On Wed, Aug 07, 2013 at 02:32:47PM +0200, Frithjof wrote: > Neither sha1 sums, nor PGP signatures depend on the file > name of the file to be verified. This allows some kind of replay > attack: If I can get a user to download from my side, I could choose > an old version of the TBB with some known vulnerabilities and rename > the file and the PGP signature.
Yep. There's a bug report here: https://trac.torproject.org/projects/tor/ticket/2340 I'll notice that Mike is doing it a better way for his TBB 3.x releases: https://blog.torproject.org/blog/tor-browser-bundle-30alpha2-released links to https://archive.torproject.org/tor-package-archive/torbrowser/3.0a2 which has a single file https://archive.torproject.org/tor-package-archive/torbrowser/3.0a2/sha256sums.txt that's signed by all the people who can reproduce the builds. Hopefully we can make that approach scale. --Roger -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk