aboutsummaryrefslogtreecommitdiff
path: root/HOWTO.md
diff options
context:
space:
mode:
Diffstat (limited to 'HOWTO.md')
-rw-r--r--HOWTO.md71
1 files changed, 71 insertions, 0 deletions
diff --git a/HOWTO.md b/HOWTO.md
new file mode 100644
index 0000000..c926c2d
--- /dev/null
+++ b/HOWTO.md
@@ -0,0 +1,71 @@
+# Git Privacy
+
+Follow the instructions in this document to obfuscate Git timestamps.
+
+## View Commit Timestamps
+
+To view commit timestamps, run:
+
+```sh
+git log --format=fuller
+```
+
+## Obfuscate Timestamps for Commits and Annotated Tags
+
+For maximum privacy, set the author and committer dates to a clearly forged fixed date in UTC inside the interactive shell configuration:
+
+```sh
+export GIT_AUTHOR_DATE="2000/01/01T00:00:00+0000"
+export GIT_COMMITTER_DATE="$GIT_AUTHOR_DATE"
+```
+
+To balance privacy and timestamp accuracy, set the author and committer dates to a course-grained date in UTC inside the interactive shell configuration:
+
+```sh
+export GIT_AUTHOR_DATE="$(date -u +%DT00:00:00%z)"
+export GIT_COMMITTER_DATE="$GIT_AUTHOR_DATE"
+```
+
+Remember that shell environment variables do not change after being set, so dates update only after a new interactive shell is opened.
+
+## Obfuscate Timestamps for Digital Signatures
+
+For maximum privacy, create a custom version of GnuPG with a fixed timestamp set **between when the signing key was generated and the current date**:
+
+```sh
+#!/bin/sh
+gpg --faked-system-time <iso>! $@
+```
+
+See gpg(1) for valid `<iso>` formats.
+
+To balance privacy and timestamp accuracy, create a custom version of GnuPG with a course-grained timestamp in UTC set **after the signing key was generated**:
+
+```sh
+#!/bin/sh
+gpg --faked-system-time "$(date -u +%Y%m%dT000000)!" $@
+```
+
+Set the script as executable:
+
+```sh
+chmod +x /path/to/custom-gpg.sh
+```
+
+Tell Git to use the new script:
+
+```sh
+git config --global gpg.program /path/to/custom-gpg.sh
+```
+
+## Forges
+
+To prevent forges from tracking Git push times, create a Cron job which pushes the repository at fixed intervals:
+
+```cron
+0 6 * * * git -C /path/to/repo/ push origin master
+```
+
+## License
+
+This file is licensed under [CC-BY-SA 4.0](LICENSE).