[email protected] wrote:
It took a while for your proposal to mature in my head...

Do you think we could replace Firefox and MD5 Reborned Hasher by Chrome
and your app in our documentation?

That's an interesting question. Firefox/Iceweasel has a lot going for it outside of a possible hash checker. This seems like something that should perhaps be asked of the community rather than myself. Chrome/Chromium[1] is an interesting browser, but unless it's in the Tails environment, I wouldn't recommend it for use with Tor. Mike Perry would have more information on the security implications of switching from Firefox to Chrome.

Can you confirm that the same arguments would work for Chrome too?

A&B, definitely. Chrome and Chromium[2] use https for download, but not sure about pgp authentication. Wasn't able to find anything on it during a quick search, so am assuming not.

Then, I never used Chrome before, but how would I got and use your app
actually? Is that an extension to install or what? :)

  To install manually, get the zip: https://github.com/glamrock/satori

* Go to chrome://extensions/
* ☑ Developer mode
* Click "Load unpacked extension"
* Choose Satori/chrome directory

Then go to chrome://apps/ to launch (just like launching any other app). Once development slows slightly, that repository will have a gpg-signed zip file to make it easier to install securely outside of Google's walled garden[3]. Once you have it open, scroll down to the hash generator, and select a file you have downloaded. Then compare the displayed hash with what you are expecting.

If it were included in Tails, that would certainly affect UI/design. Right now, the hash checker is close to the bottom.

best,
Griffin

[1] Chromium is the open-source version of Chrome
[2] https://wiki.debian.org/Chromium
[3] https://chrome.google.com/webstore/detail/satori/oncomejlklhkbffpdhpmhldlfambmjlf
_______________________________________________
Tails-dev mailing list
[email protected]
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
[email protected].

Reply via email to