Re: [Tails-dev] Tails: pcmcia / firewire / etc.

このメッセージを削除

このメッセージに返信
著者: Ague Mill
日付:  
To: The Tails public development discussion list
題目: Re: [Tails-dev] Tails: pcmcia / firewire / etc.
On Fri, Oct 12, 2012 at 06:15:07PM -0700, Steve Weis wrote:
> Hi. I booted Tails' latest release and was able to scrape memory contents
> via FireWire. All the necessary firewire modules are enabled by default and
> Inception worked out of the box. This would let someone root a machine
> through, say, a daisy chained thunderbolt monitor.
>
> I'd either remove support from the kernel, blacklist the modules in
> modprobe, or disable support with a boot param.


We can't just do that. Tails is also meant to be a safe environment to
produce sensitive documents. Being able to retrieve a video from a DV
camera, edit it and send it online is a use case Tails should support.

From the recent discussions regarding ExpressCards and the likes, it
looks like we are moving to a common pattern of "you have 5 minutes to
plug things on those ports that can be dangerous, otherwise, they will
be disabled". This should work for FireWire too, even if it feels more
cumbersome to me than for an expansion card.

--
Ague