On Thu, Feb 14, 2019 at 04:29:45PM +1100, haaber wrote: > Are canaries now "illegal" in Aussi law as well ??? > > On 2/14/19 3:26 PM, teresardavida...@gmail.com wrote: > > Summary: I have reason to believe the possibility that Mig5 (the new > > SysAdmin on Whonix project) could be compelled under federal law to provide > > assistance is high and the threat to the security and anonymity offered by > > the project could be compromised as a result is also high. > > > > I recently visited the Whonix community website for an unrelated purpose > > and discovered something that I think in honest to good faith deserves > > public discussion. > > > > I was alarmed and shocked to see my post abruptly deleted and my account > > permanently disabled. > > > > I would like to post my thoughts here to the Qubes User community for > > further scrutiny and discussion and perhaps maybe get the attention of the > > project maintainer who I do see regularly participate on this channel. > > > > Below is a copy paste of the submission which was deleted from the Whonix > > community forum. > > > > [Quote] > > This post is in no way doubting the integrity or calling into question the > > character of Mig5 the new sysadmin for the whonix project. > > > > But I do feel it is necessary to point out that the new sysadmin is > > Australian (or resides in Australia). Under Australian law, he can be > > compelled through threat of imprisonment to cooperate with the Australian > > government. This law is designed to compel individuals that work on > > projects such as Whonix to insert or write code that permits lawful access. > > If a person is served with such enforcement, they are required to keep it > > secret or risk imprisonment. > > > > This law was only recently introduced and is already being used to great > > effect according to recent reports. > > > > While Whonix is an open-source project it is important to remember that > > open source does not imply greater security. One only needs to consider one > > of the most widely used and scrutinized open source projects (OpenSSL) had > > a backdoor that went undetected for several years. It was just two lines of > > code. It literally broke the internet. > > > > I deeply regret having to bring this to the attention of the community > > please do not interpret my thoughts here as a question of Mig5's character. > > I value all contributions but believe the circumstances and severity of the > > consequences warrant public discussion. The bottom line is, as the law is > > written, he would be required to cooperate and in secret. I think someone > > like him, in a position he now occupies, represents a textbook example of > > why this law was written in the first place. In my opinion, it is not a > > question of "if" he is compelled but rather just a matter of "when". > > > > Unfortunately it is not uncommon for Whonix to be encountered by forensic > > analysts who have the regrettable job of investigating computer equipment > > seized by suspects charged with child abuse related offenses. At least not > > in Australia. I can say with certainty this project already has high > > visibility among specific cyber investigative divisions within both state > > and federal AG. I do not have any classified information I can share and if > > I did I would not share it but I can provide some information in private to > > Patrick that taken to its logical conclusion would suggest this project is > > likely to be a high priority target for these new laws. > > > > [/Quote] > >
Please dont top post. Whonix does not use canaries, as you can see here: https://forums.whonix.org/t/whonix-warrant-canary/3208 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190214153956.uxhpkrzqkfuihqpk%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.