Tor Browser 6.0: Ditches SHA-1 Support, Uses DuckDuckGo For Default Search Results

The version 6.0 of Tor Browser, a free software for enabling anonymous communication, is now available to download. The new version introduces several changes, including disabling SHA-1 support, and removing Mac Gatekeeper issue. Another big change is that Tor now uses DuckDuckGo for search results by default. The Tor Project, people behind Tor, add that the "updater is not relying on the signature alone, but is checking the hash of the downloaded update file as well before applying it." More details on NetworkWorld.

Re:Anonymous communication

[NotInHere]

I often use tor not because I not want to be monitored by my government (not doing illegal things), but because I don't want to feed data to the ever hungry google and other companies.

Signatures are hashes

[bluefoxlucid]

A digital signature is a hash that's been encrypted using a private key such that the public can verify its authenticity. Regardless of all attacks, if you have the public key, you can validate that the published hash is indeed published by a holder of the private key.

Verifying the digital signature of a download is done by computing the hash, verifying that hash, and verifying that the provided hash was encrypted with a public key matching a particular private key.

Tor basically said they're doing meaningless shit.