[tor-bugs] #18752 [Orbot]: [Security Alert] Latest Orbot is signed by different key.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 7 14:35:01 UTC 2016
#18752: [Security Alert] Latest Orbot is signed by different key.
----------------------+-----------------------
Reporter: ikurua22 | Owner: n8fr8
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Orbot | Version:
Severity: Critical | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------+-----------------------
Comment (by n8fr8):
If you install Orbot from the public F-Droid repo, then the key uses there
is the F-Droid signing key, since they build Orbot from source.
If you install Orbot from Google Play, the Guardian Project F-Droid repo,
or the direct APK download, it will be signed with the Tor Project signing
key.
It is likely you switched from one stream to the other accidentally.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18752#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list