all 20 comments

[–]HibikiBlack 8 insightful - 4 fun8 insightful - 3 fun9 insightful - 4 fun -  (0 children)

Good to hear. Still, we gotta watch our backs. Lets do our best everyone.

[–]fruitjack 3 insightful - 9 fun3 insightful - 8 fun4 insightful - 9 fun -  (7 children)

once this site becomes a haven for the alt reich, expect this to change.

[–]magnora7[S] 6 insightful - 2 fun6 insightful - 1 fun7 insightful - 2 fun -  (0 children)

That's already been tried and failed. Luckily those people are a lot happier at voat.co or poal than they are here, so we don't really have to fight them much, we just redirect them there.

[–]JasonCarswell 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (0 children)

Do you know something we don't?

[–]sproketboy 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (3 children)

Their arguments are easy enough to dismantle.

[–]RuckFeddit 4 insightful - 1 fun4 insightful - 0 fun5 insightful - 1 fun -  (2 children)

Like by writing "ROFL" in caps lock and refusing to discuss further? Not the time or place and sorry to shit up the canary post with this but:

https://saidit.net/s/MeanwhileOnReddit/comments/25l2/whoa_cool_it_with_the_antisemitism_bro/

You then accused me of harassing you for asking for clarification a second time in another thread so I left you alone. Here you are a few months down the road claiming how easy it is to dismantle people in arguments, so dismantle my argument and my source.

[–]sproketboy 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (1 child)

Like by writing "ROFL" in caps lock

Basically, yes. When you come up with not committing genocide, let us know.

[–]RuckFeddit 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

This comment has no relation with above.

[–]RickC-137 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

When everybody leaves the libtard shithole of reddit, you are right, all the socialists will flood in.

[–][deleted]  (1 child)

[deleted]

    [–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

    Can you read this website's link for me? On my monitor it displays saidit.net

    [–]Tom_Bombadil 2 insightful - 6 fun2 insightful - 5 fun3 insightful - 6 fun -  (0 children)

    Lucky #13. ;-)

    [–]sproketboy 3 insightful - 3 fun3 insightful - 2 fun4 insightful - 3 fun -  (0 children)

    Great news magnora7!

    [–]elephant-movement-2 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (6 children)

    Where's the signature?

    [–]magnora7[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (5 children)

    The signature is the fact it's posted from the magnora7 account

    [–]elephant-movement-2 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (4 children)

    Yeah, that's not good authentication. Not good enough for something as critical as a warrant canary.

    Edit: also, you should consider making your canary less broad. For example, if you got a gag order over something trivially stupid that did not actually compromise the integrity of this site, then you couldn't publish your canary nor explain to users what was going on, causing unnecessary panic and assumptions of the worst (ie: people think your https key was given to Mallory but really you just had to give an IP address to the FBI of someone who just threatened another school shooting)

    See riseup's experience with this https://riseup.net/en/about-us/press/canary-statement

    [–]magnora7[S] 5 insightful - 1 fun5 insightful - 0 fun6 insightful - 1 fun -  (3 children)

    If they can post from my account, we have much bigger problems than the canary

    [–]elephant-movement-2 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (2 children)

    How many authentication bypass vulnerabilities in web applications were discovered in the past 10 years? It's no substitute for an air gapped computer used to cryptographically sign warrant canaries with GPG.

    [–]magnora7[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (1 child)

    How many authentication bypass vulnerabilities in web applications were discovered in the past 10 years?

    How would that make someone NOT post a canary over a 2 month period? If I was completely locked out of my own account for 2 months then that would mean we've completely lost control of the whole website anyway, so the signature would be redundant.

    [–]danuker 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

    A GPG-signed canary would allow you to publish authenticated messages irrespective of the security status of the website.

    The only attackers that can fake a valid signature from a consistent key are the ones that have access to the computer used to sign.

    [–]realister 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

    Let’s keep it that way guys