Newsletter November 2009

< October 2009 | Index | December >

[en] english

November 2009 Contents

  • Happy Birthday Riseup!
  • Pay for what you use
  • Riseup FAQ
  • Tips on picking a password
  • Notes from the surveillance apocalypse

Happy Birthday Riseup!

Riseup turns 10 this month! It’s also the 10-year anniversary of the grassroots shutdown of the WTO meetings in Seattle. Riseup formed largely as a result of this organizing. We realized that social movements shouldn’t rely on corporate communications infrastructure, and decided to build our own! And here we are, 10 years later, still going strong.

For those of you near Seattle, we hope to meet you at the WTO anniversary celebrations—seattleplus10.org.

Pay for what you use

Do you rely on your riseup email or list for secure communications, and believe that a free society needs autonomous communication infrastructures? We do, and have been building email, lists, and free software for the past ten years to be one of many tech collectives serving this need. Every year we ask that our users, when possible, give us two hours of however much they’re paid at work. We work hard and care deeply about the health of the social movements we’re all engaged in, and we’re asking for some mutual aid back. Donate a birthday gift to Riseup Networks at help.riseup.net/about-us/donate

If you want to make an end-of-year US-tax-deductible donation, or your work matches donations to US non-profits, you can donate to Riseup Labs, our research wing creating free software for social movements—see help.riseup.net/about-us/donate/#2 for information.

Riseup FAQ

Have questions about lists or email?
help.riseup.net/lists
help.riseup.net/mail

Tips on picking a password

Here are some tips. Having a good password is important not only for your own security, but for those you work with. Also, when a spammer cracks one Riseup account, all Riseup users can get blocked by corporate email providers.

1. Do not use the same password for everything. You can use the same password for things with low priority that would not be a big deal if someone got it. Generally it’s low priority if it wouldn’t be a privacy or financial issue if someone broke it.
2. Do not use passwords consisting of only real words (in any language.) One of the main ways passwords get cracked is via computer programs that try every word in the dictionary. It’s not that a human will try to guess your password, but a computer will be programmed to try every possible word (and combinations of words.)
3. Never use the same password as your login.
4. It can be useful to have different levels of passwords. For example, you can have one password for all the things that don’t matter and another longer one for medium security. For the most important logins, use unique secure passwords. You can make your secure passwords variations of each other, if that helps you remember.
5. Think of a saying you like, such as, Having A Good Password Is Part Of Good Security. Take the first letters of the phrase — HAGPIPOGS. Change some of the letters to numbers —HAG61P06S. This is a password that would be difficult to crack.
6. Change your secure passwords every few months!

Notes from the surveillance apocalypse

On January 30th, 2009, one of the system administrators for indymedia.us received in the mail a US grand jury subpoena. The government asked for the IP address of every one of indymedia.us’s thousands of visitors on a certain day — the IP address of every person who read any news story on the entire site. Not only did this request threaten every indymedia.us visitor’s First Amendment right to read the news anonymously, it plainly violated the legal restrictions on what types of data the government could obtain using a subpoena. The subpoena was also overbroad and a clear fishing expedition: there’s no way that the identity of every Indymedia reader of every Indymedia story was relevant to the crime being investigated by the grand jury in Indiana, whatever that crime may be. To add insult to injury, it required an illegal gag order that the recipient could not speak of this subpoena.

Most of a year later, and through the legal work of the Electronic Frontier Foundation (the kick-ass legal civil libertarians of the internet), both the legal subpoena and the gag order have been dropped. For lots more information, go to—

www.eff.org/wp/anatomy-bogus-subpoena-i...

 

Not so far ago I wrote an article about picking passwords: chernysh.livejournal.com/25066.html
May I use the reference to this article in the forth section?

 
 

I think that’d be cool to add that for the russian readers. at some point it’d be great to get your article translated for other languages.

 
   

Well, there are a lot of such info in English but not so much in Russian. Russian articles about picking passwords are mostly written for professionals so the goal of my article was to explain to dummy users how to create and remember strong passwords. I’m sure you can find a lot of such articles in English.