[mdadm]

>The entire security of the Tor Browser ecosystem relies on the integrity of a single TLS certificate that has already been previously compromised.

Seriously? That seems like a really weird - to say the least - decision to make about something this important...

[throwanem]

It's the certificate used to sign TLS for addons.mozilla.org. Since "Tor Browser" is a lightly modified Firefox that hasn't had its automatic addon update checking disabled, and Mozilla's addon signing process is an automated rubber stamp, that's a problem.

To be clear, I don't think it's so much a problem on Mozilla's part; perhaps manual review would be a good idea, but I doubt they have the resources. The problem here is that Tor Browser has claims made for it that aren't supported by the amount of work that's actually gone into making it secure. That would appear to be entirely on the people who run the Tor foundation, or whatever nonprofit structure it is that they use.