Hi,
alan@??? wrote (20 Dec 2010 22:10:24 GMT) :
> Just a few comments, even thought I don't know everything about
> Tails' internals.
Thank you for such valuable input.
> 1. First, about what you call the « post-mortem analysis ». I like the
> term but I want to know whether it is a canonical term for security
> experts or something that might need a bit more explanation.
I think the keyword here is forensics. Could go instead of analysis.
> Then, apart from the threat model, the document is not very explicit
> about this issue. There might not be much to say but I think that it
> should at least be mentioned in the requirements, part 2 :
> - What is required for a PELD to prevent from post-mortem analysis?
> - How do we think this should be provided?
I agree, we should improve this.
> Again in part 3, while presenting the implementation we should explain
> more about what Tails does to achieve that. There is a paragraph on
> host system RAM but I guess we can find more to explain, like :
> - I could imagine that some LiveDistros detect the swap areas and use
> them. Do we ? ;)
Hints to the one who will write this part:
- not using live-boot's swapon option
- config/chroot_local-hooks/03-noswap
- config/chroot_local-hooks/05-disable_swapon
> - I could imagine that some LiveDistros read the disks and possibly
> mount the available partitions automatically. Same thing.
Hints to the one who will write this part:
- grep nopersistent config/amnesia
- probably a few GConf settings in
config/chroot_local-includes/usr/share/amnesia/gconf/
> - I wonder how Tails addresses the requirements in 2.1.2, for example
> this one : « The usage of encrypted removable storage devices (such
> as USB sticks) should be encouraged. »
> I think this whole post-mortem analysis thingie is the real difference
> to put forward while talking to the Tor people ; bringing their privacy
> concerns further than just the Internet connection. You can be a Tor
> freak and get the same Tor configuration as Tails on your own system
> but you won't get the same post-mortem analysis protection.
I agree, we should insist a bit on this topic.
> 2. In 3.2.3, there is :
> - [cryptsetup](http://code.google.com/p/cryptsetup/) ensures storage
> encryption using [LUKS](http://en.wikipedia.org/wiki/LUKS)
> Should we rather say 'offers' instead of 'ensures'.
Agreed.
> Is Tails using LUKS if not asked to do so ?
It is not.
Bye,
--
intrigeri <intrigeri@???>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr-fingerprint.asc
| Who wants a world in which the guarantee that we shall not
| die of starvation would entail the risk of dying of boredom ?