[tor-talk] Problem about Tor website

SiNA Rabbani sina at redteam.io
Sun Feb 24 00:03:03 UTC 2013


If you download from http, then there is nothing protecting you from
downloading modified, malware inserted binaries. HTTPS is providing
confidentiality and authentication. Of course you want to verify signatures
once you download from HTTPS not HTTP.

There are curious eyes everywhere, use encryption to protect yourself ;)

--SiNA
On Feb 23, 2013 3:26 PM, "k e bera" <keb at cyblings.on.ca> wrote:

> On Sat, 23 Feb 2013 17:21:18 -0500
> Andrew Lewman <andrew at torproject.is> wrote:
>
> > On Sat, 23 Feb 2013 19:03:17 +0900
> > Nam Su <namfree123 at gmail.com> wrote:
> >
> > > I know Tor http website redirects Https version website but http site
> > > couldn't open or slowly than Tor connection.
> > >
> > > Is it government's sensor?
> >
> > http://torproject.org redirects to https://www.torproject.org
> > automatically on our webservers. If you cannot get to torproject.org,
> > likely someone is censoring you.
>
> The question may also have been: Why does Tor Project not offer
> unencrypted duplicate content over HTTP, for those users not allowed to
> connect to port 443 or setup SSL connections?
>
> For example a user might want to download the TorBrowserBundle which would
> enable them to circumvent the censorship from that point onwards.
>
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>


More information about the tor-talk mailing list