[tor-talk] Cloak Tor Router

Lars Boegild Thomsen lth at reclaim-your-privacy.com
Sun Nov 9 09:11:35 UTC 2014


On Monday 03 November 2014 08:06:37 CJ wrote:
> hmm, either certificate pinning, or signature check with some gpg key —
> though this might be a bit hard for embedded stuff… ?
> Anyway, having "a way to validate" the update would be necessary.

I guess a certificate check is the best way to protect against a man-in-the-middle attack.  MD5 sum can verify the update package is downloaded successfully.

> Nice project, and I love seeing your interactions with this list. That's
> the way to go in order to provide "something" good. Unlikely the
> anonyblow ;).

Well, problem is Anonabox seems quite good at selling his idea and we are probably too nerdy to gain traction :)

-- 
Lars Boegild Thomsen
https://reclaim-your-privacy.com
Jabber/XMPP: lth at reclaim-your-privacy.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20141109/714f33a9/attachment.sig>


More information about the tor-talk mailing list