Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-30 Thread Chad MILLER
* Green Dream [2016-08-30 21:39:34 -0700]: chad> 1) anyone can create packages for others without review, 2) security is better These two concepts seem fundamentally at odds. Perhaps I have misunderstood you. How would unreviewed code be better for security? Good

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-25 Thread Chad MILLER
News: Package is at Tor 0.2.8.7, which was released yesterday. * Roger Dingledine [2016-08-25 00:33:14 -0400]: Nice idea! Other people here have very valid points about the security and maintability side of things, but I'll add another point: It looks like the conservative

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Roger Dingledine
On Wed, Aug 24, 2016 at 09:47:56AM -0400, Chad MILLER wrote: > I made a tor-middle-relay package, so the TVs, Wifi Routers, > Toasters, Self-driving Cars, Phones... of the world that are running > that new kind of Ubuntu (or other OS that implements this package > system!) can also help the Tor

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Aeris
> Ubuntu/Debian doesn't have the latest version of Tor. You should use the > official repository: https://www.torproject.org/docs/debian.html.en I already use this repo for all my relays :) <3, -- Aeris Individual crypto-terrorist group self-radicalized on the digital Internet

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Aeris
> Currently not on Xenial and Jessie (even in backport). >< Don’t match 2.8.6 too : snap ba16ce2958119a238d7931e709f30e932938218f ubuntu yakkety tor_0.2.8.6-3ubuntu1_amd64.deb 5839f7b8bdc74cc26c829452d458d5c797ff3666 official tor tor_0.2.8.6-3_amd64.deb

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Tristan
Ubuntu/Debian doesn't have the latest version of Tor. You should use the official repository: https://www.torproject.org/docs/debian.html.en On Aug 24, 2016 12:50 PM, "Aeris" wrote: > > Aeris, I should be worried if any of those matched. Did you know 0.2.8 is > > out? > >

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Aeris
> Aeris, I should be worried if any of those matched. Did you know 0.2.8 is > out? Currently not on Xenial and Jessie (even in backport). >< <3, -- Aeris Individual crypto-terrorist group self-radicalized on the digital Internet https://imirhil.fr/ Protect your privacy, encrypt your

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Chad MILLER
* Aeris [2016-08-24 19:25:31 +0200]: much less an untrusted tor package For information, the tor binary inside the snap doesn’t match any official upstream I can find… SHA1 Snap ba16ce2958119a238d7931e709f30e932938218f Xenial (tor_0.2.7.6-1ubuntu1_amd64.deb)

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Aeris
> much less an untrusted tor package For information, the tor binary inside the snap doesn’t match any official upstream I can find… SHA1 Snap ba16ce2958119a238d7931e709f30e932938218f Xenial (tor_0.2.7.6-1ubuntu1_amd64.deb) 997b717acaf2077708beba39a05adb30c014dfb2 Debian Jessie

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Sean Greenslade
On Wed, Aug 24, 2016 at 05:33:43PM +0200, Jan Vidar Krey wrote: > On Wed, Aug 24, 2016, at 16:43, Aeris wrote: > > > 2) security is better > > > > Sorry to say that, but : no. It’s very weaker than plain old Debian > > package. > > > > This is a matter of perspective on the "security"

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Aeris
> This is a matter of perspective on the "security" definition. Yep of course :P For desktop-purpose, snap can eventually be interresting. You only put yourself at risk. For server-purpose, you also put your users at risk, and in case of Tor, it’s very safer for them to run Tor with at least

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Jan Vidar Krey
On Wed, Aug 24, 2016, at 16:43, Aeris wrote: > > 2) security is better > > Sorry to say that, but : no. It’s very weaker than plain old Debian > package. > This is a matter of perspective on the "security" definition. The snaps does run in a separate container group, so it does have some more

Re: [tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Aeris
> 2) security is better Sorry to say that, but : no. It’s very weaker than plain old Debian package. Currently, your snap embeds : libevent openssl pthreads libasan2 libubsan python 2.7 python-torctl tor-arm tor Any

[tor-relays] new relay package for Ubuntu 16.04+

2016-08-24 Thread Chad MILLER
tl;dr: $ sudo apt install snapd; sudo snap install tor-middle-relay Hi. Ubuntu has been working on a new kind of software package* that aims for isolation from the rest of the system, so 1) anyone can create packages for others without review, 2) security is better, and 3) it can be the