Sorry for taking so long to respond to this thread. Responses are (mostly) inline below.
At a training event a couple of days ago, a user was sketched out by the warning her Mac gave her -- in spite of the advance notice she'd been given by the trainers.
Erinn Clark wrote:
Please see Ralf's reply to me elsewhere in the thread -- do you still think this while taking into account what we know about US companies' cooperation the NSA/USG with regards to turning over user data?
This is an extremely important point, and I don't want to minimize user risk in this regard. But I think that it needs to be weighed against the probability that it will expand availability to censored users. (Especially if the bundle uploaded is the pluggable transport bundle, hint hint hint).
The situation is similar to Orbot's deployment (as Nathan points out). Censor X would have to block the app store in order to block access to Orbot, but the trade-off is that Google gets a list of people interested in anonymity.
Part of me feels that if a user is using an Apple device, they're on the hook to do their homework -- responsibility and informed consent and definitely in play there. AFAIK, the last bug submitted was #6540.
However, having said all of that, it turns out that Tor doesn't need to distribute it via app store to distribute a signed app [1] (there are two types of certificates). Though the signing situation itself is complicated (eg, Apple would still likely know that you've downloaded Tor).
andrew@torproject.is wrote:
I agree with this method. I don't think The Tor Project should be the one maintaining Tor-something in the App Store. I'd rather a trusted 3rd party who signs a trademark licensing agreement with us be the person who maintains an App Store presence.
I really like this idea. My only real concerns are about licensing and whether Apple would consider a Tor-licensing dev to be effectively a proxy of the Tor Project Inc. Also, the tpo site right now indicates that someone could just submit TBB to an app store without a licensing agreement, so that could use clarifying.
Other than that, agree with Naif :D To Nathan's point, Macs and Chromebooks subscribe highly to the "walled garden" model of app accessibility, and more users look to Apple's blessed apps than for independent solutions. This is either a good thing or a bad thing, depending on your outlook (broader userbase vs. better-educated users).
abusing his parenthetical privileges, Griffin
[1] Page 11 of: https://developer.apple.com/library/mac/documentation/security/conceptual/Co...