Unable to download the desktop version / Autoupdate doesn't work #9453
Comments
|
This is due to https://twitter.com/RiotChat/status/1117110823023984640 - we are working on getting the downloads page back up and running, although there's a lot of work to be done. |
turt2live
added
T-Other
|
I am guessing both downloads and repository issues will be resolved once the packages are rebuilt and signed with new keys. There probably will also need to add instructions as to how remove old keys from Debian/Ubuntu keychain/keyring and put new ones in. Once the work and the documentation is completed and published, could this be marked as done perhaps. |
|
@shirishag75 Is it also available for Windows? |
|
I think so but cannot be sure as most links don't work and anyways I'm a linux user so not really interested in that platform. Although I would expect them to have it also for MS-Windows. |
|
I use Windows and Linux but most of my friends use Windows so I need a
Windows compatibility version for them.
…On Sun, Apr 14, 2019 at 11:49 AM shirish ***@***.***> wrote:
I *think* so but cannot be sure as most links don't work and anyways I'm
a linux user so not really interested in that platform. Although I would
expect them to have it also for MS-Windows.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#9453 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AG7P2BRYXWRQAAYMZH3J2O3PQKERPANCNFSM4HFYEUHQ>
.
|
|
Windows desktop builds are supported by Riot. The download page is just offline at the moment. |
|
Oh ok that is good to know.
…On Sun, Apr 14, 2019 at 1:52 PM Travis Ralston ***@***.***> wrote:
Windows desktop builds are supported by Riot. The download page is just
offline at the moment.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#9453 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AG7P2BTUQABLWQJWJEOSLCDPQKS7DANCNFSM4HFYEUHQ>
.
|
|
I am guessing either a new build or the same build but a different gpg key is in works. Looking forward to see the new build or/and new set of keys :) |
|
Hi! Thank you for your good work. Could you please provide a brief explanation on what has happened directly at https://riot.im/download/desktop and at https://riot.im/packages/debian etc. with a link to https://matrix.org/blog/2019/04/11/security-incident/ (and maybe also to this issue) instead of leaving us users in the dark with an http status 404 error? This would be great! 👍 |
|
No worries
…On Mon, Apr 15, 2019 at 10:28 PM Pablo Hörtner ***@***.***> wrote:
Hi! Thank you for your good work. Could you please provide a brief
explanation on what has happened directly at
https://riot.im/download/desktop and at https://riot.im/packages/debian
etc. with a link to https://matrix.org/blog/2019/04/11/security-incident/
(and maybe also to this issue) instead of leaving us users in the dark with
an http status 404 error? This would be great! 👍
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#9453 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AG7P2BSONN3WL3D277SI47DPQRYG3ANCNFSM4HFYEUHQ>
.
|
While I'm just a user like you, allow me to share some of the things I am guessing they will be doing. First see #9441 (comment) . That comment in itself tells a lot. In essence, what happened was that a greyhat was able to compromise lot of riot infrastructure. One of the things which was compromised were the GPG keys which are and were used by the developers to sign the debian packages as well as all the binaries. Compromised keys can lead to lot of malfeasance and reputation of the developers. Even this security incident has damaged quite a bit of reputation of the developers so they probably are looking at each service from a security angle and slowly each service will be turned back on. We would probably have to wait few days for new keys, maybe longer keys with more bit strength (whatever), better algorithim etc. so it isn't easy for such an occurence to re-occur . I know it's hard and probably going to be harder on all of us, especially as many of the IRC servers have only a limited window after which you have re-register again, for e.g. I know of OFTC which has only a window of 2 weeks before you have to re-register yourself . So the best bet is either to wait and see or go back to some IRC client etc. and wait it out. Nothing else we can do at this point in time . Hope it gave some more details and specifics. |
|
https://riot.im/download/desktop/ has new downloads available for 1.0.8 (freshly signed packages). Making the update button / autoupdate stuff work is coming up next. |
|
THanks for the link :)
…On Tue, Apr 16, 2019 at 12:14 PM Travis Ralston ***@***.***> wrote:
https://riot.im/download/desktop/ has new downloads available for 1.0.8
(freshly signed packages). Making the update button / autoupdate stuff work
is coming up next.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#9453 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AG7P2BRW3NUQOGJ4EJ57IDLPQUY7LANCNFSM4HFYEUHQ>
.
|
turt2live
changed the title
|
Still getting GPG key issues with the PPA, I'm not really finding the steps people are need to take that were previously using the PPA before the breach. Seems like a bit of a shortcoming to know which steps to follow that are trusted. Please advise. |
|
#6470 (comment) might give some hints, although tbh I'm not sure about this universe. |
@BloodyIron what issues are you getting at using instructions at https://riot.im/download/desktop/ ? Debian / Ubuntu repo:
|
|
This should be fixed now right? |
|
seems like it |
On hte riot website, I click on this icon and it shows me this.
Any idea how do I get the desktop version?
The text was updated successfully, but these errors were encountered: