To see this for yourself, you could try:
Start Menu → System → Xfce Terminal
I tried updating TOR from Terminal without success.
“INFO: Done, downloaded: linux64-11.0.6_en-US.tar.xz
INFO: GPG signature verification… This will take a moment…
ERROR: GPG download signature could NOT be verified.
Tor Browser update failed! Try again later.”
I would rather not uninstall Whonix/Virtual box to get this to work since I have too much on my virtual box that I would like to keep.
So that would really be the last option. Any suggestions on how to fix this issue?
I tried the command from terminal, update-torbrowser.
Here is the full log;
user@host:~$ update-torbrowser INFO: Auto detecting ARCH… INFO: ARCH x86_64 detected. INFO: Auto detecting ARCH_DOWNLOAD… INFO: ARCH_DOWNLOAD linux64 detected. INFO: CURL_PROXY: --proxy socks5h://tb-updater_1ce7e624-a730-413c-80b1-72fa29459800:email@example.com:9115 INFO: stdin connected to terminal, setting TB_INPUT to stdin, will use terminal for input, ok. INFO: Alternatively, if want to run from command line, but still use the graphical user interface for input, you could add to command line: --input gui INFO: not running inside Qubes DVM Template, ok. INFO: tbb_download_alpha_version: false INFO: Downloading stable version. Alternatively, if want to download the alpha version, you could add to command line: --alpha or set configuration option: tbb_download_alpha_version=true for instructions, see: /Tor_Browser#Alpha INFO: Running Tor enabled check… Done. INFO: Running Tor bootstrap check… Done. INFO: Running connectivity check… Downloading: … INFO: CURL_OUT_FILE: /home/user/.cache/tb/temp/tbb_remote_folder INFO: Connectivity check succeeded. INFO: Find out latest version… Downloading: /update_3/release/downloads.json … INFO: CURL_OUT_FILE: /home/user/.cache/tb/RecommendedTBBVersions INFO: Done, downloaded:/update_3/release/downloads.json WARNING: Looks like Tor Browser is already up to date.
Please close Tor Browser if you want to (re-)install!
If your currently installed version is:
higher: you are likely target of a downgrade attack, SAY NO NOW.*
equal : only proceed, if you want to create a new browser profile.*
lower : you should upgrade.*
If you would like to keep your browser profile and update rather than re-downloading Tor Browser, you must use Tor Browser’s internal updater. In that case, say no now.
This program (Tor Browser Downloader (by Whonix developers)) is incapable of keeping user data.
YOUR BROWSER WILL BE KILLED. YOUR OLD BROWSER PROFILE INCLUDING BOOKMARKS AND PASSWORDS WILL GET DELETED. Learn more about this Download Confirmation Screen. Download_Confirmation_Screen INFO: tbb_version_previous_downloaded_version: 10.0.7 INFO: Currently installed version: 11.0.6 INFO: Online detected version: 11.0.6 QUESTION: Download now? y/n? y INFO: Tor Browser language variable TB_LANG was not yet set. Therefore defaulting TB_LANG to ‘en-US’, ok. INFO: Because you are not using --nokilltb, now killing eventually still running instances of Tor Browser… firefox.real: no process found INFO: Downloading GPG signature… Will take a moment… INFO: Downloading:
11.0.6/sha256sums-unsigned-build.txt.asc ... Will take a moment...*
INFO: CURL_OUT_FILE: /home/user/.cache/tb/files/sha256sums-unsigned-build.txt.asc INFO: Done, downloaded: 11.0.6/sha256sums-unsigned-build.txt.asc INFO: Downloading sha256sums file… Will take a moment… INFO: Downloading:
ct.org/dist/torbrowser/11.0.6/sha256sums-unsigned-build.txt ... Will take a moment...*
torbrowser/11.0.6/tor-browser-linux64-11.0.6_en-US.tar.xz ... Will take a while...*
INFO: CURL_OUT_FILE: /home/user/.cache/tb/files/tor-browser-linux64-11.0.6_en-US.tar.xz INFO: Done, downloaded: dist/torbrowser/11.0.6/tor-browser-linux64-11.0.6_en-US.tar.xz INFO: GPG signature verification… This will take a moment… ERROR: GPG download signature could NOT be verified. Tor Browser update failed! Try again later.
gpg_bash_lib_internal_gpg_verify_status_fd_file: /home/user/.cache/tb/gpgtmpdir/gpg_bash_lib_internal_gpg_verify_status_fd_file gpg_bash_lib_internal_gpg_verify_output_file: /home/user/.cache/tb/gpgtmpdir/gpg_bash_lib_internal_gpg_verify_output_file gpg_bash_lib_output_gpg_import_output: gpg: keybox ‘/home/user/.cache/tb/gpgtmpdir/pubring.kbx’ created gpg: /home/user/.cache/tb/gpgtmpdir/trustdb.gpg: trustdb created gpg: key 4E2C6E8793298290: public key "Tor Browser Developers (signing key) " imported gpg: Total number processed: 1 gpg: imported: 1 gpg_bash_lib_output_gpg_verify_output: gpg: Signature made Sat 05 Feb 2022 07:55:08 PM UTC gpg: using RSA key 45482E536642433E829F7D021DDE30B764471014 gpg: Can’t check signature: No public key gpg_bash_lib_output_gpg_verify_status_fd_output: user@host:~$
Had to remove some website addresses from the log in order to post.
As for the sudo apt update command:
*Get:1 org/debian unstable InRelease [165 kB] * Get:2 tor+https://deb.debian.org/debian-security buster/updates InRelease [65.4 kB]
*Get:3 tor+https://deb.debian.org/debian buster-updates InRelease [51.9 kB] *
*Get:4 tor+https://deb.whonix.org buster InRelease [39.7 kB] *
*Hit:5 tor+https://deb.debian.org/debian buster InRelease * Get:6 debian unstable/main amd64 Packages.diff/Index [63.6 kB] Get:7 debian unstable/main amd64 Packages T-2022-02-12-1403.37-F-2022-02-12-1403.37.pdiff [26.8 kB] Get:7 main amd64 Packages T-2022-02-12-1403.37-F-2022-02-12-1403.37.pdiff [26.8 kB]
*Reading package lists… Done * E: Release file for tor+https://deb.whonix.org/dists/buster/InRelease is expired (invalid since 5d 21h 44min 45s). Updates for this repository will not be applied.