On Wednesday, March 7, 2018 at 8:11:25 PM UTC+1, Tim W wrote:
> I am sorry what is reason so many people want to get and use a riseup.net 
> account outside political or some other social reason
> They had their canary down for over a year because of gag order from the feds.
> They have totally rewritten there canary statement since which was prior very 
> clear and concise.  Now it looks to be heavily lawyered careful play on 
> words...thus its vague using words that can having wide varying meaning.  
> what is omitted is any speech with the words warrant, gag order, NSL.  If 
> they get any of those it will NOT of itself require them activating the 
> canary protocol.
> Here is their old Canary statement followed by the new one:
> OLD:
> riseup has not received any National Security Letters or FISA court orders, 
> and we have not been subject to any gag order by a FISA court, or any other 
> similar court of any government. Riseup has never placed any backdoors in our 
> hardware or software and has not received any requests to do so. Riseup has 
> never disclosed any user communications to any third party.
> NEW:
> Riseup positively confirms that the integrity of our system is sound. all our 
> infrastructure is in our control, we have not been compromised or suffered a 
> data breach, we have not disclosed any private encryption keys, and we have 
> not been forced to modify our system to allow access or information leakage 
> to a third party.
> Unfortunately we cannot use common sense to read these but they must be read 
> thru the eye of a laywer  I think you really see the effects of the rewritten 
> statement. 
> From what I can tell the system is closed source.  They no longer offer any 
> form of encryption.  I must all be done on your email client.  There is no 
> two factor authentication.  The user name and password to get your into your 
> mailbox from what I can see maybe moot as there is no info on any use of 
> encryption outside users manually or thru a client using gpg.  If that is 
> correct then any mail not gpg encrypted is sitting in the mailbox in 
> cleartext.  Unless there is something like AES 256 protecting the mailbox via 
> your password but then that means thru the recovery passcode system they very 
> well can get back into your mailbox even with lost credentials and no reset 
> alternate email address.
> For a person that plans to gpg encrypt all their emails what does this offer 
> anyone over the other free email accounts.  Sure your contacts are not mined 
> to hell and back but in terms of email content I see no difference and 
> actually lower login security.
> I was looking at the thread and it looks like around 40 people requested 
> referral codes on this thread while the canary was expired.  One person even 
> mentioned it and it went uncommented on.
> Compare this to say protonmail its not even remotely close.  As both can be 
> had for free and without all the need for referrals as its targeted toward 
> liberal/social/anticapital political change groups not sure the point?  
> Elitism?
> I honestly was surprised so many people on this list asking for it and where 
> unphase by the fact the canary was expired and it was known they were under a 
> gag order.  We make a big deal about a close source binary blob for a driver 
> or firmware to a nic or gpu yet a closed source email provider system with a 
> triggered canary and no one misses a beat?  I know the thread was off topic 
> and has been running for years and why I never even read it till now for no 
> other reason than I was wasting time but wow I am surprised.

excuse my tired quick math on the decades, 7 to 8 should be 5 to 6. I was 
thinking back to the 40s lmao

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to