[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #14269 [Tor Browser]: Imported certificate works only when "don't record browsing history" is unchecked
#14269: Imported certificate works only when "don't record browsing history" is
unchecked
---------------------------------+------------------------------
Reporter: tbb403bugreport | Owner: tbb-team
Type: defect | Status: new
Priority: major | Milestone:
Component: Tor Browser | Version: Tor: 0.2.5.10
Resolution: | Keywords: TBB, certificate
Actual Points: | Parent ID:
Points: |
---------------------------------+------------------------------
Comment (by cypherpunks):
Replying to [comment:2 isis]:
> I would tentatively argue that this behaviour is a feature, not a bug.
I disagree. While attackers like HT (or Lenovo...) can and do install
malicious certs, average users also legitimately need to install their own
sometimes and breaking this functionality don't do much but slow down the
kind of attackers who are in a position to do this.
Also in the case of that email, they were actually trying to install certs
to *use* tor (to access the HT portal), not to attack tor (according to
https://firstlook.org/theintercept/2015/07/16/hackingteam-attacked-tor-
browser/ - i haven't read all the related emails).
I, for one, would very much like to install the CAcert cert in my tor
browser! I haven't tried with 4.5 yet but I've been unable to install
certs the last times I've tried (probably circa tbb 4.0).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14269#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs