Good day,

So in the end, my speculation and cynicism was actually justified. Seeing how I wasn’t certain whether I did them injustice or not, that’s quite good to know.

Now this obviously means that, at least I, don’t consider them to be trustworthy in the future. They claim that they’d go out of their way, encrypting the mailbox, though not like Protonmail on the client side, nor like Lavabit in “Cautious or Paranoid mode” with the former being like Protonmail and the latter actually keeping even the encryption key on your system. You still would have to trust their server in the proposed configuration which after such an ordeal feels like a cruel joke, not a serious proposal to win back anyones trust.

But the cynical and quite frankly dangerous approach to winning back their users trust goes even deeper:

Q: Couldn’t the government just make you say that?

A: Forced speech is actually quite rare in the US legal context. It’s usually only in cases of consumer protection where the government has been successful in compelling speech (e.g. forced cigarette warnings). Nevertheless, no they aren’t forcing us to say anything.

ARE YOU TAKING THE BLEEPING PXSS?!?!

Call me a conspiracy theorist at this point but seeing how you’ve just admited to being served a gag order, saying “it is rare” is not reassuring.

Furthermore, they have been quite agressive when people called out that they might have been served a gag order.

If you recall, when people started calling it into question that A) their canary wasn’t getting renewed and B) they continuously made posts about birds, they posted this:

and ffs, this has nothing to do with warrants or canaries. that’s why we end up not tweeting.

In my opinion, that is not the way to talk to a community to which it is crucial to trust you. The security of journalists, activists and others relies on this trust and reacting like this, as I’ve said in the past is A) impolite and B) really terrible in retrospective, now that it has been proven that you actually got forced to cooperate with the FBI.

They continue:

Q: Why didn’t you update your canary?

A: In the Winter of 2016, the canary was not updated on time. The canary was so broad that any attempt to issue a new one would be a violation of a gag order related to an investigation into a DDoS extortion ring and ransomware operation. This is not desirable, because if any one of a number of minor things happen, it signals to users that a major thing has happened.

Are you doing this on purpose? Are you trying to get me as fired up as possible by making these kinds of statements? Because this is not something you should take lightly and I for one evidently passed the point of being polite about this some time ago.

But let’s deconstruct this for a second. First, they state that “The canary was so broad that any attempt to issue a new one would be a violation of a gag order”. Yes, so?

THAT IS THE PURPOSE OF THE CANARY! The way this statement has been made, it seems like you might actually believe that the canary you youself set up in this way actually was to restrictive for law enforcement to make requests while keeping it up. But that’s what the canary actually is supposed to do. Are you sure you are in the correct business?!

Their continuation with “it signals to users that a major thing has happened.” is even more ridiculous.

So a running FBI investigation on a service like your isn’t what we should consider “a major thing”?! WHAT CONSTITUTES AS A MAJOR THING?! The Great Old One Cthulhu comming over to take your servers away? What did you think would happen when the FBI knocks? What did you think you needed a canary for if not for this exact case?

Q: Why does the new Canary not mention gag orders, FISA court orders, National Security Letters, etc?

A: Our initial Canary strategy was only harming users by freaking them out unnecessarily when minor events happened. A Canary is supposed to signal important risk information to users, but there is also danger in signaling the wrong thing to users or leading to general fear and confusion for no good reason. The current Canary is limited to significant events that could compromise the security of Riseup users.

I have no words.

Just this: The fact that you now genuinely feel convident in telling your users that you can assess what is and isn’t a “important risk” terrifies me.

Riseup.net you are so much worse in this regard than I could have ever imagined when I made my previous posts, which were mainly based on a reasonable amount of speculation and analysis of your reactions. In my last post, I gave you the benefit of doubt that you simply lack someone to properly communicate in your team, now, I sadly stand corrected.

I honestly wanted to be proven wrong on this. Or at least see them take proper meassures after this has come out. They didn’t.

Have a nice day,

Ego

we have not disclosed any private encryption keys, and we have not been forced to modify our system to allow access or information leakage to a third party.

[INAL and nitpicking] doesn’t this open a backdoor by having an operative become a riseup member. Then technically it would be no longer a third party?

