[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: AVG + TOR = BARF



> (Full Disclosure: I know some people involved in Riseup Labs, etc.)
> 
> Riseup goes out of their way to not log data. They maintain patches to
> free software programs[0] to ensure that their software isn't logging.
> In addition, they contribute these patches back to the community.
> Because they do not log, that means that short of a specific wiretap,
> there isn't data for someone to fetch from their machines.
> 
> Furthermore, I think it's out of line for you to say that Riseup is
> compromised. Riseup has some really talented administrators and many of
> them are active in the free software community.
> 
> Obviously, no one is perfect and everyone can be compromised when
> specific resources can be allocated. I still object to you promoting the
> idea that they're compromised. Do you have any specific proof of this?
> Or are you just speculating that they're a high value target and thus
> they are clearly owned?  If that's the case, it's pretty hilarious to
> imagine that Riseup is of greater value to an attacker than all of Gmail.
> 
> While it's true that you might be lost in the noise when you generally
> use Gmail, your mail is scanned for content and context as part of their
> normal service. When you do arouse suspicion (either internally or
> externally), Google isn't going to fight a subpoena or a gag order;
> Riseup most certainly will. And they're proactive (see that bit about
> not logging in the first place) about their fighting.
> 
> I disagree. I think that if you're sending encrypted email, you still
> have a massively unknown quantity with gmail or other commercial email
> providers.  Riseup also uses a lot of disk crypto and while it's
> imperfect[1], it's probably going to help if they decide to take a stand
> or if the search is illegal.
> 
> Regards,
> Jacob
> 
> [0] http://riseuplabs.org/privacy/
> [1] http://citp.princeton.edu/memory/

If riseup was owned, it wouldn't be by a hacker. It would be owned at a
level that no lack of logging, disk crypto, or participation in the
community would help. It would be owned by a tap on the wire, a gag
order, and the "keys to the castle" for everything else.

I don't wish to impugn the riseup team in any way. I think they're doing
a great job, and doing something that's very needed for the activist
community. I'm sure they've got enough security on it to bar out just
about anything.

But I'm also sure they have lives that they care about, and I'm also
sure that if it came down to them handing things over to the FBI or
being caught up in the green scare, they'd do the self-preserving thing.
It's what anyone would do, and it's what I expect of them. I'm sure
they'd try to fight it however they could, but again, they aren't
exactly blending into the crowd. Their favicon is a red/black star, they
link to other radical sites, they provide email list to groups that are
probably on terror watchlists. They're most certainly in a spotlight, if
they aren't already wiretapped or subpoenaed. 

Sure, they may try to fight. But will they really go to prison so that
my email can be unread? They won't be going up for privacy, they'll be
seen by the masses of America as supporters of "eco-terror" or whatever
demon is the label of the day. And if they fight, they won't be fighting
for the 1st amendment, they'll be fighting against the PATRIOT act. Not
to mention that they've got limited resources, and can only keep up for
so long.

Again, don't get me wrong. The riseup team are all (probably, as I don't
know them) great people, and they're certainly providing a needed
service. But I don't expect them to take a bullet for me.

I would think that a gmail account, sending PGP-encrypted messages,
would be sufficiently under the radar. If sending PGP alone flags you,
then it could easily be steg'd into a picture. But on Riseup, you're
well on the radar to begin with, and that's troubling to me. Unless we
get into "can <your choice of MJ12, Illuminati, NSA or Grey Aliens>
crack PGP", that should keep you safe from context scanning (and when I
mentioned sending only encrypted messages, I was speaking of PGP, to be
clear).

In short, I think Riseup is great, but I would love it a lot more if the
server had protection from the legal kind of compromising, possibly
through Tor as a hidden service. I wouldn't advocate using Riseup
because they profess to having good admin practices; admins can be
changed quite transparently for users, and you don't know if the Riseup
team is really running the show. Gmail can't context-scan encrypted or
steg'd email.

>use off the record [0] or something equivalent for private
>conversations!  you get clear indication of state (private/not
>private) and it was designed for end to end privacy.
>
>(just my personal opinion :)

I advocate OTR every chance I get. It's really great: it's deniable,
it's authenticating, and it's available on all major (free or not) OS's.
It's fantastic, IMHO.

Attachment: signature.asc
Description: This is a digitally signed message part