[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Verifying signatures

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Verifying signatures
From: Joe Btfsplk <joebtfsplk@xxxxxxx>
Date: Sat, 24 Mar 2012 17:59:31 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 24 Mar 2012 18:59:48 -0400
In-reply-to: <4F69E715.5090908@xxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20120320064611.84040@xxxxxxx> <sfid-H20120321-124759-+100.95-1@xxxxxxxxxxxxxxxxxxx> <4F69BFAF.70203@xxxxxxxxxxxx> (sfid-H20120321-124759-+100.95-1@xxxxxxxxxxxxxxxxxxx) <4F69E715.5090908@xxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:11.0) Gecko/20120312 Thunderbird/11.0

On 03/20/2012 01:46 AM, Achter Lieber wrote:
Hullo (',')
In light of some fairly recent postings about making it easier toverify signatures on new Tor downloads,


On 3/21/2012 9:35 AM, Christian Siefkes wrote:

On 03/21/2012 12:46 PM, Jude Young wrote:

Sorry if this has been responded to, I've lost a few emails...
I don't believe the TBB has been high-jacked, but the TorButton Firefox
extension certainly has.
(Forgive my faulty memory
linky:http://www.securitynewsdaily.com/1201-anonymous-hackers-child-porn.html)
"Anonymous" apparently convinced firefox (or someone at FireFox? No one was
ever clear on this..) to upload a modified version.

Uh, TorButton is free software, didn't you know that? Everybody can create
and distribute a modified version, and that's what happened. It certainly
proves that you shouldn't download software from untrusted sources (neither
the Tor Project nor Mozilla was involved) and that you should verify the
signatures of the software to use. None of that is news, of course.

Which was the point of OP, Achter. Perhaps it could be made easier,tutorials on the Tor site, etc., to verify signatures.

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Verifying signatures
  - From: Achter Lieber
- Re: [tor-talk] Verifying signatures
  - From: Jude Young
- Re: [tor-talk] Verifying signatures
  - From: Christian Siefkes

Prev by Author: [tor-talk] trouble changing Aurora menu button color - userChrome.css
Next by Author: Re: [tor-talk] trouble changing Aurora menu button color - userChrome.css
Previous by thread: Re: [tor-talk] Verifying signatures
Next by thread: [tor-talk] Setting up Tor on Ubuntu
Index(es):
- Author
- Thread