summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Retout <tim@retout.co.uk>2014-06-15 17:42:32 +0100
committerTim Retout <tim@retout.co.uk>2014-06-15 17:42:32 +0100
commit246f3b67d89a48bb293abe3ecfa28cfac97506f8 (patch)
treef1a160a0de212cecee02ea7339d516ed41988e2a
parent8fbd3ac302097cb1e1505b021730f09888d7d4f2 (diff)
Add more paranoia to package description. (Closes: #746773)
-rw-r--r--debian/changelog7
-rw-r--r--debian/control9
2 files changed, 15 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog
index 8b6f9b0..1ea5aae 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+apt-transport-tor (0.1.1-2) unstable; urgency=medium
+
+ * debian/control: Update description to give less of a false sense
+ of security. (Closes: #746773)
+
+ -- Tim Retout <diocles@debian.org> Sun, 15 Jun 2014 17:29:51 +0100
+
apt-transport-tor (0.1.1-1) unstable; urgency=medium
* Initial release. (Closes: #745259)
diff --git a/debian/control b/debian/control
index eb191cc..4ac2252 100644
--- a/debian/control
+++ b/debian/control
@@ -18,4 +18,11 @@ Description: APT transport for anonymous package downloads via Tor
can still see what software you are installing.
.
Install apt-transport-tor, edit your sources.list to include only tor://
- URLs, and you can "apt-get install anarchism" without fear of reprisals.
+ URLs, and you can make it very difficult for anyone intercepting your
+ network traffic to be able to tell that you are installing Debian packages,
+ or which packages you are installing.
+ .
+ Please note that this approach is only as secure as Tor itself - this
+ software cannot protect you from an attacker who has access to your local
+ machine. In addition, attackers may be able to correlate your network
+ traffic with the packets coming out of an exit node, so do be careful.