[tor-talk] Satori (this crazy app thing I've been working on)
Gregory Maxwell
gmaxwell at gmail.com
Thu May 8 23:22:21 UTC 2014
On Sun, May 4, 2014 at 5:14 PM, Griffin Boyce <griffin at cryptolab.net> wrote:
> Hey all,
>
> So Satori is this app for Google Chrome that distributes circumvention
> software in a difficult-to-block way and makes it easy for users to check if
> it's been tampered with in-transit.
You might be interested in some of the ideas that have been floating
around in Bitcoin land about better tools for distributing software
updates, I've collected the ones I think are most important here:
https://en.bitcoin.it/wiki/User:Gmaxwell/update_checking_requirements
Note that it's not about automatic updates, it's about automatic
update staging— the user stays in control there... but the goal is to
advance the art so that users aren't just pulling updates from some
website in a way that any MITM could compromise too easily... but
without introducing centralized gate-keeping either.
I think some of these ideas might be pretty important when
distributing software specifically to 'interesting targets'— e.g. it
would give pretty good dividends to rubber hose the guy who can issue
the updates to a bunch of activist, so both for the users and the
operators safety something more robust ought to be done.
More information about the tor-talk
mailing list