Leo Unglaub: > Hey, > > On 2013-02-18 18:33, adrelanos wrote: >> Right, for such users it wouldn't work anyway, because downloading >> Tor Browser Launcher from the repository is unencrypted (but >> signed) anyway. > > thats not 100% correct. You can use transport encryption (HTTPS) for > the repository servers. You simply need to change your source.list to > use https.
While it is correct, that there is an apt https package, last time I checked, not much more than a month ago, no Debian or Ubuntu repositories supported https nor are willing to do this in future. Did this change? Even if using https, there are known file sizes, so it wouldn't really hide what has been downloaded? _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
