Hi,


Austin English:
filed https://labs.riseup.net/code/issues/11137


This is a very challenging problem. There are two cases that come to mind.

1. The device may become compromised before becoming a Tails device. In this case, the files/partitions are either hidden or protected and are not removed during reformatting.

This is best addressed during the creation of a new Tails device.

2. The device may become compromised after becoming a Tails device. In this case, the files/partitions, which may be hidden or protected, are not removed after shutdown.

This is best addressed during either the startup or shutdown processes of a living Tails device.


sajolida:
not about detecting malware but about training
users .. good practices


So, detecting/educating *that* but not *what*. This seems reasonable, as *what* would need blacklists, trust models, and so on.

Also, given the actual (intended/expected) function of the hidden attribute files, e.g., preserving user settings, it seems that there are no benefits of having these, or any other, files on a Tails device.


Don't plug your Tails in an untrusted OS


I do not think this is an achievable model to promote because:

- Trust is like STDIN; can be anything to anyone.

- There seem to be no machines or systems that can have the guarantee that is referred to when we say 'Trust'.


reinstalling is the only solution .. installing
from the same untrusted OS really won't be.


And educating (:

How can Tails:

- Inform of this device protection feature and what it does?

- Detect the existence of unwanted files.

- Disclose what the files are and where they were located in the file system?

- Provide a resolution to remove the files and restore the devices integrity.

- Guarantee the files removed are now gone and will not come back, or recommend a behavior model that will limit the possibility of files (re)appearing?


Austin English:
help for the ux portion


I would be more than happy to put the files together or think through this some more. Feel free to send anything my way; can be as rough or polished as you got it.


if detected, have the greeter pop up some big red
warning box.


This warning could replace the greeter.

This warning might want to be ignored.


discussed on tails-ux


Copied for migration if needed.

Wordlife,
Spencer



_______________________________________________
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Reply via email to