qwCeJy3k6qi6uxBlZqds/4AG6vDmtfE=
=UVhj
-----END PGP SIGNATURE-----

Open Source

Running QQ on Ubuntu Phone

May 19, 2013 anthony Leave a comment

Courtesy to an open source project called uqq on Github, it is now possible to not only run QQ on Linux, but also on Ubuntu Phone! As Ubuntu phone is still under heavy development, and the current SDK is limited for QML-only apps, it is not an easy task to deploy uqq onto the phone, as it uses C++ for its backend. If you are adventurous, you can follow my steps below.

Continue reading Running QQ on Ubuntu Phone →

Mac OS X, Open Source, Technology

Google Chrome is the winner, Javascript speed-wise

July 19, 2009 anthony 2 Comments

Did some benchmark testing on the Javascript engines of several Mac OS X web browsers by using SunSpider and Google’s V8 benchmark suite. Although Google Chrome is still a development release on OS X, it’s already the winner in this test. Safari 4 comes second, it shows similar results in the SunSpider test but loses more in the V8 test. Sadly Firefox 3.5 loses to both of them by quite a significant margin, despite the fact that Firefox 3.5 introduces the new TraceMonkey JavaScript engine. Opera 10.00 beta 2 is just not a viable competitor to all of the others, I hope this is just because of the beta thing.

Here are some charts that show the results:

sunspider javascript benchmark of firefox, safari, opera and chrome

OS X web browser Javascript speed comparison among firefox, safari, opera and google chrome

V8 benchmark total score of Firefox, Safari, Opera and Google Chrome

Hong Kong, Mac OS X, Technology

商業電台網站大混亂

July 1, 2008 anthony 33 Comments

真係未見過有公司咁樣 launch website 嘅，原本個 website run 得好地地，為咗推新 service，將成個 site 換咗佢，結果係搞到好多俾咗錢聽 archive 嘅人聽唔到，特別係一眾 Mac user 同非 Windows user。嗰個新推出嘅 Toolbar 又唔 support OS X，又唔 support Firefox 3。原本嗰 site 都仲有得俾 user 揀用 RealPlayer 定係 Windows Media Player (Microsoft ASF format) 來收聽 realtime 廣播同 archive，但係個新 website 淨係 serve ASF 同埋用佢個 P2P toolbar。香港公司搞 website，已經無眼睇好耐。宜家咩年代啊，做 website 竟然仲唔注意係唔係 cross-platform。雖然 Real Audio 同 ASF 都係 proprietary，但係點計 RealPlayer 嘅 cross-platform support 都好過 ASF 好多，Mac 有 client，Linux 又有，連 Unix 都有。宜家商台竟然仲廢埋 Real Audio，有無搞錯。其實商台真係好天真好傻，將個 site outsource 俾大陸公司做，大陸公司做 website 出名 IE-only，商台自己嘅 project management 又好有問題，無做好 testing 唔駛講，個 site 宜家俾人媽到飛起，俾咗錢嘅用唔到應有服務，咁都仲唔 rollback 番個舊 site 出來，又或者同時間放番個舊 site 出來一齊行，咁係咪即係話根本無諗過任何 fallback plan，無 contingency plan 嘅呢？前幾日入去商台個 website，赫然發現個 domain name 變咗 beta.881903.com，心諗，唔係唔記得改番 DNS 吓嘛，邊有人用咁嘅 domain name 架，後來先發現原來商台係認真嘅，仲喺埋個 logo 寫住 beta，懶係 web 2.0 咁，真係膠到無朋友。人哋啲 website 寫住 beta，好似 gmail 咁，alpha, beta, gamma 都無問題，因為第一，佢就算係 beta 都仍然好 stable，第二，佢無收我錢。但係商台呢個 case 唔係咁，我真係唔信竟然有人 launch beta service 俾 paid service 嘅 user 咁樣搵香蕉皮自己踩。

好，鬧完，既然俾咗錢，唯有自救，用 XCode + Applescript + shell script 寫咗個 application 俾 Mac OS 10.5 嘅 user 用（唔知 10.4 得唔得，得嘅話通知聲），可以聽得番 archive，呢度 download。Download 完記得睇 README 點樣用！為咗獲得最佳效果，請同時下載 Real Player & Flip4Mac，得閒可以順手裝埋 Perian。

更新 2/7/2008 6:25pm: 如果你安裝咗 Flip4Mac，你要先響 System Preferences 度打開 Flip4Mac，make sure “Use Filp4Mac WMV Browser Plug-in” 選項無被揀中。

Technology

帝國反擊戰

March 27, 2008 anthony 2 Comments

看來中國的袁萌教授自從應邀拜訪微軟帝國之後倒戈一事，與 ODF 編輯 Patrick Durusau 發表支持 OOXML 公開信這兩件事，都是有關連的，不是獨立事件。這些異動在背後操作的無疑是微軟帝國。帝國黔驢技窮，提出的標準技術不行，轉而用“人事”手段收買一些沒有靈魂的人提他們出口術。

where Open Source technology and Middle Kingdom meet