Re: [Tails-dev] [liberationtech] secure download tool - doesn't exist?!?

The Gitian tools have this: https://github.com/devrandom/gitian-builder/blob/master/share/gitian_updater.py which could be adapted to work with other network protocols (e.g. Torrent). On 07/01/2013 11:03 AM, adrelanos wrote: > In response to "the tool doesn't exist"... > > You can create a real

Re: [Tails-dev] [liberationtech] secure download tool - doesn't exist?!?

I think, this kind of tool doesn't exist yet. I wonder if Thandy - the Google(?)-funded Tor secure installer tool -- be used for securely-installing software other than Tor? https://gitweb.torproject.org/thandy.git ___ tails-dev mailing list tails-d

Re: [Tails-dev] [liberationtech] secure download tool - doesn't exist?!?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 2013.07.01 12.19, adrelanos wrote: > - you still have to tell the user "you must download tool X before > you can download Y" This, of course, is a global problem everywhere. A secure channel requires a shared secret, in this case between the de

Re: [Tails-dev] [liberationtech] secure download tool - doesn't exist?!?

Nathan of Guardian: > On 07/01/2013 02:03 PM, adrelanos wrote: >> I think, this kind of tool doesn't exist yet. > > Could torrents and magnet links address this issue? As far I know they include hash verification. Issues: - you still have to tell the user "you must download tool X before you ca

Re: [Tails-dev] [liberationtech] secure download tool - doesn't exist?!?

On 07/01/2013 02:03 PM, adrelanos wrote: > I think, this kind of tool doesn't exist yet. Could torrents and magnet links address this issue? Should we push all projects to promote torrents if they are unable to offer HTTPS? I, for one, am eager for this to stop being an experiment: http://labs.bi

[Tails-dev] secure download tool - doesn't exist?!?

In response to "the tool doesn't exist"... You can create a really great privacy preserving application, Open Source, but when you want to share it with the world, it's difficult to ensure, that users actually get legit versions. Goal: - big file downloads - at least as secure as TLS - at least

[Tails-dev] secure download tool | was download over http by default?

Speaking as maintainer of Whonix here. Jacob Appelbaum: > When upgrading a tails machine today, I noticed that the default > download link is HTTP. This is actually a problem for many (security related) application downloads, not only for Tails. For example, also the gpg4win homepage has no https

[Tails-dev] Fwd: download over http by default?

Originally posted on Tails-dev by Jacob Appelbaum. Interesting, important topic. Thanks! I took the freedom to forward it to liberationtech, since one of the topics lately was "the tool doesn't exist". Just as reference. Original Message Subject: [Tails-dev] download over http by

Re: [Tails-dev] todo/network_fingerprint

intrigeri: > Hi, > > adrelanos wrote (30 Jun 2013 14:01:04 GMT) : >> intrigeri: >>> If bridge mode (or whatever the censorship circumvention / Tails >>> detection protection option is called) is enabled, then yes. Would you >>> be willing to prepare a patch to our design/implementation doc that >>

[Tails-dev] Please review'n'merge feature/less-pidgin-code [Was: Drop Pidgin support for every protocol but IRC and XMPP?]

Hi, sajol...@pimienta.org wrote (29 Jun 2013 11:50:23 GMT) : > I'm fine with that. Once this is done we should document this on > https://tails.boum.org/doc/anonymous_internet/pidgin/. That way, we > might get more people to do the work for other protocols. Done in feature/less-pidgin-code, that