[tor-talk] Downloading Firefox add-ons trough Tor. Safe?

tagnaq tagnaq at gmail.com
Tue Jul 12 11:21:15 UTC 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

hikki at Safe-mail.net wrote:
> -------- Original Message --------
> From: Justin Aplin <japlin at gmail.com>
> 
>> I honestly don't know, but if you're *that* paranoid about your downloads 
>> being tampered with, navigating to https://addons.mozilla.org and looking 
>> up the add-ons manually is only a few extra clicks.
> 
> I think it only checks the version with HTTPS, but download trough standard HTTP.
> I'm wondering if Firefox 3.6 has some checking of checksums or anything, not 
> because I'm paranoid but because I'm wondering if this is safe to do on a 
> regular basis by updating add-ons trough tor.

This was recently discussed:
https://lists.torproject.org/pipermail/tor-talk/2011-June/020755.html

-----BEGIN PGP SIGNATURE-----

iF4EAREKAAYFAk4cLisACgkQyM26BSNOM7bhigEAl90GIsI9i95YZJ2bvGaz2WD4
qsXiIfCpvGga2eW1WBsA/RtF6WyVK+kRAe1OiOJOn/Ay+PsvL4XWLrY1sX54M91f
=rGXo
-----END PGP SIGNATURE-----


More information about the tor-talk mailing list