September

Funds Update

In our last newsletter we had a call out for help in labor and money to make us more secure against all the spooks spying on us all the time. The response? We had over 120 hackers volunteer to help with the software we are upgrading to, we got asked to submit to a $20,000 grant to help pay for our system upgrades, and stopwatching.us ran an Indiegogo campaign for us that raised over $14,000 to buy some new servers. Wow, peoples! Once again, we learn that our users are wonderful, generous, and just all around helpful. Thanks so, so much! We’ll still need to do our annual fundraising for the basic costs of keeping our lists, email, chat, and servers running, but this goes a long way toward that goal.

Encryption, broken?

Some of the biggest news coming out of the leaked NSA information of late has been that private encryption, across the world is vulnerable.

What this does and doesn’t mean, as far as anyone has been able to tell:

  1. The math has not been broken, which means encryption still works but the NSA has worked to put backdoors and weaknesses into many applications (particularly proprietary ones produced by companies in the U.S.).
  2. Free Software/Open Source encryption implementations based on Open encryption standards are presumed to still be secure since everyone can look at the code/algorithims and see that there is no backdoor.
  3. Riseup uses only Free Software/Open Source implementations of Open encryption standards.
  4. The US government has more information about you than you thought.

Email Forwarding, Ugh

Riseup allows you to forward your mail from a Riseup email account to another email account (https://help.riseup.net/en/aliases#what-is-email-forwarding). This means that when people send email to your Riseup account, it is sent to wherever you have your mail forwarded. While we do offer this service, we wanted to explain to folks that doing so loses any security advantages from using Riseup mail. Additionally, people emailing you may think they are emailing a Riseup account, and may make assumptions about the email being more secure.

There are some decent reasons to forward mail, and we don’t have plans to discontinue this service, but be aware of its downsides. Corporate email providers store tons of data on their users and everybody they communicate with. By forwarding your Riseup email to one of these providers, you are not just handing over data about you, but also information about the people who emailed you.

If you do have your email forwarded, you might want to consider why you do this. You could start checking your email with a mail client instead (https://help.riseup.net/en/email-clients). This makes it easier to check multiple addresses. Or maybe the recent NSA news is enough motivation to get rid of that other email account altogether?

Also, whenever you are emailing a Riseup account, please be aware that the recipient might have the email forwarded outside of Riseup!

Money

Has the global revolution finally happened where all resources have been redistributed fairly? Nope, which means we still need your donations. Thanks! https://help.riseup.net/en/donate