[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] apt-transport-tor


> what's the difference between apt-transport-tor and a
> command-line such "torrify apt-get". I've send an email to the
> developper of this project and I'm waiting for an answer.

torify / torsocks is a huge hack with Linux library preloading. Not very 
clean, can leak DNS, etc.
With apt-transport-tor, you use the Tor SOCKS5 proxy directly (and correctly).

> I notice the project documentation doesn't not insist on the fact that
> in the /etc/apt/sources.list the url need to be httpS to be sure that
> the downloaded package are not compromized

AFAIK, there is no official Debian HTTPS repository.
But Debian packages are GPG-signed. No problem of compromise, even with HTTP.

Groupe crypto-terroriste individuel
auto-radicalisà sur lâInternet digital

ProtÃgez votre vie privÃe, chiffrez vos communications
GPG : EFB74277 ECE4E222
OTR : 922C97CA EC0B1AD3

Attachment: signature.asc
Description: This is a digitally signed message part.

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to