[HOME] [DOWNLOAD] [DOCS] [BLOG] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

riseup.net likely compromised


#14

Good day,

At this point, I feel like “anything” could come out of this, though I feel like there are far better ways for getting publicity and thus donations than scattering mistrust in the own platform. It seems that, until further information becomes available, that there might be something quite problematic going on at Riseup.

Have a nice day,

Ego


#15

Everybody is talking about Emails and it thrills me that so far nobody has thought about what could be a juicier target than reading some leftist extremist anarcho mails :slight_smile:

Did nobody consider that Tails might be the target because after all their Code Repository is hosted on their servers and a new version has just been released?!

https://labs.riseup.net/code/projects/tails

And for what it is worth Riseup has known about NSLs for quite some time yet never thought for a moment about moving their servers to a Location in which similiar NSLs and gagorders aren’t as easy to deliver as in the land of the free


#16

Good day,

The thing is that Tails’s git repository is hosted separately (https://git-tails.immerda.ch/tails), though even if it wasn’t, massive changes to the code would be noticed quite rapidly.

Have a nice day,

Ego


#17

It depends on Tails’ use of signed git commits, signed git tags, git commit/tag verification, their build security (who creates official builds and if that person always does the gpg verification). I would guess that Tails developers do this, that they would not be compromised if their remote git servers was compromised, but if you are interested in this, scrutiny is always good.


#18

#19

As Ego pointed out

We forgot the consequences for whonix.org. Still need to change something here:

https://www.whonix.org/wiki/E-Mail#riseup.net


Is WHONIX more secure with a VPN?
#20

Good day,

Made additions regarding the “cannary situation”.

Have a nice day,

Ego


#21

@riseupnet and ffs, this has nothing to do with warrants or canaries. that’s why we end up not tweeting.

Maybe everyone’s better off with them not not tweeting if they keep spouting fucking obscure bird references every couple of days when its clearly a sensitive topic.


#22

Good day,

I was thinking precisely the same thing when I read their last post…

Maybe, just maybe birds aren’t the best conversation piece, keeping in mind what meaning they are supposed to imply. I mean, to a degree I could understand why they are fixated on these animals. Birds have been a representation of freedom for centuries and they’ve prominently been a part of Riseups “brand identity” since the beginning of 2014 when birds were first incorporated into Riseup’s webpage and some of their logo’s. Making a “fun” reference thus isn’t incredibly unreasonable, IF their hasn’t just been confusion about their warrant canary, something integral to their operation commonly associated with birds.

The fact that someone at Riseup thought it was a good idea to start posting about listening “to the hummingbird” AFTER their warrant canary RAN OUT, is in the best case scenario one of the worst cases of timing I’ve ever seen. The fact that they still haven’t diffused the situation by talking openly about their “laid-back” approach to updating the canary and that they didn’t tweet about birds beforehand, when now it seems to be their only topic doesn’t even need to be mentioned at that case.

Adding to that, their (preemptive) response was neither polite, nor appropriate, as THEY THEMSELFES are responsilbe for the criticism leveled at them. Furthermore, their next tweet was even more worrisome to me:

since 1999 we have been doing a lot of work to keep everyone data safe according to the needs of our movements.

Well, yes, you certainly seem to have. Though, just being in “the business” for a long time doesn’t make you immune from criticism, mistakes, or NSL’s. And, not doing anything to improve the situation (like setting fixed times for canaries) certainly doesn’t make you look like people that have been doing this “since 1999”.

Adding to all of that and this is probably the most worrisome thing here, their canary hasn’t been updated for 153 days/5 months OR IN OTHER WORDS ALMOST HALF A BLOODY YEAR!!!

As someone who has a similar AGE TO THEIR SERVICE, even I know that that’s quite a problem.

I was actually unaware of the fact that they still didn’t fix their canary, as I only figured out now. There is no (positive) reason for it to be this outdated. In that intercept article they tweeted a few MONTHS AGO, they said that the only issue with updating the canary was thanksgiving and some bad planning. I have a hard time believing that in retrospective.

Have a nice day,

Ego


#23

IIRC they made some twisted statement about the NSL question where they said there was something but not an NSL…

I think maybe its their way of doing publicity (the all publicity is good strategy) but they are dealing with a privacy conscious user base who thinks critically about these things and not mindless consumer idiots. No one is going to pour in donations to a service suspected of hiding serious problems. Thats about the dumbest thing they could have done. I am looking forward to some alternative decentralized mail solution that works with the internet.


#24

A post was split to a new topic: Which e-mail provider is more adviseable, protonmail or lavabit reloaded?


#25

Riseup’s official statement on the canary (Feb 16) https://riseup.net/en/about-us/press/canary-statement


#26

Good day,

So in the end, my speculation and cynicism was actually justified. Seeing how I wasn’t certain whether I did them injustice or not, that’s quite good to know.

Now this obviously means that, at least I, don’t consider them to be trustworthy in the future. They claim that they’d go out of their way, encrypting the mailbox, though not like Protonmail on the client side, nor like Lavabit in “Cautious or Paranoid mode” with the former being like Protonmail and the latter actually keeping even the encryption key on your system. You still would have to trust their server in the proposed configuration which after such an ordeal feels like a cruel joke, not a serious proposal to win back anyones trust.

