[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] TBB update mechanism
On 2020-03-02 07:58, Georg Koppen wrote:
Dear TOR people,
I have a question regarding the updating mechanism of tor browser from
within the browser.
These updates are signed I stronly suppose. I would like to know, does
checking these signatures depend on external programs like gpg? Is the
signature verification application for updates part of the browser
For updates we essentially use the Firefox updater and, yes, we are
signing the update files.
Thanks for explaining.
Have there ever been serious flaws in that signature verification
Would you regard it safe enough for the paranoid among us or would you
advise to better download the full package and do the standard pgp
verification? I read from some people who only do the latter and don´t
use the builtin updater.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to