[tor-talk] Tor Browser Linux_don't extract to root

Joe Btfsplk joebtfsplk at gmx.com
Sat Apr 15 00:48:53 UTC 2017 

On 04/14/2017 11:46 AM, Jonathan Marquardt wrote:
> Look, if you have malicous software running on the system with normal user
> priviliges, you are in big trouble anyway. There's so many things that
> malicous software could do even if TBB was installed at a non-writable
> location. Just as a simple example, malware could just change the location in
> your TBB desktop and launcher links and still trick you into launching
> malicous software. That's just a really silly example, but the point is that
> once the malware is running, it is too late. Storing software in non-writable
> locations is such a small useless mitigation technique in contrast to what
> malware could do. I agree that putting TBB to /opt would give you a tiny bit
> of extra security. But for the price of the user not being able to install
> updates, that might just not be worth it. Having software being stored in
> central directories is not much of a security feature.
>
> BTW: The user profile of TBB would still be located in the home directory. It
> would have to be. Malware could insert malicous stuff in there too like custom
> Tor circuit settings, browser setting, NoScript rules, Add-Ons... You get the
> idea.
>
You're correct - installing it to a "non-writable" location isn't 
necessarily the end of days.  The rest of your argument against 
improving security & anonymity contradicts some long standing practices 
of Tor Project and some basic concepts of Linux.  If there was / is no 
value of Linux installing most programs & libraries to root, they 
wouldn't do it.

100's of changes & methods that Tor Project makes w/ TBB, individually 
have small impact on overall anonymity or security. Collectively they 
make a huge difference.  If installing TBB  to root directories adds - 
some - protection, it seems as valid as 100's of changes & fixes made 
over the yrs.

   Many  trac feature changes & bug fixes to change minor TBB behaviors 
have no more impact than installing TBB to more protected Linux 
directories.  Some had zero impact on anonymity or security.

Tor Project could implement a script allowing auto-updating (or w/ a 
click or 2), or they could use a PPA to install & update it.

For yrs, there was such an Ubuntu PPA / repo & small script, to allow 
installing & auto-updating of Mozilla Fx releases, when installed to 
/usr or /opt, etc.  Seems like Tor Project could handle that.

More information about the tor-talk mailing list