On Fri, Aug 09, 2013 at 12:22:54AM +0000, Jacob Appelbaum wrote: [...] > Here is the git repo for the script that we used to bootstrap Tahoe-LAFS > on Tails 0.19: > > https://github.com/leif/tahoe-tails-utils > > The following ticket covers the overall issues of actually trying to > bootstrap Tahoe safely on any network at all: > > https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2055
I am very sorry to report that the first version of the above-linked bootstrap.sh (in the tahoe-tails-utils repository) which I published on github earlier this evening was actually still vulnerable to HTTP MITM attacks. See https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2055#comment:5 for an explanation of how that happened. I believe the current version is fixed, but after making that mistake I am a little bit less confident in it. :( ~leif
signature.asc
Description: Digital signature
_______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
