Missing ‘canary’ mail prompts alarm over security of RiseUp email service
Users of RiseUp.net, an email network reportedly used by the likes of WikiLeaks and Anonymous, have been expressing their alarm over indications that the site has been compromised.
RiseUp.net claims to offer secure online communication for activists “working on liberatory social change”. The site promises to reassure users of their protection by posting quarterly ‘canary’ updates to indicate their service has not been compromised.
“A mechanism to test for unsafe conditions, originating from the use of canaries in coal mines to detect poisonous gases or cave-ins. If the canary died, it was time to get out of the mine,” the website explains.
READ MORE: Germany creates cybersecurity squads, allocates funds for new spy satellite
However, the site’s lack of an anticipated ‘canary’ update coupled with recent cryptic tweets have sparked a debate among its users as to whether the site has been gagged, hacked or worse.
The last canary update was posted on August 16.
@riseupnet Given mass concern, could you just plainly state you haven't received any government requests or demands instead of vagueness?
— Tony Webster (@webster) November 21, 2016
User concern over RiseUp’s security erupted when the website posted a series of cryptic tweets earlier this week, leading users to believe the team haven’t just been “lazy” with their updates but are instead warning users that something is indeed amiss.
“It is possible that they are just being lazy or that they simply haven’t updated it yet. None of that matters. The point of the Canary is that if it is not updated in a timely fashion you stop using the service. If they update the Canary later then you know you’re good to go,” journalist Tim Pool told SubVerse.
READ MORE: Lavabit owner fears arrest for non-compliance after secret surveillance order
RiseUp’s latest tweet reads: “We have no plans on pulling the plug” along with a screenshot of their FAQ page which said: “We would rather pull the plug than submit to repressive surveillance by any government”.
we have no plans on pulling the plug https://t.co/7Bm0KrEnKApic.twitter.com/MvEu6itTX6
— riseup.net (@riseupnet) November 21, 2016
Other recent tweets from the RiseUp account with hummingbird quotes and threats of a “revolution” have convinced some avid fans that the site is trying to deliver a warning.
listen to the hummingbird, whose wings you cannot see, listen to the hummingbird, don't listen to me. #LeonardCohenpic.twitter.com/PZisFt6mHm
— riseup.net (@riseupnet) November 11, 2016
— riseup.net (@riseupnet) November 11, 2016
The messages have sent users into a confused digital hysteria.
@VirtuallyMasked@riseupnet Yes this is as close as they can get to legally SCREAMING at us they are compromised. CANARY still not updated
— Seth v. 2.0 (@a_skylit_empire) November 21, 2016
@riseupnet lack of a simple answer suggests gagging order and forced to leave servers running as part of the NSL. #riseup#WarrantCanary
— Reborn (@VirtuallyMasked) November 21, 2016
@riseupnet This is a confusing statement considering you haven’t updated the canary but you are obviously responding on twitter.
— Eric S (@MutualArising) November 21, 2016
@riseupnet Maybe throw out another canary update if that doesn't violate the terms of any warrants.
— Deplorable Student (@HawkeyeJKay) November 22, 2016
@riseupnet So, under a gag order, but not to the point of your clients being "under surveillance", forcing a pulling of the plug?
— Curious Skeptic (@fretfriendly) November 22, 2016