On Fri, Oct 18, 2013 at 8:54 PM, Yosem Companys <compa...@stanford.edu> wrote: > On Fri, Oct 18, 2013 at 10:53 AM, Sahar Massachi <say...@gmail.com> wrote: >> As Elijah wrote, the point of riseup is to serve a specific constituency. >> The point is not to help the general public encrypt their email. > > Exactly, and they do that quite well. Those who use RiseUp's mailing > lists rave about the service.
First, users raving about a service typically has very little to do with quality of the service as a security product. I believe that's why you posted the original question, after all. Second, the unusual stress of ideology in such a service is very relevant to product's security in this case. When I read RiseUp's social contract page [1] some time ago, I found the mild creepiness and passive-aggressiveness quite amusing, but immediately thought the following: these guys seem pretty radicalized in whatever hippie ideology they seem to be adepts of. This probably indicates that in their closed group, they value ideological loyalty at least as highly as technical expertise. It means that one of them could be incompetent and still have administrative access to security-critical systems, or that one of them could be recruited at some point under a suitable ideological pretense — compromising the service in either case. [1] https://www.riseup.net/en/social-contract -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
