Hi!

On 22.03.19 02:24, Daniel Kahn Gillmor wrote:

> Is the concern that it's too expensive to maintain both the extension
> and the javascript going forward?

Ideally we'd only maintain one of those, but I think your idea is good:
if we could increase verification by having an internal mechanism, this
would be an improvement. However, the question remains: what happens if
an attacker controls the website?

> If the expense of maintaining the extension is too much, i wonder
> whether image verification is the ultimate concern at all.  For example,
> should we be considering other approaches like external, spot-checked
> download verification with monitoring and reporting, as some measure of
> resilience against non-targeted attack? (maybe this is already in place
> and i just don't know about it)

I'm not quite sure what you mean but we regularly and automatically
check that all the mirrors serve correct images ({IMG, ISO} + SIG are
checked), independently of the individual verification that users should
do when downloading an image. But there might be a delay with us
reacting to this if a mirror is compromised.

Cheers!
u.
_______________________________________________
Tails-dev mailing list
Tails-dev@boum.org
https://www.autistici.org/mailman/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Reply via email to