TOR Browser... why unknown?

pls move if needed

I was wondering why the TOR Browser Bundle is always sandboxed as an unknown file
I would have thought the EFF/TOR would be in the TVL

Because TOR is an open source software which means anybody can modify it. Open source software is a risk.

*Edit: Also many open source programs don’t have a valid digital signature.

Ok I get that it’s open source, but if anyone could modify it surely it would have been compromised as an anonymity tool?
so the TVL contains no open source programs ?

on a side note it runs without a hitch in a fully virtual sandbox :-TU not the case when run limited in previous versions

It’s not digitally signed …

It's not digitally signed ...

HI, yeah I see that now
For some reason I thought it was :o
I had just checked an realized it was not

Thanks :smiley:

Yeah and that’s a problem. Trust or not to trust. TVL don’t have an open source programs because such programs don’t have a digital signature so CIS have no idea where it came from. Yes TOR files don’t have any digital signatures.

Even Mozilla Firefox is an open source browser…probably the reason why TOR is sandboxed is because it doesn’t have a digital signature…

No, just because it has not been whitelisted yet … If you want it to be trusted, then submit it and once it will be updated you’ll have to resubmit etc etc …

See this link on verifying Tor digital signatures.