SoylentNews

Tor-Enabled Debian Mirrors

posted by cmn32480 on Monday September 07 2015, @01:51AM   
from the in-tor-no-one-can-see-you-download dept.

An Anonymous Coward writes:

"Richard Hartmann, Peter Palfrader, and Jonathan McDowell have set up the first official onion service mirrors of the Debian operating system's software package infrastructure. This means that it is now possible to update your Debian system without the update information or downloaded packages leaving the Tor network at all, preventing a network adversary from discovering information about your system. A follow-up post by Richard includes guidance on using apt-transport-tor with the new mirrors.

These services are only the first in what should hopefully become a fully Tor-enabled system mirroring "the complete package lifecycle, package information, and the website". "This service is not redundant, it uses a key which is stored on the local drive, the .onion will change, and things are expected to break", wrote Richard, but if you are interested in trying out the new infrastructure, see the write-ups for further information."

This was orignially found at Blog.TorProject.org

---

Original Submission

• Yeah, right... Yeah, right... (Score: 3, Funny) by c0lo on Monday September 07 2015, @01:55AM

  by c0lo (156) on Monday September 07 2015, @01:55AM (#233107) Journal

  ... get systemd (with the flavour of the month bug/NSA exploit) in complete anonymity. Very helpful!

  --
  https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford

  Starting Score:	1		point
  Moderation		+1
  Funny=1, Total=1
  Extra 'Funny' Modifier		0
  Karma-Bonus Modifier		+1
  Total Score:		3

• Re:Yeah, right... (Score: 3, Informative) by _NSAKEY on Monday September 07 2015, @02:35AM

  by _NSAKEY (16) on Monday September 07 2015, @02:35AM (#233116)

  You can also get Wheezy and Squeeze packages from it. Source: http://vwakviie2ienjx6t.onion/debian/dists/ [vwakviie2ienjx6t.onion]

  Parent

• Re:Yeah, right... Re:Yeah, right... (Score: 2, Disagree) by Rosco P. Coltrane on Monday September 07 2015, @04:29AM

  by Rosco P. Coltrane (4757) on Monday September 07 2015, @04:29AM (#233131)

  Actually, by using TOR, you only choose to let the NSA track you more easily than Google et al.

  Using TOR isn't about avoiding evil, it's about choosing the lesser.

  Parent

  • Re:Yeah, right... Re:Yeah, right... (Score: 2) by frojack on Monday September 07 2015, @07:47AM

    by frojack (1554) on Monday September 07 2015, @07:47AM (#233171) Journal

    Yeah, I don't get the reason for using TOR.

    The only draw here seems to be to prevent someone else from determining what OS you are using.
    But who cares about that? Your browser gives you away on the first web server you hit, tor or no tor.

    So even if you ALWAYS use TOR, your bandwidth provider is going to know, your OS, if they were interested. Which they aren't.

    --
    No, you are mistaken. I've always had this sig.

    Parent

    • Re:Yeah, right... (Score: 0) by Anonymous Coward on Monday September 07 2015, @07:59AM

      by Anonymous Coward on Monday September 07 2015, @07:59AM (#233178)

      The only draw here seems to be to prevent someone else from determining what OS you are using.
      But who cares about that? Your browser gives you away on the first web server you hit, tor or no tor.

      Actually this will prevent someone from learning what software you have installed, which is much more useful for an attacker.
      You can choose and configure your browser to not spill the beans if you wish to.

      Parent

• Re:Yeah, right... (Score: 0) by Anonymous Coward on Monday September 07 2015, @04:43AM

  by Anonymous Coward on Monday September 07 2015, @04:43AM (#233132)

  > get systemd (with the flavour of the month bug/NSA exploit) in complete anonymity. Very helpful!

  The next release of systemd will include TOR functionality. Your init scripts will be loaded at boot from a TOR hidden service.

  Parent