![]() There are web-of-trust benefits to signing the key, but I won’t go into that for now. I have also personally used this particular key for years with that exact signature, so I can personally attest that the signature with the following key is valid:Ħ694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6 The particular GitHub account we got our key from is heavily starred, and a google search shows a lot of references to it, so we have a reasonable assurance that it is the real one. By signing the key, one of the things you are doing is indicating “I trust this key as valid and I made sure that it’s owned by the actual ‘ThomasV’ in question.” You can verify the key by comparing the signatures with people who you know have the correct key (googling the fingerprint and verifying with multiple sites helps). Once it’s imported, you have to then “sign” the key. Now paste the key, and then save it as “thomasv.key” in the “Tor Browser” directory. Then open gedit, which is the text editor to Tails: Visit this webpage, and highlight the text of the key, right click and press “copy”. Don’t trust one particular source for GPG keys, just in case that source gets hacked or is somehow untrustworthy.Īnyway, save the key to your Tails distribution. I also recommend searching for this fingerprint on multiple search engines such as DuckDuckGo, Bing, and Google so you can cross-verify and make sure that is the REAL “ThomasV” in question. This means that a lot of people are saying “yep, I like this key”. Notice the high number of stars in the GitHub page. One of the maintainers of Electrum is “ThomasV” and his GPG key is here: So any binary that is not part of the official Tails distribution should be verified that is hasn’t been tampered with. A hacker can also theoretically hack into the website and change the binary as well. There are a lot of “scam wallets” going around where people download the wrong binary which then steals money. The next step is to verify the binary’s validity. Now, we can begin upgrading the Electrum wallet. Go to Applications -> Tails -> Configure Persistent Volume:įrom there, make sure that the “dotfiles” switch is set to “on” and click “save” button: Now that we are logged in, we have to make sure the persistent folder has correct settings. This password is forgotten on the next reboot, so it won’t introduce any security problems once we’re done). (This, by the way, allows you to execute the “sudo” command which gives your Tails account temporary root privileges. Then double-click on “administration password” and set the password to any arbitrary password you like. We have to be able to login as “administrator” for what we need to do, so when we login, press the “+” sign on the bottom left hand of the screen: If the official article is somehow unsatisfactory, I can write another “how to” article later. There are a actually a couple of ways you can backup Tails. ![]() My recommendation is to use the Tails official backup procedure here. This is doubly true if this involves money. Currently, the latest version of Electrum is 3.3.6, so I’ll write about that.įirst off, whenever you make “weird changes” to whatever you are doing, even in general, you should make a backup. Electrum 3.3.3 and above can mitigate such attacks. There’s a lot of things you have to type so you might want to copy and paste this into a text file and load it on a USB, so you can copy and paste certain commands back into the commandline.Ĭurrently, the running version of Electrum on Tails is insecure because it allows nodes to broadcast messages that can potentially be phishing attacks and trick users into downloading malware. So I thought I would create a blog post showing people how to do it. ![]() I see a lot of requests on reddit asking how to install the new version of Electrum on Tails. Upgrading electrum on tails to 3.3.4 Februat 7:52 am | Posted in Uncategorized | 139 Comments ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |