New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Riseup's warrant canary has died #1613
Comments
So, as @alerque reports, the canary appears to have died at least 8 days ago. I never understand how any self-described privacy-conscious organisation (Riseup.net) can expect to operate unfettered, whilst based in the (not so) good old US of A. With the (apparent) election of Dick Trump --- expect the worst! |
@Hillside502 while I sympathize with what you're saying, please keep discussions on-topic. |
Hm, I think this is actually not that off-topic, but very likely to derail quickly into broad politics bikeshed. The (for prism-break) useful question is: does the surveillance situation change in any way with the new president? If so, proper information would be useful, not guessing... and probably in its own thread, giving references to new laws etc. |
While I agree with @hasufell, the new president doesn’t add very much to the mix. The fact that Senate and the House are controlled by the same party might make pushing new laws through easier, but that’s the end of it. Let’s not act like everything is suddenly changing. And as far as I know, nothing new is being pushed just yet by (R) specifically. Schneier spoke to congress about the upcoming issues with internet security and the importance of privacy before any election results were known. If there will be changes, they would need to come through the House and Senate, just like half a year ago. Remember that and don’t spread the FUD because hashtag-not-your-president won an election in the US. |
Once per quarter means they have until the end of this quarter to update it. It doesn't mean they update it every 3 months, it means they update it 4 times a year within 3 month periods. The time of span between updates can vary. So I don't think it's true that their canary is dead. If they haven't updated it by the end of the quarter you should start worrying for real. |
Maybe, then maybe not. |
From this Twitter thread, Riseup has responded to inquiries but not re-assured us the dead canary is just an oversight. This is probably proof positive there really is an issue. Matthew Green has a point there too in that if the system was properly architected as a distributed system and all data and meta data was secure, it shouldn't even need a warrant canary in order for us to trust it. Given the reservations many of us have always had with this being centralized, and US based, and worst of all, email based (see for example the discussion on #1611), this might be a convenient time to just pull the Risup listing altogether. |
Also note near the end of the article how it says they will publish their source code as an open source project. I want to at least wait for a while longer to see if they follow through on giving us an update, and launching the new personal encryption feature and publishing their source code, etc, before moving to make a decision. |
|
Thank you @strixaluco! They have updated their canary to be more precise about the timing/dates of re-signing. They say they will now start to use personally encrypted email storage. My 2c, with this update statement, I'm still happy recommending using Riseup. |
Actually that statement itself is more concerning to me than the warrant compliance. Activities such as ransomeware are relatively easily agreed upon as bad and are easily verifiable. But on the other hand many of the things listed in that statement are not so easily pinned down. Mind you I'm against exploitation, misogyny, racism and bigotry. I agree that these things are eminent problems faced in our connected world. Sadly these traits are even exhibited by many high up in leadership positions and they are proliferating online. However hearing that a provider of secure and private communication services is taking it upon themselves to legislate their own version of a moral code is somewhat disturbing. Along with the proliferation of these sort of problems has come the proliferation of false accusations of these things, whether through deliberate manipulation of contextual content or just by using them as generic labels for whatever personal agenda one holds. Sadly the media is also guilty of these things, but morally upright or otherwise journalists and activists are among those that need digital protections the most and they also receive the most accusations about these kind of behaviors (both when guilty and when innocent). Having a press statement like this that indicates they only have the back of people who's ideas they agree with does not give me any fuzzy feelings. That combined with the ongoing concerns about this being a centralized service that doesn't (yet) use encryption in the way we would expect from a new project submission, I am more and more in favor of dropping the recommendation. I mentioned this already but if they were properly encrypting data and not holding onto dangerous bits about their users that could fall into the wrong hands, then they wouldn't really need the canary in the first place. It might still apply to a software development team, but it would stop being relevant to user data. |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Caleb Maclennan:
Actually that statement itself is more concerning to me than the
warrant compliance. Activities such as ransomeware are relatively
easily agreed upon as bad and are easily verifiable. But on the
other hand many of the things listed in that statement are not so
easily pinned down. Mind you I'm against exploitation, misogyny,
racism and bigotry. I agree that these things are eminent problems
faced in our connected world. Sadly these traits are even exhibited
by many high up in leadership positions and they are proliferating
online. However hearing that a provider of secure and private
communication services is taking it upon themselves to legislate
their own version of a moral code is somewhat disturbing. Along
with the proliferation of these sort of problems has come the
proliferation of false accusations of these things, whether through
deliberate manipulation of contextual content or just by using them
as generic labels for whatever personal agenda one holds.
