Re: [Tails-dev] Custominzing for out-of-the-bix use

このメッセージを削除

このメッセージに返信
著者: Marco Calamari
日付:  
To: The Tails public development discussion list
題目: Re: [Tails-dev] Custominzing for out-of-the-bix use
On Sun, 2013-06-30 at 12:54 +0200, intrigeri wrote:
> Hi Marco & all,
>
> Marco Calamari wrote (27 Jun 2013 05:01:25 GMT) :
> > We are interested to make preloaded usb keys for use of Globaleaks
> > application for whisteblowers thru Tails.
>
> I'm glad I read this :)
>
> > We simply need to autoconnect to a secure web application in an
> > automated fashion, using an https link or directly the .onion,
> > not using the default startup page
>
> The default startup page is here to convey important news about the
> Tails project, that we feel to users need to read. So, you probably
> need to find another way to convey this information to users, once
> you've replaced the default browser homepage. Maybe this alternative
> way could be shared between regular Tails and your fork, by the way :)


Yes, doing rebuild is one of the direction in wice we are moving,
but a simple persistent customization of the main release via
persistence has different purposes.

Like a sport car to have fun, fast but that need a lot of care, respect
a 20 years old lifeboat, found JIT when the ship sunk.

> > I try to use persistence to make some trivial changes to the login
> > process:
> > 1) change login page URL for the autostarted iceweasel (important)
>
> We set the homepage URL depending on the chosen locale with a custom
> Firefox extension
> (/etc/iceweasel/profile/extensions/branding@???/) that's
> copied to ~/.mozilla/firefox/default/extensions/ at boot time.
>
> Note that this implementation path may not work in the future:
> conflicts might arise once Torbutton uses something similar itself, so
> we might have to revisit this.
>
> > 2) change desktop background (useful)
>
> That's a GConf key. See how the NetworkManager persistent connections
> preset works (it makes
> /home/amnesia/.gconf/system/networking/connections persistent +
> there's a hack in live-persist to make it work)
>
> > 3) adding desktop icon for further documentation (nice-to-have)
>
> Simply making ~/Desktop/ persistent may work.
>
> However, it's likely that Tails based on Wheezy does not ship with
> anything like a Desktop anymore (GNOME3 classic mode defaults), so
> perhaps you instead want to anticipate this move, and find a better
> long-term entry point for your additional doc? Good news is that the
> existing link to Tails documentation can probably use the same path,
> so your efforts will help Tails!


Glad to know this. Hope to have a finished work soon.

> > I know (but not where to find instruction) that with a rebuild
> > I can make changes and prepare a customized version of Tails,
>
> https://tails.boum.org/contribute/build/
>
> > but I woul prefere a lot to stick with the official version
> > using persistence to do that
>
> I'm curious how you intend to ship the Tails + persistence stack to
> users. Will they share a common persistent volume encryption key?


Yes, we of course already considered this issue.

Worst, we plan to give preinstalled persistent USB keys with a
predefined password for persistence equal for all copies.

We'll give instruction to change it immediately (and how to do this)
and to reinitialize the encrypted partition (why and how to do this)

But target are totally non technical users that normally goes abroad
in Internet Cafe' and use Gmail .... a weak solution is far, far better
than current situation, and has a simple and straightforward path for
hardening.

But I'm aware that this is an highly controversial issue.

Thanks for you help, understanding & support.

BTW, are Tails-related event planned during OHM2013?

Thanks. Marco

--
Marco A.Calamari - Board Member
marco.calamari@??? +39.347.8530279

HERMES - Center for Transparency and Digital Human Rights
Not for Profit association - Via Aretusa 34, IT-20129 Milan, Italy
t. +39-02-87186005 (voicemail) f. +39-02-87162573
TaxCode: IT-97621810155 | EuropeAid: IT-2012-AOD-0806909254 w.
http://logioshermes.org | m. info@???