Delivery-Date: Sun, 14 Feb 2016 00:33:26 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 4BF6C1E0B12;
	Sun, 14 Feb 2016 00:33:24 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 8B99538CFE;
	Sun, 14 Feb 2016 05:33:19 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 0B86A38CFD
 for <tor-talk@lists.torproject.org>; Sun, 14 Feb 2016 05:33:16 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id jJ4sDcw0J8uJ for <tor-talk@lists.torproject.org>;
 Sun, 14 Feb 2016 05:33:15 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id DC63838CFA
 for <tor-talk@lists.torproject.org>; Sun, 14 Feb 2016 05:33:15 +0000 (UTC)
Received: from cotinga.riseup.net (unknown [10.0.1.164])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 19C2E1A2227
 for <tor-talk@lists.torproject.org>; Sun, 14 Feb 2016 05:33:13 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1455427993; bh=jNzeGbHpkzB4A5nb+57duIjpX4LKPDOz4HkmWxGXQ+c=;
 h=Subject:To:References:From:Date:In-Reply-To:From;
 b=BwowGaQ4db4nkBoI1hPq4xjg2gXUJhyUkVTkR+fM7ctHiY9V01V8U/c7lM+g47M4h
 3GJAHAioSK5za0dhd+oBFxaRfnCcgn0BFq5zPd8LqLaXeXmF3GTrEgG+KLKwxG+eOb
 v+4GtccM2+NqCbvA/48sNCUaxewqhoSy4/hoBDqc=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: mirimir) with ESMTPSA id 71A6140083
To: tor-talk@lists.torproject.org
References: <1771961455260223@web23j.yandex.ru>
 <264f2dd476c0bf092f90ea719697e801@openmailbox.org>
From: Mirimir <mirimir@riseup.net>
X-Enigmail-Draft-Status: N1110
Message-ID: <56C01191.4030501@riseup.net>
Date: Sat, 13 Feb 2016 22:33:05 -0700
MIME-Version: 1.0
In-Reply-To: <264f2dd476c0bf092f90ea719697e801@openmailbox.org>
X-Virus-Scanned: clamav-milter 0.98.7 at mx1.riseup.net
X-Virus-Status: Clean
Subject: Re: [tor-talk] automatic Tor browser updates
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 02/13/2016 04:16 PM, blobby@openmailbox.org wrote:
> On 2016-02-12 06:57, Cain Ungothep wrote:
>>> On 02/08/2016 01:36 AM, Georg Koppen wrote:
>>>
>>>> Mirimir:
>>>>
>>>>> When automatically updating, does Tor browser check GPG signatures of
>>>>> downloaded updates before installing them?
>>>>
>>>> The update files are not using GPG signatures (see:
>>>> https://wiki.mozilla.org/Software_Update:MAR for detailed information
>>>> about the MAR file format). They are signed, though, and the updater
>>>> refuses to install the update if the signature is non-existing or
>>>> wrong.
>>>>
>>>> Georg
>>>
>>> Thank you.
>>>
>>> For those who wish to update manually, is it sufficient to toggle
>>> app.update.auto in about:config to false?
>>
>> Seems so.  You will still be prompted to update through the MAR system,
>> but it won't happen automatically.
> 
> Today I discovered that TBB 5.5.2 automatically downloaded. That hasn't
> happened before. Normally I am prompted and manually download the tar
> bundle with the signature file which I check with gpg --verify.
> 
> I'm confused as to why this time I received an automatic download. Any
> thoughts?

That's what triggered my question. It seems that automatic updating is
now the default. That's a good idea. Consider the Freedom Hosting
exploits. I can't say that I trust the MAR update protocol as much as
checking GPG signatures. But then, most people who even remember to
update don't bother checking GPG signatures. So it's a net improvement.
The scrupulous can disable automatic updating, and go old school.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

