[tor-talk] Cloak Tor Router
Lars Boegild Thomsen
lth at reclaim-your-privacy.com
Sun Nov 9 09:11:35 UTC 2014
On Monday 03 November 2014 08:06:37 CJ wrote:
> hmm, either certificate pinning, or signature check with some gpg key —
> though this might be a bit hard for embedded stuff… ?
> Anyway, having "a way to validate" the update would be necessary.
I guess a certificate check is the best way to protect against a man-in-the-middle attack. MD5 sum can verify the update package is downloaded successfully.
> Nice project, and I love seeing your interactions with this list. That's
> the way to go in order to provide "something" good. Unlikely the
> anonyblow ;).
Well, problem is Anonabox seems quite good at selling his idea and we are probably too nerdy to gain traction :)
--
Lars Boegild Thomsen
https://reclaim-your-privacy.com
Jabber/XMPP: lth at reclaim-your-privacy.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20141109/714f33a9/attachment.sig>
More information about the tor-talk
mailing list