[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #26318 [Applications/Tor Browser]: TBA - Consider different installation methods
#26318: TBA - Consider different installation methods
--------------------------------------+--------------------------
Reporter: sysrqb | Owner: tbb-team
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-mobile | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by igt0):
I have been thinking about this problem for some time and I propose two
things:
1. Add in the onboarding a link to the wiki about how to validate the APK.
2. Add a button in the TBA menu called "Validate App". When the user
clicks on it, TBA fetchs a json from the onion service with information
about what is the current version and signin certificate and checks if the
current certificate is the same of the installed app. We also should tech
the user that this approach doesn't work if the app is tampered.
sysrqb, GeKo: any thoughts?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26318#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs