Security

I take the security and privacy of my visitors very seriously. This website is secured via SSL with certificates issued by Let's Encrypt, with an A+ rating from the Qualys SSL Labs report. My web server is configured to use HTTP Strict Transport Security (HSTS) with a long-duration header, as well as OCSP stapling.

This website does not handle any personally-identifiable information. It does not load any external resources from Content Delivery Networks (CDNs). Instead all assets are hosted at the static s.hong.io subdomain, with subresource integrity (SRI) enabled. This way, information about my visitors will not be leaked to third parties. Likewise, there are no tracking cookies, or analytic scripts of any kind. For further details, see my privacy page.

PGP Public Key

This is my current PGP public key. It is available as a direct download from my website at the following link (PGP Key). Likewise, it is available for download via the OpenPGP.org keyserver, at the following link (PGP Key). I also maintain a regularly updated PGP canary (Link) which demonstrates that I still maintain possession of my PGP key.

  • Update 2022-05-06: I have added additional User IDs to my existing PGP key. The key and signature are still the same, but this changes the public key slightly. You can verify that the PGP key has not changed by checking signatures against both the old public key, and the new public key– they will both verify correctly, since they correspond to the same underlying private key.

PGP Key Fingerprint

0799 5BED 3B7E A796 DDC0  5F3B 62CA C451 B0B4 5597
Shen's PGP Key Fingerprint

PGP Public Key

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEYkRpchYJKwYBBAHaRw8BAQdAE7cVadPHSEJE5VGgxRb017RXdRap/6w2o4NV
QdZXUq+0PlNoZW4gWmhvdSBIb25nIDw1ODkyNDI3LVNoZW5aaG91SG9uZ0B1c2Vy
cy5ub3JlcGx5LmdpdGxhYi5jb20+iJUEExYKAD0CGwEFCQHhM4AECwkKBAUVCgkI
AwUWAgMBAAIeAQIXgBYhBAeZW+07fqeW3cBfO2LKxFGwtFWXBQJidWxQAAoJEGLK
xFGwtFWXDSQBAJ9/vHXyUhd345xnyHE52U4P08eY+YA/nHEu9gUSwzz+AQDsQCzL
CpSnhUUg2xAMWqQ0bZ1zg3W5jj5YSMni0aTzALQdU2hlbiBaaG91IEhvbmcgPHNo
ZW5AaG9uZy5pbz6ImAQTFgoAQAIbAQUJAeEzgAQLCQoEBRUKCQgDBRYCAwEAAh4B
AheAFiEEB5lb7Tt+p5bdwF87YsrEUbC0VZcFAmJ1bFACGQEACgkQYsrEUbC0VZet
aQEAnsszLgvqetL3mCdcSu7kFbCiHA5IvrzjeZcmY+TOxOoBAPN4lBeASWWE5dag
jIdHhuiOt5uNUBXFhywizoV0xdYGtDZTaGVuIFpob3UgSG9uZyA8U2hlblpob3VI
b25nQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbT6IlQQTFgoAPRYhBAeZW+07fqeW
3cBfO2LKxFGwtFWXBQJidWqwAhsBBQkB4TOABAsJCgQFFQoJCAMFFgIDAQACHgEC
F4AACgkQYsrEUbC0VZfsvAEA56PElQ6nvH+i98Nr6M/Zg2P4i1C8ig57hUGpPKsX
rUMBAI2wnIgyaJEC5bxw7zcStxCXA3P3+lv8gvHDJSg4xOoOuDMEYkRqLRYJKwYB
BAHaRw8BAQdAn4P6sPB3jHU74pItDRXNcvJVPhbhAnLgtG5+gQDS+36I9QQYFgoA
JhYhBAeZW+07fqeW3cBfO2LKxFGwtFWXBQJiRGotAhsCBQkB4TOAAIEJEGLKxFGw
tFWXdiAEGRYKAB0WIQTn16L4iZYLZhsNVXWvVkX3PKp6sAUCYkRqLQAKCRCvVkX3
PKp6sF4CAP0UzgPliWJOoNi5hjRHpM/+Jgc9VCCfa37Nm1Rle7NjOgD/cqVdQrSl
dxIu0hpdpecQCy8BRD6PMJ/qI3BfdjtlUQU1RAEA+QJnZCTIHAx4D8BqQTYALDKD
tFphu7lZpWGnsZRLVzEA/2VTlIrzdgrUJiKkv78JAoHTzUtInSnH2Qd/a4eTEuwF
uDgEYkRqlBIKKwYBBAGXVQEFAQEHQPO0qLHs66z2glxywcx1X/k2GMEGkfzw61rj
nW03lZQHAwEIB4h+BBgWCgAmFiEEB5lb7Tt+p5bdwF87YsrEUbC0VZcFAmJEapQC
GwwFCQHhM4AACgkQYsrEUbC0VZfgmwD/eKczfqQ1Wz+9sePqwm5Z8ZHtlhrkNp+J
LsphcEvwjcQA/0y7UDE1L3aYTs7RhhAO+pE69ZYKFMvplgrNgbBoziMCuDMEYkRr
oBYJKwYBBAHaRw8BAQdA0aJoVkyWmg88z0V2FSGhCyc4ry7Ik94/rQOG37bCg9+I
fgQYFgoAJhYhBAeZW+07fqeW3cBfO2LKxFGwtFWXBQJiRGugAhsgBQkB4TOAAAoJ
EGLKxFGwtFWXUAsA/2jsa0Goc//KbWIPcFcEqanCRT9AnwwsDW/yuEDkTdVHAQCv
1AOJAZLUu/e/KSaOzn1vfgooGHiZxadfHaS7Otk1Dw==
=4530
-----END PGP PUBLIC KEY BLOCK-----
Shen's PGP Public Key

Tor Onion Service

This website is also available as a Tor Onion Service (Hidden Service) over the Tor Network. Users with advanced privacy and security requirements may opt to access my website via its Onion Service link via the Tor Browser. The Onion Service link is:

https://shen.hongio267dx4o2ofkn4ddsztu4ok2vq4euc7sxumbi7kcfd64ije62ad.onion/
Shen's Essays Onion Link

You may verify the provenance of the Onion Service link by visiting the mirrors.txt file located at this domain (Link Here). The linked file is signed with my PGP key, which you may verify. My Onion Service implements the Onion Mirror Guidelines specification.

The Onion Service is available over HTTPS. The TLS certificate is signed by the HARICA, the Hellenic Academic and Research Institutions Cert. Authority. The certificate is installed by default within the Tor Browser Trust Store. The certificate fingerprints are:

SHA-256

6A:94:F1:D5:AB:3A:CB:FF:37:18:6B:6C:6A:0E:82:28:4C:5A:FF:1D:CF:8D:3D:53:7C:74:B0:E6:81:4A:AE:29
SHA-256 Certificate Fingerprint

SHA-1

94:3C:5D:04:F3:57:3F:4B:80:08:FA:BB:1B:FA:EF:C2:3E:4C:72:C9
SHA-1 Certificate Fingerprint

Responsible Disclosure

If you believe you have found a security issue on my website, or any of my associated infrastructure, I encourage you to contact me and disclose it responsibly. I am happy to work with security researchers and hobbyists to rectify any bugs and issues that are found, and coordinate a disclosure. Discoverers of any security issues will be acknowledged in the Security Hall of Fame section below. I do not run a bug bounty program at this time.

Security Hall of Fame

I give my thanks and gratitude to the following individuals, who have contacted me with security issues or concerns, and worked with me to rectify them.

2022 – 2023:

  • No submissions (so far).

2021 - 2022:

  • No submissions.