[liberationtech] RiseUp
Christian Fuchs
christian.fuchs at uti.at
Fri Oct 18 11:05:51 PDT 2013
Hello Sahar,
I am interested in the political economy of digital media and am author
of a forthcoming book about Occupy and social media.
Alternative media and technologies are facing the challenge of acquiring
resources for being run. I am wondering how at RiseUp you organized the
necessary resources (working time, people, software development and
upgrade, system administration etc) and what your experiences were with
voluntary donations? I would be interested to hear how well the donation
system works?
Thanks a lot.
Best wishes,
Christian
--
Christian Fuchs
Professor of Social Media
University of Westminster,
Communication and Media Research Institute,
Centre for Social Media Research
http://fuchs.uti.at, http://www.triple-c.at
http://www.westminster.ac.uk/csmr
@fuchschristian
c.fuchs at westminster.ac.uk
+44 (0) 20 7911 5000 ext 67380
On 18/10/2013 19:53, Sahar Massachi wrote:
> As Elijah wrote, the point of riseup is to serve a specific
> constituency. The point is not to help the general public encrypt their
> email.
>
> On Oct 18, 2013 1:30 PM, "Jonathan Wilkes" <jancsika at yahoo.com
> <mailto:jancsika at yahoo.com>> wrote:
>
> On 10/15/2013 06:47 PM, elijah wrote:
>
> On 10/15/2013 03:07 PM, Yosem Companys wrote:
>
> If you have any thoughts about Riseup, whether
> security/privacy-related or otherwise, I'd love to hear them.
>
> I think I am the only person from the Riseup collective who is
> subscribed to liberationtech, so I will reply, although what
> follows is
> not an official position or response from the collective.
>
> We started when it was impossible to get even simple IMAP
> service that
> was affordable. Very early on, it became apparent that one of the
> primary issue facing our constituency (social justice activists)
> was the
> rapid rise in abusive surveillance by states and corporations.
>
> Riseup does the best it can with antiquated 20th century technology.
> Without getting into any details, we do the best that can be done,
> particularly when both sender and recipient are using email from
> one of
> service providers we have special encrypted transport
> arrangements with.
> Admittedly, the best we can do is not that great. And, of
> course, our
> webmail offering is laughably horrible.
>
> Riseup is not really a "US email provider". The great majority
> of our
> users live outside the United States, and email is just one of many
> services we provide.
>
> There has been much discussion on the internets about the fact that
> Riseup is located in the US, and what possible country would
> provide the
> best "jurisdictional arbitrage". Before the Lavabit case, the US
> actually looked pretty good: servers in the US are not required to
> retain any customer data or logs whatsoever. The prospect of
> some shady
> legal justification for requiring a provider to supply the
> government
> with their private TLS keys seems to upend everything I have read or
> been told about US jurisprudence. Unfortunately, no consensus has
> emerged regarding any place better than the US for servers, despite
> notable bombast the the contrary.
>
> As a co-founder of Riseup, my personal goal at the moment is to
> destroy
> Riseup as we know it, and replace it with something that is based on
> 21st century technology [1]. My hope is that this transition can
> happen
> smoothly, without undo hardship on the users.
>
> As evidence by the recent traffic on this list, many people are
> loudly
> proclaiming that email can never be secure and it must be
> abandoned. I
> have already written why I feel that this is both incredibly
> irresponsible and technically false. There is an important
> distinction
> between mass surveillance and being individually targeted by the
> NSA.
> The former is an existential threat to democracy and the latter is
> extremely difficult to protect against.
>
> It is, however, entirely possible to layer a very high degree of
> confidentially, integrity, authentication, and un-mappability
> onto email
> if we allow for opportunistic upgrades to enhanced protocols. For
> example, we should be able to achieve email with asynchronous
> forward
> secrecy that is also protected against meta-data analysis (even
> from a
> compromised provider), but it is going to take work (and money)
> to get
> there. Yes, in the long run, we should all just run pond [2],
> but in the
> long run we are all dead.
>
>
> The first thing you should do is remove the social contract from your
> registration page. It's creepy and (should be) completely at odds with
> your privacy policy. (That is, it should read "even _we_ can't ban you
> from using our service to talk about the following things in confidence
> with others...")
>
> Furthermore, every single bullet point is ambiguous and would be
> subject to a flame war if I posted them here. That is, they are so
> wide open that people could reasonably take an opposing view for
> any or all of them, in good faith or bad.
>
> Personally, I agree with Riseup's position on those bullet points
> (assuming I understand them the same as you). But I disagree
> with requiring people to answer them if they want to try to be
> safer when they use the internet.
>
> Essentially, a requirement to click such a button is asking people to
> lie to themselves in order to use your service. Even the Pope and
> the military have seen fit to stop making people do that.
>
> Best,
> Jonathan
>
>
> -elijah
>
> [1] https://leap.se/email
> [2] https://pond.imperialviolet.__org/
> <https://pond.imperialviolet.org/>
>
>
> --
> Liberationtech is public & archives are searchable on Google.
> Violations of list guidelines will get you moderated:
> https://mailman.stanford.edu/__mailman/listinfo/__liberationtech
> <https://mailman.stanford.edu/mailman/listinfo/liberationtech>.
> Unsubscribe, change to digest, or change password by emailing
> moderator at companys at stanford.edu <mailto:companys at stanford.edu>.
>
>
>
More information about the liberationtech
mailing list