07-09-2023, 05:40 AM
How can we trust those TOR links not to contain malware? I would recommend HTTPS instead, failing that HTTP, but not TOR with Onion links given by some random commenter on some forum.
how to update mobian over tor
|
07-09-2023, 05:40 AM
How can we trust those TOR links not to contain malware? I would recommend HTTPS instead, failing that HTTP, but not TOR with Onion links given by some random commenter on some forum.
07-09-2023, 03:27 PM
(07-09-2023, 05:40 AM)Kevin Kofler Wrote: How can we trust those TOR links not to contain malware? I would recommend HTTPS instead, failing that HTTP, but not TOR with Onion links given by some random commenter on some forum. we should be suspicious of tor links. however, if signing keys are properly validated, then installer won't install those altered packages. this creates another problem, where are signing keys from!? do users check signing keys!? btw, http (non-ssl) could be hijacked in rare cases.
07-09-2023, 05:01 PM
(07-09-2023, 05:40 AM)Kevin Kofler Wrote: How can we trust those TOR links not to contain malware? I would recommend HTTPS instead, failing that HTTP, but not TOR with Onion links given by some random commenter on some forum. links not random not suspicious. all .onion links in this thread are official debian mirrors https://onion.debian.org as zetabeta says, non official mirrors okay if signing keys are properly validated, then installer won't install those altered packages. But all onion links in this thread are official debian mirrors https://onion.debian.org sub packages no longer need to be installed for apt transport https support
Updated trixie instructions
Code: sudo apt install apt-transport-tor tor Edit /etc/apt/sources.list as root Code: sudo nano /etc/apt/sources.list Put # in front of every existing line and add these two new lines Code: deb tor://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian trixie main Edit /etc/apt/sources.list.d/mobian.list as root Code: sudo nano /etc/apt/sources.list.d/mobian.list and put tor+ in front of the https://repo.mobian.org/ url Code: tor+https://repo.mobian.org/ Run Code: sudo apt update |