Security – Torbrowser Signature Verification Fails: Glitch or Attack?

Securitysignaturetor

I wanted to try using TOR on my new Linux Mint 18.1 installation. So I apt-get installed torbrowser-launcher and tor, then ran torbrowser-launcher. It opened a dialog box and showed me it was downloading the TOR browser; but when it was done, it said it had failed the signature check and that I may be "under attack" (oh my!).

Now, it's quite unlikely I'm under some attack personally (I'm not important enough for that), so I'm guessing either it's some technical glitch, or, what would be possible although far far less likely, a man-in-the-middle attack covering my ISP rather than myself individually, nefarious government surveillance or what-not.

How can I tell? What should I do?

By the way, the URLs downloaded are:

https://dist.torproject.org/torbrowser/6.5/tor-browser-linux64-6.5_en-US.tar.xz.asc
https://dist.torproject.org/torbrowser/6.5/tor-browser-linux64-6.5_en-US.tar.xz

Best Answer

It's not an attack, just an outdated key.

There's a issue report on this matter over at the GitHub repository.

A workaround reported there, which works for some systems if not all, is to run:

gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir/" --refresh-keys --keyserver pgp.mit.edu

before torbrowser-launcher. Then it works. It's quite possible that what Kusalananda suggested would also work, but I can't check that unless I undo the key update.

Related Solutions

Cli verification of digitally signed email

openssl smime -verify -in message.orig

Add a -CAfile or -CApath option to specify a different list of trusted certificates from the system's default.

You may obtain information from the certificate that was used to sign the email with:

openssl smime -noverify -in message.orig -pk7out |
  openssl pkcs7 -print_certs -text -noout

Or from the smime.p7s if you've already extracted it:

openssl pkcs7 -in smime.p7s -text -inform DER -print_certs -noout

Security – Check for Signature in a deb Package

dpkg-sig --list <deb-file.deb>

will list any items in the file which look like a signature, without verifying the file. This will list the role of any signature in the file; e.g.

$ dpkg-sig -l vuescan_9.7.50-1_amd64.deb
Processing vuescan_9.7.50-1_amd64.deb...
builder
$ dpkg-sig -l zstd_1.4.8+dfsg-2.1_i386.deb
Processing zstd_1.4.8+dfsg-2.1_i386.deb...
$

The first file has a signature with the “builder” role; the second file isn’t signed.

Note that it’s unusual for individual .deb files to be signed (unlike RPMs). Debian packages’ authenticity relies on the repository’s authenticity; see How is the authenticity of Debian packages guaranteed?

Best Answer

It's not an attack, just an outdated key.

Related Solutions

Cli verification of digitally signed email

Security – Check for Signature in a deb Package

Related Question