Sadly the media is also guilty of these things, but morally upright
or otherwise journalists and activists are among those that need
digital protections the most and they also receive the most
accusations about these kind of behaviors (both when guilty and
when innocent). Having a press statement like this that indicates
they only have the back of people who's ideas they agree with does
not give me any fuzzy feelings.
That combined with the ongoing concerns about this being a
centralized service that doesn't (yet) use encryption in the way we
would expect from a new project submission, I am still in favor of
dropping the recommendation.
Seconded. Assange has been accused of misogyny; Palestinian human
rights activists have been accused of racism. Riseup's statement
seems to leave the door open to giving away the data of people
associated with WikiLeaks or Palestinian human rights (among many
others), which would be extremely concerning to many PRISM-Break users.
…-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYzhv+AAoJELPy0WV4bWVwWDsP/jenhC8nfav/p3/EBaUfGLdZ
dnwCunnyv0lPDqYVIUDpo/XSTE6LGzfsf1U7LML7dDs53tiX6wwoNZWTA8wCbdoh
ATgHMqCGRVH+BoJ3qH4D9U43k033ANFo5miWpTEZDsHMSnPwCs5LdG/7ALW+CRgz
4UV6XGCbwofGl80kSgfDDYvrxt0mu8OJ0Iy2G25bsrycY4u2ZKkBEcOt+uV9Qw6g
0ttg21uAw+zmElv4my+Y+TYVpSrzcMJCH0zlNLQMaBiXh/aHSiLzMOl6I+jgbvM+
qyyozhPEGkCpEekUy0L2q97e2TE4n00dt1JtcY2c8pT9bp/7Ve0QJrpoz1dGxIGz
euLfh+ZrsMq9Pa/G8/iW1NQPtRemSL4RJPK9W5ok/Nk6rUqnzKlwM7fpM+uZxCif
9HKblJKW/aB/1fz2v5GIUbN1Wfd2Z3DrmA5jgxTeBhiuOKysnddickysK8E5fzj8
+qiF5n86LYSAsSWyjmVX/2Zn5Rk9zra7oAPTBfIjgjHM19EnbD2RqqV9QaOV3j01
RB/AsF52NRSA9//N3cjQAXWHtpwxcLgKsY9VYQWaqLMty6v9V96ZjAOJM1fUSi2d
X2WhI17vRE/snYN5xoMbURuHMUtIQ4OUka5SgnqjCHFlcPxCW9NqKvrbdAgXKG9p
GqkXLJLJ4Ex7SsJ+1sO0
=4HkA
-----END PGP SIGNATURE-----
|
Riseup's canary is not dead anymore: https://riseup.net/en/canary I think this issue should be closed and if there are other unresolved concerns with Riseup, we should open a new one. |
Does anyone have the Riseup signing key at the ready and able to check whether that page truly has been resigned on February first this year? If it has, and the canary is thus verifiably up-to-date, I am 👍 on closing this. |
This key is the oldest key issued for collective@riseup.net on key servers (2009). It has also established significant trust (one can explore web of trust by clicking on names): https://pgp.mit.edu/pks/lookup?op=vindex&search=0x3043E2B7139A768E Also, Isis Lovecruft (Tor developer) lists this fingerprint in her GitHub repo: https://github.com/isislovecruft/scripts/blob/master/verify-riseup-server-fingerprints |
Thanks for the check @yegortimoshenko! I currently didn’t have access to a set-up to do so myself. Closing this issue. |
Something we should probably look into is why Riseup's warrant canary seems to have met an untimely demise and what it means for our suggestions.
The text was updated successfully, but these errors were encountered: