On 01/19/2017 08:11 PM, grarpamp wrote:

https://news.ycombinator.com/item?id=13007234

Not as if anything should be thought untouchable.



I saw something on a twitter feed related to them that said they would be updating it and not to worry and this info is old.

Have you checked?

Check test 1 2...

gpg --verify canary-statement-signed.txt

gpg: Signature made Mon 15 Aug 2016 10:01:19 PM PDT using RSA key ID 139A768E
gpg: Good signature from "Riseup Networks <collective@riseup.net>"
gpg:                 aka "Riseup Treasurer <treasurer@riseup.net>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 4E07 9126 8F7C 67EA BE88  F1B0 3043 E2B7 139A 768E

The canary hasn't been updated but the gpg output still shows a good sig (assuming)

They could still kill the canary be revoking the key, and they haven't done that.

See: https://riseup.net/en/canary

Rr