Silk Road forums
Discussion => Newbie discussion => Topic started by: yossarian1042 on August 07, 2013, 02:21 pm
-
When I click the onion with the flashing !, to update Tor, I get the following warning message:
An external application is needed to handle:
https://www.torproject.org/dist/torbrowser/tor-browser-2.3.25-10_en-US.exe
NOTE: External applications are NOT Tor safe by default and can unmask you!
If this file is untrusted, you should either save it to view while offline or in a VM,
or consider using a transparent Tor proxy like Tails LiveCD or torsocks.
Is it safe to update this way?
-
The torbundle is complaining about launching the download manager. This is ok to do if the file is trusted. In this case the file would be trusted assuming it is form the onion network. Otherwise download the torbundle on clear net.
-
I always go to the TORProject.org website and download the latest version and save it to a SD card, I think that's the safest way.
-
The download url I get is:
https://www.torproject.org/download/download-easy.html?os=WINNT&arch=x86-msvc#win
Is this legit?
-
Yes.
-
Yes.
Sorry, but a reply from a newbie with no previous posts does not have much gravitas! Anyone else?
-
Yes.
Sorry, but a reply from a newbie with no previous posts does not have much gravitas! Anyone else?
The latest windows version is https://www.torproject.org/dist/torbrowser/tor-browser-2.3.25-10_en-US.exe
-
I think the only real threat to your safety here is the fact you are using Windows OS.. The vulnerability was only Java for Windows.
You'll always be fine updating thru the browser bundle.
-
Update TOR Bundle often. Also I am switching to Tails OS for all SR stuff. Just install on USB then boot, takes extra 5 minutes but safer.
-
Went to tor couldn't find update how can i find which version of Tor I am using? Thanks
-
Top left of browser click TorBrowser got Help then About TorBrowser. You want version 17.0.7 or higher.
-
THANKS ! Intrepid21
-
Right it will basically give you that message for just about any file you try to download. It definitely seems good to stay up to date. The Java exploit on FreedomHosting wasn't an issue if you had the latest version including FF 17.0.7 even if you had JS enabled. Windows leaks data all over the place to be sure. The FH exploit did target Windows only but that doesn't mean other OS's are somehow less vulnerable; it just means they decided to target Windows in that exploit.