[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Cloak Tor Router



On Monday 03 November 2014 07:11:48 CJ wrote:
> Well, I hope you will implement firmware signature checkâ this would
> prevent most of the MitM problems.
> This should be optional though, in order to let "power-users" mess with
> their own firmware if they want.
> Better: let them push their own key on their very own device so that
> they might as well secure their updates.

As you can see from earlier posts - finding the best method for updating is still very much a work in progress.  One thing is for sure though - the hardware will be open and the source open source, so anybody will be able to write and build their own firmware and update the device.

"Firmware signature check" is a bit hard to do with any authority if the hardware in itself is open enough for people to write their own firmware, but I was thinking https certificate check for the automatic updates - in fact playing with that already (https://download.reclaim-your-privacy.com).

-- 
Lars Boegild Thomsen
https://reclaim-your-privacy.com
Jabber/XMPP: lth@xxxxxxxxxxxxxxxxxxxxxxxx
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk