Silk Road forums

Discussion => Newbie discussion => Topic started by: yossarian1042 on August 07, 2013, 02:21 pm

Title: Tor bundle update.
Post by: yossarian1042 on August 07, 2013, 02:21 pm
When I click the onion with the flashing !, to update Tor, I get the following warning message:

An external application is needed to handle:

https://www.torproject.org/dist/torbrowser/tor-browser-2.3.25-10_en-US.exe

NOTE: External applications are NOT Tor safe by default and can unmask you!

If this file is untrusted, you should either save it to view while offline or in a VM,
or consider using a transparent Tor proxy like Tails LiveCD or torsocks.

Is it safe to update this way?
Title: Re: Tor bundle update.
Post by: paxpax on August 07, 2013, 02:33 pm
The torbundle is complaining about launching the download manager. This is ok to do if the file is trusted. In this case the file would be trusted assuming it is form the onion network. Otherwise download the torbundle on clear net.
Title: Re: Tor bundle update.
Post by: Maribo on August 07, 2013, 02:43 pm
I always go to the TORProject.org website and download the latest version and save it to a SD card, I think that's the safest way.
Title: Re: Tor bundle update.
Post by: yossarian1042 on August 07, 2013, 02:52 pm
The download url I get is:

https://www.torproject.org/download/download-easy.html?os=WINNT&arch=x86-msvc#win

Is this legit?
Title: Re: Tor bundle update.
Post by: brevert on August 07, 2013, 03:21 pm
Yes.
Title: Re: Tor bundle update.
Post by: yossarian1042 on August 07, 2013, 03:32 pm
Yes.

Sorry, but a reply from a newbie with no previous posts does not have much gravitas!   Anyone else?
Title: Re: Tor bundle update.
Post by: paxpax on August 07, 2013, 05:27 pm
Yes.

Sorry, but a reply from a newbie with no previous posts does not have much gravitas!   Anyone else?

The latest windows version is https://www.torproject.org/dist/torbrowser/tor-browser-2.3.25-10_en-US.exe
Title: Re: Tor bundle update.
Post by: Transcend Reality on August 07, 2013, 05:37 pm
I think the only real threat to your safety here is the fact you are using Windows OS.. The vulnerability was only Java for Windows.

You'll always be fine updating thru the browser bundle.
Title: Re: Tor bundle update.
Post by: Intrepid21 on August 07, 2013, 05:55 pm
Update TOR Bundle often. Also I am switching to Tails OS for all SR stuff. Just install on USB then boot, takes extra 5 minutes but safer.

Title: Re: Tor bundle update.
Post by: phantomoto on August 07, 2013, 08:08 pm
Went to tor couldn't find update how can i find which version of Tor I am using?   Thanks
Title: Re: Tor bundle update.
Post by: Intrepid21 on August 07, 2013, 09:35 pm
Top left of browser click TorBrowser got Help then About TorBrowser. You want version 17.0.7 or higher.
Title: Re: Tor bundle update.
Post by: phantomoto on August 08, 2013, 12:24 pm
THANKS ! Intrepid21
Title: Re: Tor bundle update.
Post by: mcguire39 on August 08, 2013, 12:39 pm
Right it will basically give you that message for just about any file you try to download. It definitely seems good to stay up to date. The Java exploit on FreedomHosting wasn't an issue if you had the latest version including FF 17.0.7 even if you had JS enabled. Windows leaks data all over the place to be sure. The FH exploit did target Windows only but that doesn't mean other OS's are somehow less vulnerable; it just means they decided to target Windows in that exploit.