[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] automatic Tor browser updates
On 2016-02-12 06:57, Cain Ungothep wrote:
On 02/08/2016 01:36 AM, Georg Koppen wrote:
When automatically updating, does Tor browser check GPG signatures
downloaded updates before installing them?
The update files are not using GPG signatures (see:
https://wiki.mozilla.org/Software_Update:MAR for detailed information
about the MAR file format). They are signed, though, and the updater
refuses to install the update if the signature is non-existing or
For those who wish to update manually, is it sufficient to toggle
app.update.auto in about:config to false?
Seems so. You will still be prompted to update through the MAR system,
but it won't happen automatically.
Today I discovered that TBB 5.5.2 automatically downloaded. That hasn't
happened before. Normally I am prompted and manually download the tar
bundle with the signature file which I check with gpg --verify.
I'm confused as to why this time I received an automatic download. Any
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to