Finally, the updates themselves are also protected by strong cryptography, in the form of package-level cryptographic signatures (the Tor Project signs the update files themselves). These requests also use HTTPS encryption and pinned HTTPS certificates (a security mechanism that allows HTTPS websites to resist being impersonated by an attacker by specifying exact cryptographic keys for sites). The Tor Browser downloads its software updates anonymously using the Tor network, and update requests contain no identifying information that could be used to deliver targeted malicious updates to specific users. Moreover, anyone can obtain our source code and produce bit-for-bit identical copies of the programs we distribute using Reproducible Builds, eliminating the possibility of single points of compromise or coercion in our software build process. Our primary product, the Tor Browser, is fully open source. The Tor Project employs several mechanisms to ensure the security and integrity of our software. Any weakness introduced to help a particular government would inevitably be discovered and could be used against all of our users. And for all of them, that privacy depends upon the integrity of our software, and on strong cryptography. Even in Western societies, studies demonstrate that intelligence agencies such as the NSA are chilling dissent and silencing political discourse merely through the threat of pervasive surveillance.įor all of our users, their privacy is their security.
These users include bloggers reporting on drug violence in Latin America dissidents in China, Russia, and the Middle East police and military officers who use our software to keep themselves safe on the job and LGBTI individuals who face persecution nearly everywhere. We therefore stand with Apple to defend strong encryption and to oppose government pressure to weaken it. In an age when people have so little control over the information recorded about their lives, we believe that privacy is worth fighting for. The strong encryption built into our software is essential for their safety. The Tor Project exists to provide privacy and anonymity for millions of people, including human rights defenders across the globe whose lives depend on it.
0 kommentar(er)
