[Tails-dev] Hacking Team looking at Tails

Mon, 22 Feb 2016 09:33:03 -0800 

Hi,



Austin English:
filed https://labs.riseup.net/code/issues/11137




This is a very challenging problem.  There are two cases that come to 
mind.



1. The device may become compromised before becoming a Tails device.  In 
this case, the files/partitions are either hidden or protected and are 
not removed during reformatting.


This is best addressed during the creation of a new Tails device.


2. The device may become compromised after becoming a Tails device.  In 
this case, the files/partitions, which may be hidden or protected, are 
not removed after shutdown.



This is best addressed during either the startup or shutdown processes 
of a living Tails device.




sajolida:
not about detecting malware but about training
users .. good practices




So, detecting/educating *that* but not *what*.  This seems reasonable, 
as *what* would need blacklists, trust models, and so on.



Also, given the actual (intended/expected) function of the hidden 
attribute files, e.g., preserving user settings, it seems that there are 
no benefits of having these, or any other, files on a Tails device.




Don't plug your Tails in an untrusted OS



I do not think this is an achievable model to promote because:

- Trust is like STDIN; can be anything to anyone.


- There seem to be no machines or systems that can have the guarantee 
that is referred to when we say 'Trust'.




reinstalling is the only solution .. installing
from the same untrusted OS really won't be.



And educating (:

How can Tails:

- Inform of this device protection feature and what it does?

- Detect the existence of unwanted files.


- Disclose what the files are and where they were located in the file 
system?



- Provide a resolution to remove the files and restore the devices 
integrity.



- Guarantee the files removed are now gone and will not come back, or 
recommend a behavior model that will limit the possibility of files 
(re)appearing?




Austin English:
help for the ux portion




I would be more than happy to put the files together or think through 
this some more.  Feel free to send anything my way; can be as rough or 
polished as you got it.




if detected, have the greeter pop up some big red
warning box.



This warning could replace the greeter.

This warning might want to be ignored.



discussed on tails-ux



Copied for migration if needed.

Wordlife,
Spencer



_______________________________________________
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.




























					Reply via email to