Actually all plaintext traffic can be subject to sniffing and attacks, not just Tor traffic. I heard that the FinFisher software can already generate malicious binaries for targets on-the-fly for HTTP traffic.
In terms of software integrity, most Trisquel users install software from the repositories which are digitally signed using GnuPG, so that's more or less a non-issue. If you download software over HTTP it's always a good idea to check digital signatures if available, or not download software over HTTP at all. I heard Ruben has patched GNU IceCat so that it has a similar fingerprint as Tor Browser, but I haven't used or tested it yet so I don't know the details. I agree that maybe some information should provided on the difference that Private Browsing makes to web browsing. Perhaps you should file a bug report and/or contact Ruben (quidam) over IRC? If add-ons/plugins are enabled when the browser is using Tor and they are not using Tor then perhaps you should file a second bug report for that issue. Andrew
