[tor-talk] Verifying Tor packages.
Roger Dingledine
arma at mit.edu
Wed Aug 7 14:15:33 UTC 2013
On Wed, Aug 07, 2013 at 02:32:47PM +0200, Frithjof wrote:
> Neither sha1 sums, nor PGP signatures depend on the file
> name of the file to be verified. This allows some kind of replay
> attack: If I can get a user to download from my side, I could choose
> an old version of the TBB with some known vulnerabilities and rename
> the file and the PGP signature.
Yep. There's a bug report here:
https://trac.torproject.org/projects/tor/ticket/2340
I'll notice that Mike is doing it a better way for his TBB 3.x
releases:
https://blog.torproject.org/blog/tor-browser-bundle-30alpha2-released
links to
https://archive.torproject.org/tor-package-archive/torbrowser/3.0a2
which has a single file
https://archive.torproject.org/tor-package-archive/torbrowser/3.0a2/sha256sums.txt
that's signed by all the people who can reproduce the builds.
Hopefully we can make that approach scale.
--Roger
More information about the tor-talk
mailing list