[tor-dev] File verification GUI tool
Sherief Alaa
sheriefalaa.w at gmail.com
Mon Sep 23 20:55:54 UTC 2013
Hi Everyone,
(moving this email from the support-team ML to tor-dev as Runa suggested.)
I am starting to work on a small GUI tool for file verification because I
find guiding users through the verification process on Windows/Mac through
the command line painful.
Tools in use:
- Python 3.3 or 2.7 (still didn't decide yet).
- PyQT
- python-gnupg-0.3.5
I might also add a log window and a save log button to see what went wrong
during the verification process.
Attached is a draft design of how the tool would look like.
On Mon, Sep 23, 2013 at 7:12 PM, Lunar <lunar at torproject.org> wrote:
>How do you think users will be able to install such a tool on their
>system?
There won't be any installation required It's a single executable.
>More importantly, how will they be able to ensure that it's
>not a tampered version?
I've thought about that and few things came to mind:
- Include the executable inside TBB.
- Host it somewhere and also provide a SHA-256 hash on a website or in a
file.
But this is all an endless chain because lets say I download TBB, then
download gpg to verify it but then how do I make sure that gpg it self
wasn't tampered with? (assuming I don't have it installed already.)
Any help or suggestions would be much appreciated.
Thanks.
--
Sherief Alaa
pgp 0x8623B882
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20130923/28371892/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: FileVerifierGUI.png
Type: image/png
Size: 6284 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20130923/28371892/attachment.png>
More information about the tor-dev
mailing list