[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] A 2nd Tor Browser (partial) profile?

On Fri, Dec 18, 2020 at 04:36:53PM -0600, JoeB wrote:
> In TorBrowser 10.0.7 why is there a 2nd (partial) "profile.default",
> just above the original profile.default?  I thought TBB's auto update
> function had gone hay wire, but a clean install also creates 2
> profile.default folders.
> Seems odd to create a 2nd profile w/ same name, so close to each other
> in tree view.
> The (partial or smaller) profile.default has *only 4* main folders:
> cache2, safebrowsing, startupCache, thumbnails. Was there a serious need
> to put those in a separate profile, same name, almost next to the
> original profile.default?

From what I see, you should see this directory structure in any Tor
Browser installation within the last 6 years. I'm not sure why you are
only seeing it in the most recent version. As for why we add this
"Caches" directory, I don't know and I don't know if Tor Browser
actually temporarily caches information there.

For those who are curious, the initial patch was:

from https://gitlab.torproject.org/legacy/trac/-/issues/9173.

> In Linux, the smaller profile.default is at:
> /.torbrowser/tor-browser_<my_country>/Browser/TorBrowser/Data/Browser/Caches/profile.default.
> * BTW, during TBB's *auto update* process, does it verify the D/L update
> package using PGP signatures or other method, or verify files & folders
> after they're installed?
> Meaning, verify with something other than checksums?

Yes, all updates are cryptographically signed. The format is described
on Mozilla's wiki: https://wiki.mozilla.org/Software_Update:MAR

Coincidentally, I documented the Tor Browser keys earlier this week:

> Another oddity after *auto updating* the existing TBB (10.0.6) to
> 10.0.7, was several folders & files showed modified dates = 1999-12-31. 
> I'm not sure it hurt anything - I didn't test the auto updated v10.0.7
> much, but it connected to the web.
> Doing a full, clean install to an empty ~/.torbrowser folder with a D/L
> full package fixed MOST of the 1999 modified dates.
> So far I only see the NoScript package
> ({73a6fe31-595d-460b-a920-fcc0f8843232}.xpi) still showing the 1999
> modified date.

That sounds like
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to