steven36 Posted February 19, 2017 Share Posted February 19, 2017 The news comes after the activist email service revealed it complied with two warrants related to users suspected of criminal activity. Late last year, popular activist-focused email service Riseup failed to update its warrant canary. At the time, no additional information was provided. But the move raised suspicion, as warrant canaries are cryptographically signed messages that, when not updated per an expected schedule, are intended to warn users that a company or service is facing some sort of legal battle, but is also under a gag order and can't address it publicly. On Thursday, Riseup clarified what happened. The FBI had served two warrants onto Riseup, which the service complied with. In response, Riseup said it is now implementing encrypted storage so it won't be in a position to handover useful data again. "After exhausting our legal options, Riseup recently chose to comply with two sealed warrants from the FBI, rather than facing contempt of court (which would have resulted in jail time for Riseup birds and/or termination of the Riseup organization)," a Riseup statement reads. ("Riseup birds" are volunteers that help maintain the service.) To be clear, those warrants did not relate to activism. According to Riseup, the first concerned the contact email address for a DDoS extortion ring, and the second was related to a ransomware campaign. "Extortion activities clearly violate both the letter and the spirit of the social contract we have with our users: We have your back so long as you are not pursuing exploitative, misogynist, racist, or bigoted agendas," Riseup's statement continues. Riseup was unable to inform its users of the warrants because of related gag orders, although it did say in a November 2016 interview with The Intercept that the case did not concern a National Security Letter—controversial legal demands for data that the FBI often uses. Regardless, this event has inadvertently shown that Riseup's warrant canary was perhaps not phrased in the best way. "A Canary is supposed to signal important risk information to users, but there is also danger in signaling the wrong thing to users or leading to general fear and confusion for no good reason," the statement adds. Now, the canary has been tweaked to only apply to "significant events that could compromise the security of Riseup users." Most importantly, Riseup is now going to store user emails in such a way that, theoretically, even the service's administrators won't be able to read their contents. "Starting today, all new Riseup email accounts will feature personally encrypted storage on our services, only accessible by you," the statement reads. This isn't end-to-end encryption: your data may still be read if intercepted in transit. But it should protect user emails if a server is physically seized, or if Riseup is legally compelled to hand over info. By Joseph Cox https://motherboard.vice.com/en_us/article/riseup-will-encrypt-all-emails-to-prevent-fbi-searches Link to comment Share on other sites More sharing options...
straycat19 Posted February 19, 2017 Share Posted February 19, 2017 Novell Groupwise Mail was excellent because it encrypted a users mailbox and without their password it couldn't be accessed except by an Administrator or Forensic Investigator who had the authorization of the Director of Information Technology or CTO. This authorization came in the form of a daily password that would allow a special code to be given that would allow access to an account. It was very secure and protected since there was only one person who had the daily transmitted password for the authorization. Why institutions wanted to switch to a totally unencrypted system like Microsoft Exchange is beyond me, but they did. While some people may want end to end encryption, at least having the mail encrypted on the server is better than nothing, but it doesn't mean the encryption can't be broken and your email read. So regardless of the email system, I always tell people that you never send anything by email that you wouldn't say standing on a corner of a crowded street with a megaphone. Otherwise the best way to convey the information is face to face which is still the most secure form of communication. Link to comment Share on other sites More sharing options...
Togijak Posted February 19, 2017 Share Posted February 19, 2017 The riseup problem is a Fourteen Eyes problem and there are more then one mail provider with encryption https://www.privacytools.io/ Link to comment Share on other sites More sharing options...
steven36 Posted February 19, 2017 Author Share Posted February 19, 2017 2 hours ago, Togijak said: The riseup problem is a Fourteen Eyes problem It dont matter witch email you use it's a problem if someone sends you a email from a 5 eyes provider they can read what they send you and if you send anything back they can read it thats if the mail dont bounce because its a 5 eyes blacklist . So there not much good unless the person your emailing has a prvaite email too ... I have 2 of those mails you posted above and i have others that are for encase those want work and a lot times those privacy emails will be banned lol. You think using a private email personality is going to solve a world wide problem ? We just know what little bit we know about what 5 eyes , 9 eyes , 14 eyes does thanks too Snowden . Still countries not listed as such have there own data mining programs and we dont have any idea what they are doing too our emails because it's never leaked out . You got too love it when everyone and every site think there a privacy expert based on outdated data that leaked out almost 4 years ago. that was already old when it leaked out . I dont use email unless I really need too and none of them was made with my real info . Ive not used Gmail , Yahoo or Microsoft emails since 2011 some years before Snowden woke you sleepy heads up ..Google changing there privacy policy in 2011 was enough for me to stop signing in too services it helps if you read there toss and know what you are getting into . For years Tech companies kept everyone in the dark while it was all written in there privacy policy and people needed told by Snowden to make them see the world was in a state of denial pre 2013 and still today there's many on the internet who dont know who Snowden is lol. 5 Reasons Why ‘Snowden’ Couldn’t Hack It at the Box Office Quote 1. People Don’t Know/Care About Snowden For many Americans, Snowden may not be a household name — or one with enough appeal to lure them into the movie theater. Jeff Bock, senior analyst at Exhibitor Relations, pointed to the 2013 film “The Fifth Estate” about WikiLeaks founder Julian Assange as a recent comparison. “I fear Snowden has about as much relevance as Assange, and [“The Fifth Estate”] debuted with just $1.6 million and an embarrassing worldwide total of $8.5 million,” he said. “Seems like a pretty clear bedfellow with ‘Snowden,’ if you ask me.” Open Road itself has acknowledged the challenge of selling a film about Snowden. “Most people do not know who he is. If they recognize the name, they have a vague understanding,” the distributor’s marketing director Jonathan Helfgot told TheWrap in a recent interview. “A lot of people think he has something to do with WikiLeaks. Actual awareness is very low kind of across the board.” You can read the rest of the reasons here but the top reason is no one knows who he is are even cares. http://www.thewrap.com/snowden-box-office-not-hack-joseph-gordon-levitt/ Link to comment Share on other sites More sharing options...
