[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Tor Browser Launcher

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Tor Browser Launcher
From: adrelanos <adrelanos@xxxxxxxxxx>
Date: Mon, 18 Feb 2013 17:50:59 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 18 Feb 2013 12:51:41 -0500
In-reply-to: <5122668F.4010105@xxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <5121ACBB.4050807@xxxxxxxxxx> <5121E33C.7000208@xxxxxxxxxxxxx> <512230F2.5020104@xxxxxxxxxx> <51225BB4.4080909@xxxxxxxxxxxxx> <512265DE.8000505@xxxxxxxxxx> <5122668F.4010105@xxxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx

Leo Unglaub:
> Hey,
> 
> On 2013-02-18 18:33, adrelanos wrote:
>> Right, for such users it wouldn't work anyway, because downloading
>> Tor Browser Launcher from the repository is unencrypted (but
>> signed) anyway.
> 
> thats not 100% correct. You can use transport encryption (HTTPS) for
> the repository servers. You simply need to change your source.list to
> use https.

While it is correct, that there is an apt https package, last time I
checked, not much more than a month ago, no Debian or Ubuntu
repositories supported https nor are willing to do this in future. Did
this change?

Even if using https, there are known file sizes, so it wouldn't really
hide what has been downloaded?
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] Tor Browser Launcher
  - From: Micah Lee
- Re: [tor-dev] Tor Browser Launcher
  - From: Jacob Appelbaum
- Re: [tor-dev] Tor Browser Launcher
  - From: adrelanos
- Re: [tor-dev] Tor Browser Launcher
  - From: Jacob Appelbaum
- Re: [tor-dev] Tor Browser Launcher
  - From: adrelanos
- Re: [tor-dev] Tor Browser Launcher
  - From: Leo Unglaub

Prev by Author: Re: [tor-dev] Tor Browser Launcher
Next by Author: Re: [tor-dev] Tor Browser Launcher - applying TUF threat model
Previous by thread: Re: [tor-dev] Tor Browser Launcher
Next by thread: Re: [tor-dev] Tor Browser Launcher
Index(es):
- Author
- Thread