Hi, Conor Schaefer: > On 12/14/2017 02:31 AM, sajolida wrote: > Fair points. With the (Tails-based) SecureDrop Journalist Workstation, > we're already shoehorning a lot of persistence into the environment, > which I count as going against the grain of the primary use case of > Tails. For instance, we're setting network-manager hooks to update the > system torrc with hidservauth cookies, so authenticated Onion Services > are accessible in Tor Browser.
> This works! But distributing updates to the various workstations out in > the wild is quite challenging, and currently requires that Admins or > Journalists pull from git, verify a tag, and run a script. A strategy > that supports unattended upgrades would enable us to be more confident > in iterating on the workstation tooling. Interesting! I think the new torrc.d/ directory support would help: you could make that directory persistent and drop files in it. We don't include that directory at the moment (https://bugs.debian.org/866187) but if that's something you need we could source it without waiting for the Debian default torrc to do it (we ship our own torrc anyway). >> - We documented how to configure additional APT repositories: >> >> https://tails.boum.org/doc/advanced_topics/additional_software/ > Great news, and congratulations! Those are some great sources you > shared, thanks. I'd actually been under the impression that we'd need to > get packages into Debian in order for them to be apt-installable, and > having a lower bar that would enable us to ship our own packages (as we > do with the SecureDrop servers) is worth a closer look. Yeah! Please check it out and let us know if there's a reason why it does not work for you. > We've been working on an updated threat model that should be ready for > public consumption in early 2018. The current SecureDrop > architecture—including the multiple Tails devices per instance—was > designed several years ago, and we've learned a lot since then. Having a > more modern threat model will enable us to make informed decisions about > major changes such as trusting hypervisor isolation in place of a > hardware airgap. Where can I read more about this updated threat model? Cheers, -- intrigeri _______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.