Hi, On Mittwoch, 18. Juni 2014, Christoph Anton Mitterer wrote: > torbrowser-launcher seems to use the keys from the upstream > developers... basically giving them (who are not DDs) the potential > power to install _any_ code in the system of Debian users.
fun fact: there's at least one DD among them.
> It also doesn't seem to protect against downgrading attacks... (see my
> previous post about that).
one or two bug reports might be oh so more useful than posting on -devel.
> That's why I wrote in my previous mail, that usually one should depend
> on a fixed hash in such downloader packages... doing it with gpg is
> securely possible, but much more complicated.
and then for each update you need to update the launcher package - thats an
aweful lot of work for little / no gain (and how do you handle downgrade
attacks here?). and,, ISTR flashplugin-nonfree did that years ago.
cheers,
Holger
signature.asc
Description: This is a digitally signed message part.
