[tor-talk] TorBrowserBundle
Georg Koppen
gk at torproject.org
Mon Mar 9 08:47:28 UTC 2015
Travis Bean:
> Integrating the web browser into the operating system is essential for
> automatic security updates. From a computer security standpoint, this is
> what bothers me the most about the current Alpha phase that
> TorBrowserBundle is in. If a web browser is not integrated with the OS
> and is not kept up-to-date on a regular basis, this creates a HUGE
> security hole for hackers to exploit the OS by finding a weakness in the
> web browser and injecting malware into the HTTP stream.
Which is why we release every couple of weeks a new Tor Browser and use
the Tor Browser updater to keep the necessary user interaction at a
minimum. Integration of Tor Browser into the operating system (whatever
that exactly means) is orthogonal to having automatic security updates.
(This does not say anything about that integration being worthwhile or
not, though.)
Georg
Georg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150309/10f7961b/attachment.sig>
More information about the tor-talk
mailing list