Hi, intrigeri: [snip] > Michael English wrote (16 Mar 2016 00:22:11 GMT) : [snip] > > This last sentence is only true in face of a very small class of > adversaries, given Tails threat model. Against a much bigger class of > adversaries, Tails is still very useful, even when run on > insecure hardware.
I tend to agree. We should hope and stay optimisitic to be able to maintain and protect the security of our hardware. Even though things are far from perfect, it's not useless (but we have to be aware of the limitations and we have to explain them to the users). The problem is that we're too slow: the companies create much more proprietary software/firmware and undocumented hardware than the Free SW/HW Community can reverse, reimplement, and audit :( [snip] > In particular, I want us to go on being as inclusive as we reasonably > can wrt. those who cannot (economically) afford purchasing secure > hardware, or who cannot (technically) configure secure hardware. I agree. Also @Michael: For these reasons, Tails itself ships proprietary software. This is not good and obviously a tradeoff between usability and security. Still, it would be great if this could be replaced with free software alternatives (not only for us, but also for upstream). [snip] >> There are >> two options to get a Libreboot X200. First, one can buy a refurbished >> Lenovo ThinkPad X200 from a electronics store like Newegg in the United >> States. (I assume that there is a European equivalent.) Then, he or she >> can follow the relatively easy-to-understand instructions on the >> Libreboot website for installing the BIOS >> https://libreboot.org/docs/hcl/x200.html and removing the ME >> https://libreboot.org/docs/hcl/gm45_remove_me.html . > > I've tried to follow these instructions and they lead me to > https://libreboot.org/docs/install/x200_external.html, that IMO is > arguably waaaay too hard technically, and requires waaaay too much > time, for the huge majority of our target user base. There is also (background) information about BIOSes and firmware from The Centre for Investigative Journalism in a quite readable language: http://www.tcij.org/resources/handbooks/infosec/chapter-1-protecting-system (CTRL-F "High risk:") They recommend laptops no later than the IBM ThinkPad X60/X60s due to Intel AMT. [snip] ~flapflap
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.