Interesting and concerning find. I think it would be useful to have a 3rd-party service that reliably alerts when canary conditions aren't fulfilled, along with a diff history.
> The coalition of organizations which created Canary Watch explained their decision to discontinue the project by stating that it has achieved its goals to raise awareness about "illegal and unconstitutional national security process, including National Security Letters and other secret court processes." The Electronic Frontier Foundation also noted that "the fact that canaries are non-standard makes it difficult to automatically monitor them for changes or takedowns."
The canary has been updated, but for some reason they rolled from SHA512 back to SHA1. Does not inspire confidence in their crypto-nerdery. Also, their logo is a bee. Bees make honey. Just saying.
Operators of these services tend to fall into 3 camps: the cipherpunks, the crypto AG's, and the one coin's.
I keep a strong prior on option 3, which means I need to be convinced a service is actually less hostile than whatever FAANG has on offer.