[tor-dev] Tor Browser Launcher

adrelanos adrelanos at riseup.net
Mon Feb 18 17:50:59 UTC 2013

Leo Unglaub:
> Hey,
> On 2013-02-18 18:33, adrelanos wrote:
>> Right, for such users it wouldn't work anyway, because downloading
>> Tor Browser Launcher from the repository is unencrypted (but
>> signed) anyway.
> thats not 100% correct. You can use transport encryption (HTTPS) for
> the repository servers. You simply need to change your source.list to
> use https.

While it is correct, that there is an apt https package, last time I
checked, not much more than a month ago, no Debian or Ubuntu
repositories supported https nor are willing to do this in future. Did
this change?

Even if using https, there are known file sizes, so it wouldn't really
hide what has been downloaded?

More information about the tor-dev mailing list