[Pkg-anonymity-tools] Bug#753413: this is probably due to design (not using freedesktop xdg-user-dirs)
Stefano Zacchiroli
zack at debian.org
Sun Jul 27 08:52:17 UTC 2014
Hi Holger,
On Sat, Jul 26, 2014 at 05:07:13PM +0200, Holger Levsen wrote:
> I believe this has probably been done by design,
FWIW according to the upstream author (who has encouraged me to submit
the bug also in the upstream BTS and *cough* propose a patch) that's not
the case.
> so it is super easy to remove all traces from torbrowser(-usage) from
> the system. (eg for users in really oppressive areas...)
I'm not sure I understand the threat model you've in mind here. If
secrecy is needed on the fact that someone might be using torbrowser,
than *installing* torbrowser-launcher is not a good idea. First of all
you've no guarantee that the user will arrive on the machine (to remove
it) before the oppressors. But even if the user do, she will also have
to remove the torbrowser-launcher itself, which in case of Debian
machines will involve removing the corresponding package.
Bottom line: for that threat model a live system would be much better,
and whether cleaning traces of past usage involves removing one
directory, or several, seems just a minor detail really.
If we really want to support such a cleanup (which I'm not sure about),
the best option seems to be to add a "--self-destruct" option to
torbrowser-launcher, which does all the needed cleanup. The problem is
that on distros like Debian, such a command should also "dpkg --purge"
the package (and its dependencies...).
Cheers.
--
Stefano Zacchiroli . . . . . . . zack at upsilon.cc . . . . o . . . o . o
Maître de conférences . . . . . http://upsilon.cc/zack . . . o . . . o o
Former Debian Project Leader . . @zack on identi.ca . . o o o . . . o .
« the first rule of tautology club is the first rule of tautology club »
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 811 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-anonymity-tools/attachments/20140727/c199df2b/attachment-0001.sig>
More information about the Pkg-anonymity-tools
mailing list