Touché.

These “Riseup” People have quite a strange kind of Humor :
from the about page :

All your data, including your mail, is stored by riseup.net in encrypted form

from the Canary Statement

We have taken action to ensure that Riseup never again has access to a user’s stored email in plaintext.

They are just a bad Joke maybe the “Riseup Birds” got the Bird Flu

+1 to everything Ego said

1. They don’t know how to use a canary.
2. They get defensive about their stupidity and moralize it thru and thru.
3. They continue insulting our intelligence by proposing some worthless server-side encryption scheme.

Roses are red
Violets are blue

Nobody’s going to jail just for you.

That’s why the only answer is privacy by design not policy.

Might be a good idea to change this now and also the “@riseup.net” email address on the help page, “Free Support for Whonix”, if no longer in use.

Also, has anyone noticed the sigaint addresses, “http://sigaintevyh2rzvw.onion” and “https://www.sigaint.org/” have been unreachable for a few days now?

I can confirm that Sigaint is down
If you only need to receive Emails :
https://anonbox.net/
http://grrmailb3fxpjbwm.onion
these might be sufficient. (Maybe we should add 24h Emails to the Email wiki @HulaHoop @Patrick)

Ephemeral inboxes are very limited. Lets stick to alternative fully functional services or better yet alternatives.

Wow Ego, it sounds like you were denied a riseup account once and have a lot of anger about that! You are reading way too much into what they said. It is pretty simple, but you are complicating it unnecessarily. There wasn’t a FBI investigation into Riseup (your words), they received a warrant from the FBI for specific user’s emails.The two are very different.

I’ve been a Riseup user for almost 8 years now. I’ve followed them closely, they have been the only trustworthy organization out there that I felt comfortable putting my email on their servers. They have always done the right thing, and after this incident, I trust them more, especially now that my email will be encrypted there (they already encrypted their drives, but now nobody in their organization can see the emails).

They had a warrant canary, they got a warrant, they didn’t update the canary (they could have lied and just updated it, kudos to them). They realized the canary was making people worry when they didn’t need to worry, so they tried to reassure people without breaking the gag order. Because I have trusted Riseup for a really long time I was reassured by that. I believed, and I still believe, that if the issue was something to worry about, Riseup would have acted very differently.

Now that they have clarified things, it seems pretty obvious, they didn’t update the canary because they got warrants for people who were abusing their systems, and they didn’t want to lie about their warrant canary. They would have been better off to lie about the canary, but I prefer honesty and their integrity is why I’ve continued to trust them.

They already encrypted their drives, and use SSL, and don’t log IP addresses, being able to encrypt the stored mail is pretty great. I’m betting that it was not an easy thing to do with so many users.

goldstein: there is a difference between disk encryption, and what they implemented. those statements aren’t contradictory, they’ve taken additional steps to improve what they already had.

Good day,

I can see why you’d say that and I’m sorry if I was a bit aggressive in the way I made my statement.

That being said, I’d like to say that for the record, I never attempted to get an account at Riseup. I simply was of the opinion, that in regards to the laws, Riseup’s location in the United States made it by design unfit for me, considering their systems non open nature.

So no, I don’t hold a personal grudge against Riseup and I’d like to think that even if they had denied me an account in the past, I wouldn’t think of them any less because of this. I’m a lot of things, but petty is not one of them.

I’m sorry but while those two are different things, they are still intertwined with one another. A warrant is a tool, used in an investigation. The two are different, strictly speaking, but were a warrant, there an investigation according to US law. Warrants are a part of Criminal investigations and as such, a warrant means, that an investigation at Riseup took place.

But lets just quote Riseup on that front:

The canary was so broad that any attempt to issue a new one would be a violation of a gag order related to an investigation into a DDoS extortion ring and ransomware operation.

So I don’t really see what your argument is based on this aspect.

That is great in my eyes, more power to you then. However, if I may then justify my previous rage by making clear why I “lost it” regarding their reply: I can obviously not make judgements based on posts, so it is impossible for me to tell how necessary the anonymity is for you. Because there are people, who depend on services like Riseup to stay secure and protect them for a variety of reasons. Especially journalists depend on such services in a massive way. These are people who cannot afford that their traffic and mails gets accessed without them being aware of it.

