Hi, On Mittwoch, 18. Juni 2014, Christoph Anton Mitterer wrote: > torbrowser-launcher seems to use the keys from the upstream > developers... basically giving them (who are not DDs) the potential > power to install _any_ code in the system of Debian users. fun fact: there's at least one DD among them. > It also doesn't seem to protect against downgrading attacks... (see my > previous post about that). one or two bug reports might be oh so more useful than posting on -devel. > That's why I wrote in my previous mail, that usually one should depend > on a fixed hash in such downloader packages... doing it with gpg is > securely possible, but much more complicated. and then for each update you need to update the launcher package - thats an aweful lot of work for little / no gain (and how do you handle downgrade attacks here?). and,, ISTR flashplugin-nonfree did that years ago. cheers, Holger
Attachment:
signature.asc
Description: This is a digitally signed message part.