torbrowser signature verification fails - a glitch or an "attack"?
It's not an attack, just an outdated key.
There's a issue report on this matter over at the GitHub repository.
A workaround reported there, which works for some systems if not all, is to run:
gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir/" --refresh-keys --keyserver pgp.mit.edu
before torbrowser-launcher
. Then it works. It's quite possible that what Kusalananda suggested would also work, but I can't check that unless I undo the key update.
When I download the the signature and the compressed archive, fetch the key from a keyserver, and verify the signature:
$ gpg2 --recv-key D1483FA6C3C07136
gpg: key 4E2C6E8793298290: public key "Tor Browser Developers (signing key) <[email protected]>" imported
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: Total number processed: 1
gpg: imported: 1
$ gpg2 --verify tor-browser-linux64-6.5_en-US.tar.xz.asc
gpg: assuming signed data in 'tor-browser-linux64-6.5_en-US.tar.xz'
gpg: Signature made Tue Jan 24 15:42:49 2017 CET
gpg: using RSA key D1483FA6C3C07136
gpg: Good signature from "Tor Browser Developers (signing key) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
Subkey fingerprint: A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136
So, the signature is good. I suggest that you try again, or investigate if this is the same issue as reported in the Tor Browser issue tracker (issue 263).
How did I know what key to verify with?
I first ran the verification without fetching any key and got:
gpg: assuming signed data in 'tor-browser-linux64-6.5_en-US.tar.xz'
gpg: Signature made Tue Jan 24 15:42:49 2017 CET
gpg: using RSA key D1483FA6C3C07136
gpg: Can't check signature: No public key
Then I checked D1483FA6C3C07136
against the key IDs listed on the Tor project's site and found that it was indeed the correct key: https://www.torproject.org/docs/signing-keys.html.en
This is, I believe, as close as I can get to knowing that the archive wasn't tampered with without meeting the developers face to face and having them personally hand me a USB stick with the software.