On 04/14/2017 11:46 AM, Jonathan Marquardt wrote:
Look, if you have malicous software running on the system with normal user
priviliges, you are in big trouble anyway. There's so many things that
malicous software could do even if TBB was installed at a non-writable
location. Just as a simple example, malware could just change the location in
your TBB desktop and launcher links and still trick you into launching
malicous software. That's just a really silly example, but the point is that
once the malware is running, it is too late. Storing software in non-writable
locations is such a small useless mitigation technique in contrast to what
malware could do. I agree that putting TBB to /opt would give you a tiny bit
of extra security. But for the price of the user not being able to install
updates, that might just not be worth it. Having software being stored in
central directories is not much of a security feature.

BTW: The user profile of TBB would still be located in the home directory. It
would have to be. Malware could insert malicous stuff in there too like custom
Tor circuit settings, browser setting, NoScript rules, Add-Ons... You get the
idea.

You're correct - installing it to a "non-writable" location isn't necessarily the end of days. The rest of your argument against improving security & anonymity contradicts some long standing practices of Tor Project and some basic concepts of Linux. If there was / is no value of Linux installing most programs & libraries to root, they wouldn't do it.

100's of changes & methods that Tor Project makes w/ TBB, individually have small impact on overall anonymity or security. Collectively they make a huge difference. If installing TBB to root directories adds - some - protection, it seems as valid as 100's of changes & fixes made over the yrs.

Many trac feature changes & bug fixes to change minor TBB behaviors have no more impact than installing TBB to more protected Linux directories. Some had zero impact on anonymity or security.

Tor Project could implement a script allowing auto-updating (or w/ a click or 2), or they could use a PPA to install & update it.

For yrs, there was such an Ubuntu PPA / repo & small script, to allow installing & auto-updating of Mozilla Fx releases, when installed to /usr or /opt, etc. Seems like Tor Project could handle that.


--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Reply via email to