[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] new relay package for Ubuntu 16.04+



On Wed, Aug 24, 2016 at 05:33:43PM +0200, Jan Vidar Krey wrote:
> On Wed, Aug 24, 2016, at 16:43, Aeris wrote:
> > > 2) security is better
> > 
> > Sorry to say that, but : no. It’s very weaker than plain old Debian
> > package.
> > 
> 
> This is a matter of perspective on the "security" definition.
> 
> The snaps does run in a separate container group, so it does have
> some more layers of isolation to the rest of the system.
> This means it is probably better to install an untrusted snap
> than adding another untrusted APT source repository for your
> system.

That's great, except you _really_ shouldn't be installing an untrusted
_anything_ on your system, much less an untrusted tor package. And
implying that this system magically makes untrusted things safe and
suitable for install on a working machine is in my opinion a terrible
precedent to set. A malicious tor install can do plenty of harm even if
it was fully isolated from the rest of the machine.

If something is untrusted, don't install it. Period.

--Sean

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays