[liberationtech] secure download tool - doesn't exist?!?
Jonathan Wilkes
jancsika at yahoo.com
Mon Jul 1 19:27:25 PDT 2013
On 07/01/2013 09:22 PM, Martin Uecker wrote:
>
> Jonathan Wilkes <jancsika at yahoo.com>:
>> On 07/01/2013 07:22 PM, Martin Uecker wrote:
>>> Jacob Appelbaum <jacob at appelbaum.net> wrote:
>>>
>>> ...
>>>
>>>> We need a secure downloading tool, we need it to be built into every OS
>>>> by default and until then, we'll have to rely on tricks to hack it -
>>>> preloading certs in browsers, having a website to download it from and
>>>> so on.
>>>>
>>> What we need are backwards compatible self-certifying URLs or hyperlinks,
>>> e.g. something like this:
>>>
>>> <a href="./mysoftware.tgz" hmac="sha1:da19d18ef86f4fb8fe8b61323806ec1764f9bf00">My software</a>
>>> <a href="./mysoftware.tgz#sha1:da19d18ef86f4fb8fe8b61323806ec1764f9bf00">My software</a>
>> https://en.wikipedia.org/wiki/Magnet_link
> I know. I really like Magnet links. The catch: I don't think that
> there is a change that they will be widely used, because they are
> not backwards compatible.
Yes, that is an issue.
> Being associated with file sharing will
> also not help.
No but this will:
Person1: Uh oh, that new app I wrote got slashdotted.
Person2: Well that explains why it was unusually fast when I downloaded
it. If you want I can lend you the $0 you need to pay for all that
extra bandwidth.
Person 1: Thanks.
* both fly off using jetpacks *
-Jonathan
More information about the liberationtech
mailing list