[tor-dev] Tor Browser Launcher
adrelanos at riseup.net
Mon Feb 18 13:47:30 UTC 2013
> Do you plan to download TBB over Tor that is provided by the system, say
> by adding a dependency on a system Tor?
There has been a bit discussion about this in
https://trac.torproject.org/projects/tor/ticket/5236 already. (Search
for "over Tor" to quickly navigate it it.)
I think downloading over Tor is desirable, but very difficult to implement.
What about bridge users? They have to edit a system wide torrc and the
What about users who don't want to ever connect to the public Tor
network? -> https://trac.torproject.org/projects/tor/ticket/7197
> A MITM may be able
> to replay an old valid signature for a package, does your code handle
> that case?
I am not Micah, but I don't know how he could. I think the Tor Project
would have to finish Thandy for that purpose.
> You may enjoy the paper and code on theupdateframework.com to
> look into those kinds of issues...
Yes, it's really good.
They also gave me a link to https://github.com/akonst/tuf (see docs folder).
More information about the tor-dev