Re: [Tails-dev] Tails-like system for tablets

Supprimer ce message

Répondre à ce message
Auteur: Jeff Burdges
Date:  
À: The Tails public development discussion list
Sujet: Re: [Tails-dev] Tails-like system for tablets

On 11 Apr 2015, at 20:55, Peter N. Glaskowsky <pglaskowsky@???> wrote:
>> Afaik, there are four candidate mobile Linux distributions : Ubuntu Touch, Sailfish OS, Android/Replicant, and maybe FireFox OS. I suppose iptables could be used to restrict internet access to specific users on any of them, but that’s only the beginning.
>
> I’m not even sure user identity is something we need to keep track of. There isn’t multi-user support in Android or iOS as usually implemented. We could do something clever like check a Persistence password against multiple Persistence partitions to see if it matches any of them, I suppose.


s/users/uids/

I just meant to restrict network access to uids distinct from the uid used by the user’s software, like debian-tor, etc.

> Tails doesn’t yet have boot-time touchscreen support, and there are some other issues to be worked through, but I haven’t seen any show stoppers. Most of this work has already been done on other distributions and shouldn’t be too difficult to bring into Tails.
>
> So in summary I think Tails is already 98% ready to be a mobile OS like the ones you mentioned, and once ready, it would deliver a uniquely valuable user experience that would attract a much larger audience than it does today.


Is there a touch based web browser that can be secured?

TBB is based on the desktop FireFox. Afaik efforts to bring the TBB changes to mobile FireFox remain somewhat limited : https://guardianproject.info/apps/firefoxprivacy/ And mobile FireFox is an Android application anyways. Orweb is an Android application that may or may not be as secure as TBB.

Ubuntu Touch’s browser is based on the mobile version of Chrome. At least on the desktop, Chrome extensions "do not actually have any security guarantees beyond that which they can get through asynchronous DOM manipulation” and Chrome has “magical ‘special' urls and types of requests that currently are exempt from extension notification or control.” https://blog.torproject.org/blog/google-chrome-incognito-mode-tor-and-fingerprinting

Interestingly Sailfish’s browser is actually based on Gecko :
https://github.com/sailfishos/sailfish-browser
http://blog.idempotent.info/posts/whats-behind-sailfish-browser.html

I’d missed that previously, well I kinda stopped reading about Sailfish since it lacks AppArmor, SELinux, sandboxing, etc. Just a guess but, it’s probably easiest to port the TBB extensions HTTPS Everywhere, NoScript, and Torbutton to Sailfish’s browser. Sailfish can run Androd apps like Orweb too, btw.

Jeff