On 8/2/2011 7:41 PM, Joe Btfsplk wrote:
On 8/2/2011 7:10 PM, Andrew Lewman wrote:
On Tuesday, August 02, 2011 19:55:48 Joe Btfsplk wrote:
Are there specific reasons for not using latest (or late-er) Firefox
versions in Tor Browser Bundle? Is it primarily because the latest
version doesn't always work w/ Tor& fixes must be developed for Tor to
deal w/ that?
It's the latest udpated Firefox 3.6 branch. FF4 branch has been
killed and
replaced with 5. We have FF5 testing bundles. See
https://blog.torproject.org/blog/new-tor-browser-bundles-3.
Thanks. I realize the latest stable TBB has FF 3.6. Is the reason
for delay in updating to latest FF version always for testing - to see
if Tor works properly?
Firefox versions used in stable TBB have always run behind the latest
FF release - sometimes several versions. This may well be unavoidable
for TBB developers. My original question - how does this affect the
security of TBB users?
_______________________________________________
No comments on security implications of using a Firefox version in TBB,
that isn't up to date with security fixes (sometimes not even close)?
I'm grateful for the work done to create TBB, but the mantra of security
experts has always been, "ALWAYS keep your browser / OS updated w/
security patches."
As said, it may be unavoidable (currently) for TBB developers to
integrate new FF versions quickly, but surely I'm not the 1st to wonder
about security issues of using old browser versions.
The testing bundles Andrew mentioned are fine for, well... testing, but
not for general users. It's a long way & many fixes, from Firefox 3.6
to 5.0 / 5.0.1.
_______________________________________________
tor-talk mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
