For anyone who doesn't know, a warrant canary is when a company like Dropbox, etc, publishes their Transparency Report, indicating the number of times they've been subpoenaed for users' private information, and the number of times they've handed it over. If you publish statistics periodically saying "Zero national security letters" and then you stop saying that one day, people may infer what they will. It is based on the (untested) belief that while the government may demand you say nothing about a particular request, they cannot compel you to lie about it.
There are lots of ways for it to break down - most notably - If the consequence of admitting you handed over information to the government were the destruction of your reputation as a security company and destruction of your business... How many business owners could find it in their hearts to just tell one eensy weensy little lie? Probably a lot. But that's not what I'm here to ask you all about. Supposedly, this is SpiderOak's canary: https://spideroak.com/canary Unlike everyone else' canary, which explicitly give you statistics https://www.dropbox.com/transparency https://blog.protonmail.ch/transparency-report/ https://canary.silentcircle.com/ Spideroak's canary doesn't seem to say anything. This what I'm asking you about: Are you able to read/interpret this differently from me? Am I missing something? I see "Everything's going smoothly so far" and I see a headline from New York Times, to validate the date, and PGP signatures. But "Everything's going smoothly so far" is meaningless. This is not a canary - or it's a dead canary.
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