These are the people that cannot just “trust” Riseup, as trusting something, even if you have a long positive experience with it can put you, as well as informants in danger.

I have admiration for what Riseup has been doing for more than a decade and have very high respect because of it. However, because of what they have to do, I would and could never trust them. Or any other provider like Protonmail or Lavabit. Thing is, that because I have respect in them, I was so disappointed in their reply. I presumed that they’d say that the canary “worked as intended” when it, according to them, didn’t.

Changing the canary now feels like fixing an issue, which wasn’t one.

I actually gave Riseup the benefit of the doubt of simply being bad at communication and not having someone to properly handle social media in a previous post, because part of me wanted this to be a simply misunderstanding.

I’m sorry but not lying shouldn’t be considered something positive regarding the things they do. It should be the bare minimum standard for doing what they do.

Thing is, the canaries purpose is to make people worry and consider securing what can be secured. At a service like Riseup, it should be there to inform journalists and other users in a subtle way that maybe they should consider telling their contacts to “not whistleblow” for the time being. It is there to tell human rights activists that maybe they aren’t as safe as they’d want to be at the moment.

In regards to the people who need the services by Riseup to be 100% secure, it is better to be safe, than sorry.

I really doubt that. If they’d lied, would many people stay with them? Not everyone can afford to put as much trust in them as you apparently can so lying would not just be awful, it would also be stupid from a publicity perspective.

Either way, it is great to see that you have so much faith in Riseup and I wouldn’t want to change that. Like said my (over)reaction mainly came from me considering who really could suffer from any kind of inconsistencies on part of Riseup.

Have a nice day,

Ego

“Riseup did nothing wrong” meme
Funny how you defend them , you really seem to like them, to blindly believe what they say.
I wouldn’t trust a service that worked with some agency and then attack anyone questioning their Canary , this Time they gave out Informations related “only” to “bad guys”, next Time you might be the bad Guy (the Government decides this, not Screwup.net), they should scrap their Canary because it’s worthless…but hey at least they are “honest” lol

It should be a trustless Setup without people to pressure with Jail, until then it’s not even worth it to consider it secure…

While its true the FBI was interested in user emails not the admins running things, there is no need for the passive aggressive tone.

Whether they do the right thing or not (depending on who’s opinion?) is besides the point. Only technical means to enforce privacy is what matters. The rest is meaningless. Promises can be broken, people can be threatened or bought off, central servers are huge targets for hacking. Centralized services are just bad.

Also you are deceived if you think the new server side encryption is anything besides PR. If the user doesn’t hold they key then the contents can be silently recovered and handed to a third party. Simple.

Before this incident they were disorganized and failed to update their canary on time. People had to nudge them to get them to do it. So when this happened no one knew if they were being negligent or if something was going on.

Also when people were alarmed at their bird related tweets they misleadingly denied in a direct way that they’ve been contacted by LE. A bare-faced lie.

They’ve clarified that they protect privacy based on their personal discretion not as an absolute principle. They lied about the canary see what I’ve written above.

The “technical” protections are toothless drivel. See above.

Any update?

Quote https://riseup.net/about-us/canary/canary-statement-signed.txt

Q: Why didn’t you update your canary on time in the winter of 2016?

A: The canary was so broad that any attempt to issue a new one would be a violation of a gag order related to an investigation into a DDoS extortion ring and ransomware operation[0]. This is not desirable, because if any one of a number of minor things happen, it signals to users that a major thing has happened.

0. Canary Statement - riseup.net

Dear Fellow “Whonixens”,

Indeed this is an old thread. Please excuse me for resurrecting it simply because it can help allay any unintended FUD which might linger on in a person’s mind.

Nevertheless, MODs please feel free to re-allocate this post as you deem fit. TIA

Direct Reference to source of information (via the 3 URLs below)
@V3 onion
http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion/about-us/press/canary-statement/index.en.html
@V2 onion
http://nzh3fv6jc6jskki3.onion/en/about-us/press/canary-statement
OR
Standard HTTP URL
https://riseup.net/en/about-us/press/canary-statement

I have reproduced the entire text of the post from Riseup below for your convenience -

Riseup moves to encrypted email in response to legal requests.

