Project Chronos

Chronos is the ancient Greek primordial deity of time. Part of Part of Project Pantheon, running from October 2013 until October 2014.


Project Chronos is work to build a secure updater for Torbrowser, based on the Firefox updater, but incorporating the threat model and mitigations from Thandy.

This project is primarily going to be developed by Mark and Kathy of Pearl Crascent.

Phase One


  • opt-in
  • minimally-changed from Mozilla's Firefox updater
  • probably doesn't bundle HTTPS-everywhere
  • non-Gitian MARs
  • functional version-number management


Make Firefox updater work with TB 3.x

Phase Two


Including some combination of the following:

  • update over Tor, and then eventually a hidden service
  • better signing system for updates
  • consensus check for Torbrowser packages
  • we update HTTPS-everywhere
  • reproducible MAR files
  • additional protections from the Thandy design


Update over Tor
Update via a hidden service
Torbrowser updates are signed and verified by the updater
Reproducible MARs


We're going to need hosting/CDN infrastructure to make this work.

Last modified 5 years ago Last modified on Dec 13, 2013, 10:30:21 PM