aeris+tor at imirhil.fr
Fri Jun 26 08:55:50 UTC 2015
> what's the difference between apt-transport-tor and a
> command-line such "torrify apt-get". I've send an email to the
> developper of this project and I'm waiting for an answer.
torify / torsocks is a huge hack with Linux library preloading. Not very
clean, can leak DNS, etc.
With apt-transport-tor, you use the Tor SOCKS5 proxy directly (and correctly).
> I notice the project documentation doesn't not insist on the fact that
> in the /etc/apt/sources.list the url need to be httpS to be sure that
> the downloaded package are not compromized
AFAIK, there is no official Debian HTTPS repository.
But Debian packages are GPG-signed. No problem of compromise, even with HTTP.
Groupe crypto-terroriste individuel
auto-radicalisé sur l’Internet digital
Protégez votre vie privée, chiffrez vos communications
GPG : EFB74277 ECE4E222
OTR : 922C97CA EC0B1AD3
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: This is a digitally signed message part.
More information about the tor-talk