Actions

Dev/SecureDownloader

From Whonix

< Dev

Unfinished!

Introduction[edit]

Stub downloader. Similar to the one that Mozilla is providing for Firefox downloads. A small tool that is used to download and install the real tool.

Securing downloads may be better when written as a general purpose tool (not specific to Whonix ™).

No other projects such as Firefox or Debian support this use case.

Metalink[edit]

Learning C++ and adding Metalink (including OpenPGP support) into Firefox (see Metalink, see https://bugzilla.mozilla.org/show_bug.cgi?id=331979) might be one of the simpler, yet very difficult approaches. For Firefox, gsoc may be way to get this feature in, which means that some uber geek spends 4 months full time on developing this. (While still not addressing the TUF threat model.)

Open Questions[edit]

  • How to download and verify the host program in the first place?
  • How to download the secure downloader itself in censored countries?
  • How to download files in censored countries?
  • Torify downloads?

Difficulties[edit]

Such a host program is host operating system specific, well you can write it in a cross platform language but still have to struggle with platform specific quirks.

The Tor Project never managed to get such a downloader up and running, see Thandy.

Related[edit]

Footnotes[edit]


[advertisement] Looking to Sell Your Company? Contact me.


Want to make Whonix safer and more usable? We're looking for helping hands. Check out the Open Issues and development forum.

https | (forcing) onion
Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Rss.png 1024px-Telegram 2019 Logo.svg.png

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.