Hi there,
Im on Qubes 4.1, which is still on whonix 16. When running TB downloader, i’m getting this as a result:
Installation confirmation
Currently installed version:
13.0.5
Downloaded version :
13.0.6
You are likely target of a downgrade attack, SAY NO NOW! The downloaded signature is older than the last known signature. Unless you are downgrading, you should abort now and try again later!
Previous Signature Creation Date:
November 23 11:17:24 UTC 2023
Last Signature Creation Date :
August 08 18:35:39 UTC 2022
The signature looks quite old already.
Either,
- your clock might be fast (at least 454 days 13 hours 18 minutes 14 seconds fast). In that case, please check your clock is correct.
- there is really no newer signature yet. The signature is really older than 30 days already. (Older than 454 days 13 hours 18 minutes 14 seconds already.)
- this is a update-torbrowser bug
- this is an attack
gpg reports:
gpg: Signature made Mon 08 Aug 2022 06:35:39 PM UTC
gpg: using RSA key 613188FC5BE2176E3ED54901E53D989A9E2D47BF
gpg: Good signature from "Tor Browser Developers (signing key) " [ultimate]
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
Subkey fingerprint: 6131 88FC 5BE2 176E 3ED5 4901 E53D 989A 9E2D 47BF
This message looks different, but also like it could be related to this post made about 10h ago:
/why-am-i-getting-this-message-when-i-try-to-update-the-tor-browser/17840
Please advise how to procede.