Opened 9 years ago

Closed 8 years ago

#4050 closed defect (fixed)

HTTPS-Everywhere is on dev channel

Reported by: mikeperry Owned by: erinn
Priority: Medium Milestone: TorBrowserBundle 2.2.x-stable
Component: Applications/Tor bundles/installation Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

We seem to have the dev channel version of HTTPS-Everywehre as opposed to the stable. All our users just got updated to the 2.0 SSL Observatory version and are probably just about ready to freak the f* out on tor-talk.

We should have 2.2.x be on the stable channel and 2.3.x be on the dev channel.

Child Tickets

Change History (6)

comment:1 Changed 9 years ago by mikeperry

Did I just self-censor the word fuck on a trac ticket? Fuck that, shame on me.

comment:2 in reply to:  1 Changed 9 years ago by erinn

Replying to mikeperry:

Did I just self-censor the word fuck on a trac ticket? Fuck that, shame on me.

I assumed Net Nanny MITMed you via the SSL observatory.

comment:3 Changed 9 years ago by erinn

Back in the days of https-everywhere's grand debut into the TBBs, the dev channel had a lot more coverage and, although it was the dev channel, was pretty stable and generally seemed like a better idea, privacy-wise. Do you think this is not the case anymore? I should note that even back then I was putting the dev https-everywhere into the Windows stable bundles. What they're actually going to freak out about is the automatic update and consequent nag screen. But I don't know enough about https-everywhere development to know if it is about to go all Wild Wild West. I'm very reluctant to downgrade the stable bundles to a version without features that the users have become accustomed to.

comment:4 in reply to:  3 Changed 9 years ago by rransom

Replying to erinn:

Back in the days of https-everywhere's grand debut into the TBBs, the dev channel had a lot more coverage and, although it was the dev channel, was pretty stable and generally seemed like a better idea, privacy-wise. Do you think this is not the case anymore?

The stable branch of HTTPS Everywhere now ships all available rulesets.

comment:5 in reply to:  3 Changed 9 years ago by mikeperry

Replying to erinn:

Back in the days of https-everywhere's grand debut into the TBBs, the dev channel had a lot more coverage and, although it was the dev channel, was pretty stable and generally seemed like a better idea, privacy-wise. Do you think this is not the case anymore? I should note that even back then I was putting the dev https-everywhere into the Windows stable bundles. What they're actually going to freak out about is the automatic update and consequent nag screen. But I don't know enough about https-everywhere development to know if it is about to go all Wild Wild West. I'm very reluctant to downgrade the stable bundles to a version without features that the users have become accustomed to.

It's not really a downgrade. All the rules and the new UI are the same as it ever was for the 1.0.x series.

The new 2.x series from the dev channel contains the SSL Observatory submission code, though. We shouldn't let that roll out to our stable users as it may contain stability and/or privacy issues lurking to be discovered. It is definitely alpha-quality code at this point.

comment:6 Changed 8 years ago by mikeperry

Resolution: fixed
Status: newclosed

Not sure when it happened, but this has been fixed for some time.

Note: See TracTickets for help on using tickets.