I am sorry what is reason so many people want to get and use a riseup.net 
account outside political or some other social reason

They had their canary down for over a year because of gag order from the feds.

They have totally rewritten there canary statement since which was prior very 
clear and concise.  Now it looks to be heavily lawyered careful play on 
words...thus its vague using words that can having wide varying meaning.  what 
is omitted is any speech with the words warrant, gag order, NSL.  If they get 
any of those it will NOT of itself require them activating the canary protocol.

Here is their old Canary statement followed by the new one:

riseup has not received any National Security Letters or FISA court orders, and 
we have not been subject to any gag order by a FISA court, or any other similar 
court of any government. Riseup has never placed any backdoors in our hardware 
or software and has not received any requests to do so. Riseup has never 
disclosed any user communications to any third party.

Riseup positively confirms that the integrity of our system is sound. all our 
infrastructure is in our control, we have not been compromised or suffered a 
data breach, we have not disclosed any private encryption keys, and we have not 
been forced to modify our system to allow access or information leakage to a 
third party.

Unfortunately we cannot use common sense to read these but they must be read 
thru the eye of a laywer  I think you really see the effects of the rewritten 

>From what I can tell the system is closed source.  They no longer offer any 
>form of encryption.  I must all be done on your email client.  There is no two 
>factor authentication.  The user name and password to get your into your 
>mailbox from what I can see maybe moot as there is no info on any use of 
>encryption outside users manually or thru a client using gpg.  If that is 
>correct then any mail not gpg encrypted is sitting in the mailbox in 
>cleartext.  Unless there is something like AES 256 protecting the mailbox via 
>your password but then that means thru the recovery passcode system they very 
>well can get back into your mailbox even with lost credentials and no reset 
>alternate email address.

For a person that plans to gpg encrypt all their emails what does this offer 
anyone over the other free email accounts.  Sure your contacts are not mined to 
hell and back but in terms of email content I see no difference and actually 
lower login security.

I was looking at the thread and it looks like around 40 people requested 
referral codes on this thread while the canary was expired.  One person even 
mentioned it and it went uncommented on.

Compare this to say protonmail its not even remotely close.  As both can be had 
for free and without all the need for referrals as its targeted toward 
liberal/social/anticapital political change groups not sure the point?  Elitism?

I honestly was surprised so many people on this list asking for it and where 
unphase by the fact the canary was expired and it was known they were under a 
gag order.  We make a big deal about a close source binary blob for a driver or 
firmware to a nic or gpu yet a closed source email provider system with a 
triggered canary and no one misses a beat?  I know the thread was off topic and 
has been running for years and why I never even read it till now for no other 
reason than I was wasting time but wow I am surprised.

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to