But the cynical and quite frankly dangerous approach to winning back their users trust goes even deeper:

Q: Couldn’t the government just make you say that?

A: Forced speech is actually quite rare in the US legal context. It’s usually only in cases of consumer protection where the government has been successful in compelling speech (e.g. forced cigarette warnings). Nevertheless, no they aren’t forcing us to say anything.

ARE YOU TAKING THE BLEEPING PXSS?!?!

Call me a conspiracy theorist at this point but seeing how you’ve just admited to being served a gag order, saying “it is rare” is not reassuring.

Furthermore, they have been quite agressive when people called out that they might have been served a gag order.

If you recall, when people started calling it into question that A) their canary wasn’t getting renewed and B) they continuously made posts about birds, they posted this:

and ffs, this has nothing to do with warrants or canaries. that’s why we end up not tweeting.

In my opinion, that is not the way to talk to a community to which it is crucial to trust you. The security of journalists, activists and others relies on this trust and reacting like this, as I’ve said in the past is A) impolite and B) really terrible in retrospective, now that it has been proven that you actually got forced to cooperate with the FBI.

They continue:

Q: Why didn’t you update your canary?

A: In the Winter of 2016, the canary was not updated on time. The canary was so broad that any attempt to issue a new one would be a violation of a gag order related to an investigation into a DDoS extortion ring and ransomware operation. This is not desirable, because if any one of a number of minor things happen, it signals to users that a major thing has happened.

Are you doing this on purpose? Are you trying to get me as fired up as possible by making these kinds of statements? Because this is not something you should take lightly and I for one evidently passed the point of being polite about this some time ago.

But let’s deconstruct this for a second. First, they state that “The canary was so broad that any attempt to issue a new one would be a violation of a gag order”. Yes, so?

THAT IS THE PURPOSE OF THE CANARY! The way this statement has been made, it seems like you might actually believe that the canary you youself set up in this way actually was to restrictive for law enforcement to make requests while keeping it up. But that’s what the canary actually is supposed to do. Are you sure you are in the correct business?!

Their continuation with “it signals to users that a major thing has happened.” is even more ridiculous.

So a running FBI investigation on a service like your isn’t what we should consider “a major thing”?! WHAT CONSTITUTES AS A MAJOR THING?! The Great Old One Cthulhu comming over to take your servers away? What did you think would happen when the FBI knocks? What did you think you needed a canary for if not for this exact case?

Q: Why does the new Canary not mention gag orders, FISA court orders, National Security Letters, etc?

A: Our initial Canary strategy was only harming users by freaking them out unnecessarily when minor events happened. A Canary is supposed to signal important risk information to users, but there is also danger in signaling the wrong thing to users or leading to general fear and confusion for no good reason. The current Canary is limited to significant events that could compromise the security of Riseup users.

I have no words.

Just this: The fact that you now genuinely feel convident in telling your users that you can assess what is and isn’t a “important risk” terrifies me.

Riseup.net you are so much worse in this regard than I could have ever imagined when I made my previous posts, which were mainly based on a reasonable amount of speculation and analysis of your reactions. In my last post, I gave you the benefit of doubt that you simply lack someone to properly communicate in your team, now, I sadly stand corrected.

I honestly wanted to be proven wrong on this. Or at least see them take proper meassures after this has come out. They didn’t.

Have a nice day,

Ego


#27

we have not disclosed any private encryption keys, and we have not been forced to modify our system to allow access or information leakage to a third party.

[INAL and nitpicking] doesn’t this open a backdoor by having an operative become a riseup member. Then technically it would be no longer a third party?


#28

Touché.


#29

These “Riseup” People have quite a strange kind of Humor :
from the about page :

All your data, including your mail, is stored by riseup.net in encrypted form

from the Canary Statement

We have taken action to ensure that Riseup never again has access to a user’s stored email in plaintext.

They are just a bad Joke maybe the “Riseup Birds” got the Bird Flu :stuck_out_tongue:

+1 to everything Ego said


#30
  1. They don’t know how to use a canary.
  2. They get defensive about their stupidity and moralize it thru and thru.
  3. They continue insulting our intelligence by proposing some worthless server-side encryption scheme.

Roses are red
Violets are blue

Nobody’s going to jail just for you.

That’s why the only answer is privacy by design not policy.


#31

Might be a good idea to change this now and also the "@riseup.net" email address on the help page, “https://www.whonix.org/wiki/Support#Professional_Support”, if no longer in use.

Also, has anyone noticed the sigaint addresses, “http://sigaintevyh2rzvw.onion” and “https://www.sigaint.org/” have been unreachable for a few days now?


#32

I can confirm that Sigaint is down
If you only need to receive Emails :
https://anonbox.net/
http://grrmailb3fxpjbwm.onion
these might be sufficient. (Maybe we should add 24h Emails to the Email wiki @HulaHoop @Patrick)


#33

Ephemeral inboxes are very limited. Lets stick to alternative fully functional services or better yet alternatives.