From a72d345f9fd07b9878be09aea90ed53e2e2648c6923ac7fb9abc934daa31e72d Mon Sep 17 00:00:00 2001 From: Nicholas Johnson Date: Thu, 30 Nov 2023 00:00:00 +0000 Subject: Switch to the Diátaxis documentation approach MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- HOWTO.md | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 HOWTO.md (limited to 'HOWTO.md') diff --git a/HOWTO.md b/HOWTO.md new file mode 100644 index 0000000..c926c2d --- /dev/null +++ b/HOWTO.md @@ -0,0 +1,71 @@ +# Git Privacy + +Follow the instructions in this document to obfuscate Git timestamps. + +## View Commit Timestamps + +To view commit timestamps, run: + +```sh +git log --format=fuller +``` + +## Obfuscate Timestamps for Commits and Annotated Tags + +For maximum privacy, set the author and committer dates to a clearly forged fixed date in UTC inside the interactive shell configuration: + +```sh +export GIT_AUTHOR_DATE="2000/01/01T00:00:00+0000" +export GIT_COMMITTER_DATE="$GIT_AUTHOR_DATE" +``` + +To balance privacy and timestamp accuracy, set the author and committer dates to a course-grained date in UTC inside the interactive shell configuration: + +```sh +export GIT_AUTHOR_DATE="$(date -u +%DT00:00:00%z)" +export GIT_COMMITTER_DATE="$GIT_AUTHOR_DATE" +``` + +Remember that shell environment variables do not change after being set, so dates update only after a new interactive shell is opened. + +## Obfuscate Timestamps for Digital Signatures + +For maximum privacy, create a custom version of GnuPG with a fixed timestamp set **between when the signing key was generated and the current date**: + +```sh +#!/bin/sh +gpg --faked-system-time ! $@ +``` + +See gpg(1) for valid `` formats. + +To balance privacy and timestamp accuracy, create a custom version of GnuPG with a course-grained timestamp in UTC set **after the signing key was generated**: + +```sh +#!/bin/sh +gpg --faked-system-time "$(date -u +%Y%m%dT000000)!" $@ +``` + +Set the script as executable: + +```sh +chmod +x /path/to/custom-gpg.sh +``` + +Tell Git to use the new script: + +```sh +git config --global gpg.program /path/to/custom-gpg.sh +``` + +## Forges + +To prevent forges from tracking Git push times, create a Cron job which pushes the repository at fixed intervals: + +```cron +0 6 * * * git -C /path/to/repo/ push origin master +``` + +## License + +This file is licensed under [CC-BY-SA 4.0](LICENSE). -- cgit v1.2.3