Feburary 16, 2017

After exhausting our legal options, Riseup recently chose to comply with two sealed warrants from the FBI, rather than facing contempt of court (which would have resulted in jail time for Riseup birds and/or termination of the Riseup organization). The first concerned the public contact address for an international DDoS extortion ring. The second concerned an account using ransomware to extort money from people.

Extortion activities clearly violate both the letter and the spirit of the social contract [1] we have with our users: We have your back so long as you are not pursuing exploitative, misogynist, racist, or bigoted agendas.

There was a “gag order” that prevented us from disclosing even the existence of these warrants until now. This was also the reason why we could not update our “Canary” [2].

We have taken action to ensure that Riseup never again has access to a user’s stored email in plaintext. Starting today, all new Riseup email accounts will feature personally encrypted storage on our servers, only accessible by you. In the near future, we will begin to migrate all existing accounts to use this new system (for technical details, see [3]).

To be absolutely clear, this type of encryption is not end-to-end message encryption. With Riseup’s new system, you still put faith in the server while you are logged in. For full end-to-end email encryption, as before, you must use a client that supports OpenPGP (and is not web-based).

We are working to roll out a more comprehensive end-to-end system in the coming year, but until that is ready, we are deploying personally encrypted storage in the mean time.

in solidarity,
The Riseup Birds

Questions

Q: Are you compromised by law enforcement?

A: No. We have never permitted installation of any hardware or software monitoring on any system that we control; law enforcement has not taken our servers; does not, and has never had access to them. We would rather stop being Riseup before we did that.

Q: Couldn’t the government just make you say that?

A: Forced speech is actually quite rare in the US legal context. It’s usually only in cases of consumer protection where the government has been successful in compelling speech (e.g. forced cigarette warnings). Nevertheless, no they aren’t forcing us to say anything.

Q: Why didn’t you update your canary?

A: In the Winter of 2016, the canary was not updated on time. The canary was so broad that any attempt to issue a new one would be a violation of a gag order related to an investigation into a DDoS extortion ring and ransomware operation. This is not desirable, because if any one of a number of minor things happen, it signals to users that a major thing has happened.

Q: Why does the new Canary not mention gag orders, FISA court orders, National Security Letters, etc?

A: Our initial Canary strategy was only harming users by freaking them out unnecessarily when minor events happened. A Canary is supposed to signal important risk information to users, but there is also danger in signaling the wrong thing to users or leading to general fear and confusion for no good reason. The current Canary is limited to significant events that could compromise the security of Riseup users.

[1]: https://riseup.net/tos
[2]: https://riseup.net/canary
[3]: https://0xacab.org/riseuplabs/trees

I never read this thread until now.

Are there any reputable sources for aggregating warrant canary data? I was thinking a cool little app idea MVP could be something like

1. aggregate active sites with warrant canary
2. check daily for warrant canary changes
3. post a tweet when a warrant canary is gone or has been modified

The closest thing there was Canarywatch. Now only to be found on the web archive.

EFF blog post reasons why it was deprecated:

Other than that, I don’t think there is still a lot activity related to canaries.

So, which email do you recommend using now, in 2023?

Source anonymousplanet

• 2021, Proton, Proton logged IP address of French activist after an order by Swiss authorities
• 2021, The Germany-based mail provider Tutanota was forced to monitor specific accounts for 3 months
• 2020, The Germany-based mail provider Tutanota was forced to implement a backdoor to intercept and save copies of the unencrypted e-mails of one user (they did not decrypt the stored e-mail).

Use any email provider which allow you to use your own encryption, ALWAYS consider your emails will be logged on the server side, your metadata…

So riseup or danwin1210 are still good, yet there is no security design to make you believe they are better than just using gmail.

difference between them and gmail is only on one thing: which is the ability of using onion services for smtp/pop3

other than this i dont have something in mind that they are better than a gmail or any free email provider + your own GPG encryption.