On Wednesday, March 7, 2018 at 8:11:25 PM UTC+1, Tim W wrote: > I am sorry what is reason so many people want to get and use a riseup.net > account outside political or some other social reason > > They had their canary down for over a year because of gag order from the feds. > > They have totally rewritten there canary statement since which was prior very > clear and concise. Now it looks to be heavily lawyered careful play on > words...thus its vague using words that can having wide varying meaning. > what is omitted is any speech with the words warrant, gag order, NSL. If > they get any of those it will NOT of itself require them activating the > canary protocol. > > Here is their old Canary statement followed by the new one: > > OLD: > riseup has not received any National Security Letters or FISA court orders, > and we have not been subject to any gag order by a FISA court, or any other > similar court of any government. Riseup has never placed any backdoors in our > hardware or software and has not received any requests to do so. Riseup has > never disclosed any user communications to any third party. > > > NEW: > Riseup positively confirms that the integrity of our system is sound. all our > infrastructure is in our control, we have not been compromised or suffered a > data breach, we have not disclosed any private encryption keys, and we have > not been forced to modify our system to allow access or information leakage > to a third party. > > > Unfortunately we cannot use common sense to read these but they must be read > thru the eye of a laywer I think you really see the effects of the rewritten > statement. > > From what I can tell the system is closed source. They no longer offer any > form of encryption. I must all be done on your email client. There is no > two factor authentication. The user name and password to get your into your > mailbox from what I can see maybe moot as there is no info on any use of > encryption outside users manually or thru a client using gpg. If that is > correct then any mail not gpg encrypted is sitting in the mailbox in > cleartext. Unless there is something like AES 256 protecting the mailbox via > your password but then that means thru the recovery passcode system they very > well can get back into your mailbox even with lost credentials and no reset > alternate email address. > > For a person that plans to gpg encrypt all their emails what does this offer > anyone over the other free email accounts. Sure your contacts are not mined > to hell and back but in terms of email content I see no difference and > actually lower login security. > > I was looking at the thread and it looks like around 40 people requested > referral codes on this thread while the canary was expired. One person even > mentioned it and it went uncommented on. > > Compare this to say protonmail its not even remotely close. As both can be > had for free and without all the need for referrals as its targeted toward > liberal/social/anticapital political change groups not sure the point? > Elitism? > > I honestly was surprised so many people on this list asking for it and where > unphase by the fact the canary was expired and it was known they were under a > gag order. We make a big deal about a close source binary blob for a driver > or firmware to a nic or gpu yet a closed source email provider system with a > triggered canary and no one misses a beat? I know the thread was off topic > and has been running for years and why I never even read it till now for no > other reason than I was wasting time but wow I am surprised.
excuse my tired quick math on the decades, 7 to 8 should be 5 to 6. I was thinking back to the 40s lmao -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b5caf3bc-1d67-4f16-9388-9eb160c10a06%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.