[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] "Confidant Mail"

That is an interesting point. Thinking this through in the game theory sense:
Spooks' choice:
1: never mess with Tor downloads
2: mess with Tor downloads in rare cases of high value targets (where a selector like IP or cookie matches)
3: frequently mess with Tor downloads

Effect of 1: they get no intel.
Effect of 2: they get high value intel, and are unlikely to get caught.
Effect of 3: someone eventually verifies a download, finds out it's poisoned, and tells the world. People become much more careful in checking downloads. Especially people who have reason
to be paranoid. They get less high value intel than with choice 2.

I think that's why such things are rarely seen even though we know they can do it. I have checked Tails sigs a few times, but am not always religious about it. So far have
never found a mismatch.

I should probably put this up on github or sourceforge or something with HTTPS downloads, as
well as hosting it locally. More options are better.

The Tor Project itself has found that users often don't verify GPG
signatures on binaries (I think Mike Perry quoted some statistics about
how often the Tor Browser binary had been downloaded in comparison to
the .asc signature file -- it was orders of magnitude less often).  That
suggests to me that HTTPS should be used for software distribution
authenticity even when there's a signature available; the importance of
this only diminishes if the signature will be verified automatically
before installation (like in some package managers).  That's usually
not the case for first-time installations of software downloaded from the

(I don't think the Tor Project has studied _why_ the users didn't verify
the signatures -- there are tons of possible reasons.  But it's clear
that most didn't, because the .asc file is so rarely downloaded.)

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to