[Whonix-devel] #17216 [Applications/Tor Browser]: Make Tor Browser's updater work over Hidden Services

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Feb 6 11:42:59 CET 2019


#17216: Make Tor Browser's updater work over Hidden Services
-------------------------------------------------+-------------------------
 Reporter:  isis                                 |          Owner:  tbb-
                                                 |  team
     Type:  enhancement                          |         Status:
                                                 |  needs_information
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs, tbb-security,                |  Actual Points:
  TorBrowserTeam201901, tbb-update               |
Parent ID:                                       |         Points:  medium
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by weasel):

 Hi!

 Replying to [comment:10 gk]:
 > I'd like to test this out, first in the alpha series, sooner than later.
 The idea would be to fetch the metadata file (update.xml) over .onion
 which is a pretty small file (around 1000 bytes) but *not* the full
 update. I am in particular concerned about TLS being the means of
 authenticating the contents of that xml file and think we can do better
 with an .onion responsible for that.
 >
 > weasel, ln5: do you feel the current .onion setup for aus1 is robust
 enough for that test? Should we wait until we have v3 services available?
 Or...?

 We discussed this in Brussels a bit.  It is our current consensus that the
 onion service providing aus1.tpo is not suitable for this purpose.

 The onion service is backed by onionbalance, which appears to be
 unmaintained upstream and which does not support v3 onion services.
 Furthermore, in order for us to be comfortable relying and depending on an
 onion service for such an important purpose, we would want that
 onionbalance itself could be run in a distributed/redundant way such that
 we would not have any SPoFs.

 Once these issues are addressed, we can reconsider the issue.  For now,
 however, we recommend you not rely on the onion for updates.

 Cheers,

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17216#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the Whonix-devel mailing list