firstlookmedia / autocanary Goto Github PK
View Code? Open in Web Editor NEWMakes generating machine-readable, digitally signed warrant canary statements simpler
Home Page: https://code.firstlook.media/projects/autocanary.html
License: Other
Makes generating machine-readable, digitally signed warrant canary statements simpler
Home Page: https://code.firstlook.media/projects/autocanary.html
License: Other
Autocanary.pkg Verification Failed: 153
GPGErrorKeyExpired = 153,
I just tried the OSX package from (here)[https://firstlook.org/code/project/autocanary/]. It installs fine. However, when I run it I see this pop-up:
And get the following message in Console.app
Console[3221]: setPresentationOptions called with NSApplicationPresentationFullScreen when there is no visible fullscreen window; this call will be ignored.
The URL on the front page of the repo (https://www.firstlook.media/code/autocanary) no longer goes anywhere. Should this be removed, or pointed to an archive.org snapshot, if the webpage isn't going to be restored?
Just noticed that, installing AutoCanary on a brand new Debian computer, I get this error:
$ autocanary
Traceback (most recent call last):
File "/usr/bin/autocanary", line 2, in <module>
import autocanary
File "/usr/lib/python2.7/dist-packages/autocanary/__init__.py", line 18, in <module>
from autocanary import *
File "/usr/lib/python2.7/dist-packages/autocanary/autocanary.py", line 21, in <module>
from headlines import Headlines
File "/usr/lib/python2.7/dist-packages/autocanary/headlines.py", line 20, in <module>
import feedparser
ImportError: No module named feedparser
BUILD.md
tells you how to build AutoCanary.app
, which is great for releasing, but not developing.
For development, if you want to run the app locally, you can run python autocanary.py
(I imagine... I currently have the issue in #6).
Can you add a note about that in BUILD.md
(or maybe make a CONTRIBUTING.md
)? I'm not sure of the wording, or how it'd work on Windows, which I why I didn't open PR.
The settings loading use pickle.load method
https://github.com/firstlookmedia/autocanary/blob/master/autocanary/settings.py#L61
which from the documentation:
https://docs.python.org/3/library/pickle.html
The pickle module is not secure against erroneous or maliciously constructed data. Never unpickle data received from an untrusted or unauthenticated source.
more information about how it can be exploited:
https://lincolnloop.com/blog/playing-pickle-security/
thus it will be better to use JSON instead for storing and loading the settings (to avoid the code injection security issue)
On line 41 of install/autocanary.nsi
, the installer references an HTTP address: http://timestamp.globalsign.com/scripts/timstamp.dll
.
Beyond the security risk an insecure request constitutes, the page itself redirects to https://www.globalsign.com/en/timestamp-service/
, which does not seem like a timestamp. (It's a marketing page.) Perhaps the intended URL has changed?
Screenshot of the page that http://timestamp.globalsign.com/scripts/timstamp.dll
redirects to (https://www.globalsign.com/en/timestamp-service/
).
This is potentially the underlying issue behind #30?
I would submit a fix as a PR, but have no way of properly testing the changes because I am not running a Windows machine.
Thanks!
$ autocanary
Traceback (most recent call last):
File "/usr/bin/autocanary", line 2, in <module>
import autocanary
File "/usr/lib/python3/dist-packages/autocanary/__init__.py", line 22, in <module>
from .headlines import Headlines
File "/usr/lib/python3/dist-packages/autocanary/headlines.py", line 19, in <module>
import feedparser
ModuleNotFoundError: No module named 'feedparser'
Canary Watch is an warrant canary tracking website - https://canarywatch.org/
Consider adding language to suggest signing up for Canary Watch or adding a field in the application to do this.
u2019 and U+2026 so far prevent signing from completion. There may be more.
UnicodeEncodeError: 'ascii' codec can't encode character u'\u2026' in position 833: ordinal not in range(128)
UnicodeEncodeError: 'ascii' codec can't encode character u'\u2019' in position 575: ordinal not in range(128)
<a href="http://gpg4win.org/">Gpg4win
fix:
change to https://gpg4win.org/
This is the same issue as onionshare/onionshare#75, and I believe I have fixed it by installing python from python.org instead of relying on what comes with OSX.
Consider adding optional functionality to include 'today's headlines' from a news site in canary generation in order to prove current date.
This could be done by incorporating the rss feed of a popular news site.
Would it not be a good idea to auto pull (RSS) a news headline or sports score to prove that this information has been generated now and not some time in the past?
I've installed Gpg4win via chocolatey and it puts in the x86 directory and autocanary refuses to start at all because it can't detect it.
FYi, AutoCanary failed to run in OSX 10.8.5, with the following from Console:
5/27/15 2:07:37.182 PM AutoCanary[13142]: Traceback (most recent call last):
5/27/15 2:07:37.182 PM AutoCanary[13142]: File "/Applications/AutoCanary.app/Contents/Resources/boot.py", line 351, in
5/27/15 2:07:37.183 PM AutoCanary[13142]: _run()
5/27/15 2:07:37.183 PM AutoCanary[13142]: File "/Applications/AutoCanary.app/Contents/Resources/boot.py", line 336, in _run
5/27/15 2:07:37.183 PM AutoCanary[13142]: exec(compile(source, path, 'exec'), globals(), globals())
5/27/15 2:07:37.183 PM AutoCanary[13142]: File "/Applications/AutoCanary.app/Contents/Resources/autocanary.py", line 2, in
5/27/15 2:07:37.184 PM AutoCanary[13142]: autocanary.main()
5/27/15 2:07:37.184 PM AutoCanary[13142]: File "autocanary/autocanary.pyc", line 362, in main
5/27/15 2:07:37.186 PM AutoCanary[13142]: File "autocanary/gnupg.pyc", line 68, in seckeys_list
5/27/15 2:07:37.186 PM AutoCanary[13142]: IndexError: list index out of range
5/27/15 2:07:37.204 PM AutoCanary[13142]: AutoCanary Error
Hey, after Reddit case, maybe you should update the disclaimer?
