Avatar

Gianluca Gabrielli

If you want to establish a secure connection with me, please use the following information.

To ensure a private session with me you need to bear in mind two things: all the communication channels should be end-to-end encrypted, and at the other end of the communication channel there should be me. The end-to-end encryption ensures that no one is able to read what is transmitted over the comunication channel, but doesn't ensures the identity of the other party, so it is important that you establish a secure channel with me and not with any other imposter. This means you also need an authentication method to ensure my identity. Using the fingerprints below you can verify if the public keys you downloaded are actually mine.
What if you downloaded my alleged public key from an unsafe place and now someone is providing you a fake fingerprint to trick you in to thinking you got the right pubkey?! <<"The fingerprint matches the one of the downloaded pubkey, therefore IT MUST BE SAFE!">>, the end-to-end channel would be private, but with the wrong recipient. That scenario would allow an attacker to pose as an impostor (impersonating me) or a MITM entity (while communcating with both of us). That's why this website is browsable only using HTTPS: there is a certification authority which is ensuring that the content of this page cannot be changed or tampered during transmission. Unfortunatelly the web is still not completly decentralized, and you still need to trust a third party. In this case you are trusting Comodo CA.
As long as you trust that this website belongs to me, feel safe to use the following information to establish a secure connection with me.

Dance Like No One's Watching, Encrypt Like Everyone Is.


Payment
Ethereum Ethereum
0xe762890Bf178332ebB255F2342b40772ef342e67

Bitcoin Bitcoin
1ES3sq548m7auawoRU5voVuy8T2y6LaUwQ

Zcash Zcash
t1ads8hZQ1r4BkLVrYw8Ey5ZjWQzLTRLmZU

SSH
Wanna make your server faster or just provide me access? Append this key to ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8SvJ8pwo2ZvWgBSlcXigEeK/tCaW5X1vepJdgVcOofJy6OT4Gf6xgVsC6YRU1mIQWr8CiADwvNBiKha8+X6DsPQWMRgz/jnm5nkElh2EnRqGLWpN9fnIHfWFvV4toYR/Ssp1jqjznDJ846BIUbjRO/NzQcFjro5E7w2vPFkPr7YdKvQ7wFzCi32D+aeVSv/pRRWNQCWRPMs46JBwxKXg3v47IPmHlAm+LtyR/BzfjLgWI7CXWJlNd6WUGFB5Qodw97oLDRBg4uGtyMioPHZFW0pi97IK/QRECDJzX1vORVz5R4433ifwZdHFIGyYWrrquqZWu63y1a8If/tUTDijnT5DgDI1CqWVfWZyneyv/f+3WAq8NI3jEjj2v8meNuVSJYo8xQ64Tqrh/n/yS1CJWFT50O3rkEirLkY6bPpn1jsTGhBaSGgGjMg73EO8SR2opIASq4uMtfG/hNpBp2gIQaw3lq9Hwo9EScIdHD+EMCad1ZdgX5527mMYJVJ0JVTcheNDt+wLCVxvA/qigEG1Ji8+ZDLs8JJrhPgIczYslDyJ0N+4eiUkh78r58zgg1Y0y9fHbXi+iriDuwluk0Db+QwDdZgK/OSoLDSShpiIxh6j2l3dgz5artASC6P78IZ8Ega8bdX9cSUtQfAT0wx016KXdCWj/6n9N45rRwOP9vQ==

OTR
Android

Conversation

D17512BC CEEDEC44 26A45903 85252C5D B8289DA7

Athena

Gajim

035933ED B0275755 CB8FFDA3 AC8D710C 10A0CD8E

OMEMO
Android

Conversation

1E93ABEF EFAAB3A4 74A9EF54 AF9B26E3 B8C15071 17484D8E B7515884 10DF6772

Athena

Gajim

3689698B DA72C1E1 AC5A083A 1F67E316 B8E6653C 39E64178 7E5945D9 F68F6567

ZRTP
You can call me on [email protected]ostel.co.

We can verify the end-to-end encryption comparing the exchanged symmetric key with the words that appear on each VoIP clients. To verify that I'm the one on the other side of the channel, you can just recognize my voice.

The ZRTP compliant VoIP clients I use are: on Android CSipSimple, and on GNU/Linux Linphone.

Ring.cx
crazybyte