You can't even download Ubuntu off Ubuntu.com via SSL. Only HTTP.
On 02/19/2013 01:06 AM, adrelanos wrote:
> Leo Unglaub:
>> Hey,
>>
>> On 2013-02-18 18:33, adrelanos wrote:
>>> Right, for such users it wouldn't work anyway, because downloading
>>> Tor Browser Launcher from the repository is unenc
Leo Unglaub:
> Hey,
>
> On 2013-02-18 18:33, adrelanos wrote:
>> Right, for such users it wouldn't work anyway, because downloading
>> Tor Browser Launcher from the repository is unencrypted (but
>> signed) anyway.
>
> thats not 100% correct. You can use transport encryption (HTTPS) for
> the rep
Micah Lee:
> On 02/18/2013 02:31 PM, adrelanos wrote:
>> Why not phrase https://check.torproject.org/RecommendedTBBVersions ? No
>> updates planed for it even in long term as far I am following trac...
>
> Oh cool, so Tor already has a file with the recommended TBB version! And
> this gets updated
Jacob Appelbaum:
> adrelanos:
>> Micah Lee:
>
> Well, which should your users be using? From my perspective, I think you
> should give them the alpha and help them report bugs! :-)
>>> Interesting idea. Anyone else have opinions on this? I think I'd be fine
>>> giving people the alpha,
adrelanos:
> Micah Lee:
Well, which should your users be using? From my perspective, I think you
should give them the alpha and help them report bugs! :-)
>> Interesting idea. Anyone else have opinions on this? I think I'd be fine
>> giving people the alpha, but I also don't want to
On 02/18/2013 02:31 PM, adrelanos wrote:
> Why not phrase https://check.torproject.org/RecommendedTBBVersions ? No
> updates planed for it even in long term as far I am following trac...
Oh cool, so Tor already has a file with the recommended TBB version! And
this gets updated regularly when new T
Micah Lee:
>> >
>> > Well, which should your users be using? From my perspective, I think you
>> > should give them the alpha and help them report bugs! :-)
> Interesting idea. Anyone else have opinions on this? I think I'd be fine
> giving people the alpha, but I also don't want to annoy people w
Jacob Appelbaum:
> Micah Lee:
>> On 02/18/2013 12:15 AM, Jacob Appelbaum wrote:
>>> Do you plan to download TBB over Tor that is provided by the system, say
>>> by adding a dependency on a system Tor?
>>
>> I was assuming that making the launcher depend on a system Tor would be
>> troublesome. Howe
Jacob Appelbaum:
> Well, which should your users be using? From my perspective, I think you
> should give them the alpha and help them report bugs! :-)
maybe give the user the choice, with stable as the default? after all,
this project aims to make it easier for non-powerusers to get TBB
running,
On 02/18/2013 12:29 PM, Jacob Appelbaum wrote:
>> I was assuming that making the launcher depend on a system Tor would be
>> troublesome. However now that I'm looking at
>> https://www.torproject.org/docs/debian again, it seems like it could
>> totally work. What about for Ubuntu users?
>
> For no
Micah Lee:
> On 02/18/2013 12:15 AM, Jacob Appelbaum wrote:
>> Do you plan to download TBB over Tor that is provided by the system, say
>> by adding a dependency on a system Tor?
>
> I was assuming that making the launcher depend on a system Tor would be
> troublesome. However now that I'm looking
On 02/18/2013 12:15 AM, Jacob Appelbaum wrote:
> Do you plan to download TBB over Tor that is provided by the system, say
> by adding a dependency on a system Tor?
I was assuming that making the launcher depend on a system Tor would be
troublesome. However now that I'm looking at
https://www.torpr
Citing:
https://www.updateframework.com/wiki/Docs/Security#AttacksandWeaknesses
> Arbitrary software installation. An attacker installs anything they
want on the client system. That is, an attacker can provide arbitrary
files in response to download requests and the files will not be
detected as i
Leo Unglaub:
> Hey,
>
> On 2013-02-18 18:33, adrelanos wrote:
>> Right, for such users it wouldn't work anyway, because downloading
>> Tor Browser Launcher from the repository is unencrypted (but
>> signed) anyway.
>
> thats not 100% correct. You can use transport encryption (HTTPS) for
> the rep
Hey,
On 2013-02-18 18:33, adrelanos wrote:
> Right, for such users it wouldn't work anyway, because downloading
> Tor Browser Launcher from the repository is unencrypted (but
> signed) anyway.
thats not 100% correct. You can use transport encryption (HTTPS) for
the repository servers. You simply
Jacob Appelbaum:
>> What about bridge users? They have to edit a system wide torrc and the
>> TBB torrc?
>>
>
> You're over thinking it. Connecting to the Tor Project website often
> fails - far more than the Tor network being blocked.
Ok.
>> What about users who don't want to ever connect to th
adrelanos:
> Jacob Appelbaum:
>> Do you plan to download TBB over Tor that is provided by the system, say
>> by adding a dependency on a system Tor?
>
> There has been a bit discussion about this in
> https://trac.torproject.org/projects/tor/ticket/5236 already. (Search
> for "over Tor" to quickly
Jacob Appelbaum:
> Do you plan to download TBB over Tor that is provided by the system, say
> by adding a dependency on a system Tor?
There has been a bit discussion about this in
https://trac.torproject.org/projects/tor/ticket/5236 already. (Search
for "over Tor" to quickly navigate it it.)
I th
Micah Lee:
> In my spare time I've been working on a way to make the Tor Browser
> Bundle easier to use for GNU/Linux users. I've mostly been talking about
> it with other people on tor-talk and in this bug:
> https://trac.torproject.org/projects/tor/ticket/5236
Thanks for documenting so much on t
19 matches
Mail list logo