Togijak Posted February 20, 2017 Share Posted February 20, 2017 I think it is around something like 30 years ago where AOL changed there rules (the told the user that thy will read all mails if needed) and that was the day where I leave AOL = is not a new theme for me. And you are right, we don't know much about things doing by government and there spying organization, but for me it is already to much to like this word in which I must live. Not terror etc. is the motivation for them, the motivation is to keep their power Link to comment Share on other sites More sharing options...
steven36 Posted February 20, 2017 Author Share Posted February 20, 2017 8 hours ago, Togijak said: I think it is around something like 30 years ago where AOL changed there rules (the told the user that thy will read all mails if needed) and that was the day where I leave AOL = is not a new theme for me. And you are right, we don't know much about things doing by government and there spying organization, but for me it is already to much to like this word in which I must live. Not terror etc. is the motivation for them, the motivation is to keep their power I never used AOL in my life for email so i dont know much about them ..I know they were a dial up ISP that were used a lot in big cites but reality is it's just like DSL if you live away from a big city like 30 miles you dont have any choices much its a monopoly done by you're phone company or cable provider so they was no AOL in many places Ive lived.. I started out using Yahoo mail and latter used Gmail but i dont use ether one since like 2011. I got a few emails that's not privacy emails because I had trouble using my emails for privacy.. if you want to be able too correspond with the rest of the world you will find some sites and other emails block privacy emails . I dont really even know anybody in real life with one of those privacy emails only some i talk too on the internet have them. You really cant call many people on the internet you're real friends because a real friend would have you're phone number and snail mail and in my case that's only people who are very close too me.. The actual list for privacy based emails is Privacy-Conscious Email Services http://prxbx.com/email/ Whats so funny the maintainers of this list removed tutanota because some of the Trump family use tutanota now . https://tutanota.com/blog/posts/trump-family-encryption Well what the mainstream media said about the Trump campaign talking to Russian spies has been deemed fake and there using it to protect them from the former Obama administration and fake news .that shows there's moles inside the intelligence agencies that have access too USA emails leaking fake news too the press or the Trump family fears there is. Intel officials cleared Trump campaign of contact with Russian spies, says Priebus http://www.washingtontimes.com/news/2017/feb/19/reince-priebus-white-house-chief-intel-cleared-tru/ Link to comment Share on other sites More sharing options...
Togijak Posted February 20, 2017 Share Posted February 20, 2017 @steven36 many thanks for this great Privacy-Conscious Email Services list (I have some mail accounts from this list, but its nice to have this list for share) Link to comment Share on other sites More sharing options...
steven36 Posted February 20, 2017 Author Share Posted February 20, 2017 22 minutes ago, Togijak said: @steven36 many thanks for this great Privacy-Conscious Email Services list (I have some mail accounts from this list, but its nice to have this list for share) really if you're worried about Prism if you use windows at all there is no guarantee you have not been compromised already Quote Warning: Microsoft Windows is affected by PRISM. Even using the software tools we recommend here, your privacy may be compromised by Windows. The operating system of any device can unfortunately lever out any privacy protection that a program tries to offer you. The latter has to run in the confines of the OS after all. We strongly recommend replacing Windows with either Linux or BSD. There's many problems in Linux that make it hard to run in older PCs so it's easier said than done. Main Linux problems on the desktop, 2017 edition https://itvision.altervista.org/why.linux.is.not.ready.for.the.desktop.current.html 11 Reasons Linux Sucks - Down To Earth Linux http://downtoearthlinux.com/posts/11-reasons-to-avoid-linux/ And I know there's lots of problems with Linux because I been messing with it for awhile now and these are just facts.. I research privacy a lot but i also research the grim reality that technology is meant to benefit the end user and not technology benefit from the end users from endless hours messing with software trying get it too work right..It should work out of the box. Link to comment Share on other sites More sharing options...
Togijak Posted February 20, 2017 Share Posted February 20, 2017 @steven36 I don't worry about Prism, I know that some ass hols are watching me but thy only see what I allow them to see. What thy don't have to know I do on my full encrypted Linux AirGap and if I want to be without control in the net I do it form a portable VB on a USB stick running Tails (and only there I use some mail accounts I never used on my normal computer) on a public computer. Link to comment Share on other sites More sharing options...
steven36 Posted February 20, 2017 Author Share Posted February 20, 2017 1 minute ago, Togijak said: @steven36 I don't worry about Prism, I know that some ass hols are watching me but thy only see what I allow them to see. What thy don't have to know I do on my full encrypted Linux AirGap and if I want to be without control in the net I do it form a portable VB on a USB stick running Tails (and only there I use some mail accounts I never used on my normal computer) on a public computer. some people would have problems running newer tails, because of the open source drivers wont work .. I have one pc that seem to work great with newer Linux then my other PC it only runs older Linux good but runs Windows fine ..On my AMD PC its a full time job trying keep newer linux working due too updates and i grow tried of fooling with it. Link to comment Share on other sites More sharing options...
Togijak Posted February 20, 2017 Share Posted February 20, 2017 I use Linuxmint 18.1 cinnamon 32 bit on a very old Netbook (ASUS 1008HA Eee PC) and it runs without any problems and the latest Tails works fine on the ASUS 1008HA Eee PC and on my Toshiba Satellite. To run Tails without problems it is important to use a BIOS and not UEFI Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.