"This is the big murky legal question. Frankly, nobody really knows how this would go down in court."
Installing on Windows 10 gives me a fatal error box that reads failed to execute script autocanary
The description in this repo contain broken link: (return "Not Found")
Makes generating machine-readable, digitally signed warrant canary statements simpler https://firstlook.org/code/autocanary
fix:
change link to:
https://code.firstlook.media/projects/autocanary.html
Blockchains (such as Bitcoin) can be used to provide secure proof of freshness, see how&why it's implemented in QubesOS canaries:
QubesOS/qubes-secpack@23467cb
QubesOS/qubes-issues#2685 "secpack: use Bitcoin block hash in freshness proof for canaries"
To use the same toolchain as GPG Sync.
AutoCanary fails to sign message on OS X 10.10.3 with GPG Keychain 1.2b6.
System log
5/27/15 5:45:32.782 PM AutoCanary[96859]: WARNING: The Gestalt selector gestaltSystemVersion is returning 10.9.3 instead of 10.10.3. Use NSProcessInfo's operatingSystemVersion property to get correct system version number.
Call location:
5/27/15 5:45:32.782 PM AutoCanary[96859]: 0 CarbonCore 0x00007fff920d02b7 ___Gestalt_SystemVersion_block_invoke + 113
5/27/15 5:45:32.782 PM AutoCanary[96859]: 1 libdispatch.dylib 0x00007fff963bac13 _dispatch_client_callout + 8
5/27/15 5:45:32.782 PM AutoCanary[96859]: 2 libdispatch.dylib 0x00007fff963bab26 dispatch_once_f + 117
5/27/15 5:45:32.782 PM AutoCanary[96859]: 3 CarbonCore 0x00007fff92059456 _Gestalt_SystemVersion + 987
5/27/15 5:45:32.782 PM AutoCanary[96859]: 4 CarbonCore 0x00007fff920586e3 Gestalt + 144
5/27/15 5:45:32.782 PM AutoCanary[96859]: 5 QtCore 0x0000000107f52f46 _ZN9QInternal12callFunctionENS_16InternalFunctionEPPv + 2190
5/27/15 5:45:32.782 PM AutoCanary[96859]: 6 ??? 0x00007fff6eb41ceb 0x0 + 140735050685675
5/27/15 5:45:36.961 PM AutoCanary[96859]: QPixmap::scaled: Pixmap is a null pixmap
5/27/15 5:46:39.866 PM AutoCanary[96859]: gpg: problem with the agent: Timeout
5/27/15 5:46:39.866 PM AutoCanary[96859]: gpg: no default secret key: Operation cancelled
5/27/15 5:46:39.866 PM AutoCanary[96859]: gpg: /var/folders/_d/gz7_v74n1jb3jpq158gr88sc0000gn/T/tmppALvLE/message: clearsign failed: Operation cancelled
5/27/15 5:46:39.875 PM AutoCanary[96859]: QPixmap::scaled: Pixmap is a null pixmap
5/27/15 5:46:46.264 PM AutoCanary[96859]: modalSession has been exited prematurely - check for a reentrant call to endModalSession:
5/27/15 5:46:46.265 PM AutoCanary[96859]: 2015-05-27 17:46:46.264 AutoCanary[96859:12844231] modalSession has been exited prematurely - check for a reentrant call to endModalSession:
Diagnostic log
5/27/15 5:38:58.558 PM syspolicyd[13826]: assessment denied for AutoCanary.pkg but overridden
com.apple.message.domain: com.apple.security.assessment.outcome2
com.apple.message.signature2: bundle:UNBUNDLED
com.apple.message.signature3: AutoCanary.pkg
com.apple.message.signature5: UNKNOWN
com.apple.message.signature4: 2
com.apple.message.signature: defeated:Developer ID
SenderMachUUID: 730F2AA1-75F5-362E-A3C5-9424449D7498
Command: AutoCanary
Path: /Applications/AutoCanary.app/Contents/MacOS/AutoCanary
11 start + 52 (AutoCanary + 3044) [0x100000be4]
11 main + 650 (AutoCanary + 4474) [0x10000117a]
11 ??? (AutoCanary + 10075) [0x10000275b]
Process: AutoCanary [93719]
Path: /Applications/AutoCanary.app/Contents/MacOS/AutoCanary
11 start + 52 (AutoCanary + 3044) [0x100000be4] 1-11
11 main + 650 (AutoCanary + 4474) [0x10000117a] 1-11
11 ??? (AutoCanary + 10075) [0x10000275b] 1-11
0x100000000 - 0x100009fff org.pythonmac.unspecified.AutoCanary 0.1 (0.1) <FFD751CA-37B6-3FAC-9CF0-413E01DAA81D> /Applications/AutoCanary.app/Contents/MacOS/AutoCanary
Parent: AutoCanary [93719]
Responsible: AutoCanary [93719]
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.