[Tails-dev] Group Installer - Proposal

Hi,

I've been a Tails user for some years and as part of the final research of my
computer engineering studies I thought I could work on some Tails
functionality I miss sometimes. I've followed recent changes and efforts in
order to make easier the use of Tails and think it maybe useful some
automation of “group installations”. I would like to explain a bit my idea in
order to receive some feedback about it in two aspects:

a) if you consider this could be a useful, viable and secure functionality.
b) if you think it could be part of Tails in some future time.

Depending on the answers I would develop it taking care of possible future
adoption or as an external application or a custom system based in Tails.

I'm aware that a proper threat model should be done but in order to not take
much of your time I've made a brief introduction and scheme for a first
approach. Let me know if more information is needed to evaluate this.

USE CASE:

A group of users needs to create a secure communication system with the
following requirements:

1. Allow synchronous and asynchronous communication.
2. No identity nor location information of accounts can be identified.
3. No content of communication can be observed.
4. The accounts are not intended to be reused in other aspects of their life.
5. Installation and group configuration must be easy to be achieved by standard
users without getting in risk.
6. They are going to meet in person at least once.

POSSIBLE SOLUTION: Group-installer.

The aim of this proposal it's to create a “group installer" function for Tails
which must facilitate the installation on multiple usb devices and the
configuration of persistence volume, email PGP key exchange and OTR chat
between members of the group. At the same time it's intended to promote the
use of identity isolation although it possibly wouldn't be mandatory by
design.

A basic scheme of it's functionality:

1. Ask for number of members.
2. Ask for accounts of a mail and jabber service (riseup.net allows both with
same account).
4. Ask for passphrase.
3. Create key-pairs.
4. Create persistence folders for each user with GPG keyring, Claws and Pidgin
configuration with key exchange, address book and OTR activated.
5. Ask for usb device
6. Clone Tails
7. Create persistence volume
8. Copy persistence folders
9. Iterate from 5 to 8 until all user/devices are created.

TO RESOLVE:

Besides all technical and security issues that this idea involves and the
compatibility or not with some Tails design (p.ex about persistence volume
creation) there are some global questions to resolve:

1. Creation of mail and jabber accounts:
It should be done within a Tails session and just for that group use. Ideally
it would be done automatically by the group-installer but afaik there aren't
trusted providers that implement this so the installer should ask for the
creation of them manually. I've seen onionmail work on this but think it's
preferable the use of well-known mail servers as riseup.net to ensure
persistence of communication system.

2. Passphrase creation (persistence, PGP). Two scenarios:
- They are all going to meet in person once. Installer asks for passphrase for
each user.
- Someone must create all or some Live-Usb for other users that aren't
present: some method for avoiding the impersonation of members by the group
creator should be implemented. The use of a temporary passphrase and ask for
change it at first boot could be a solution. (Maybe if users can't trust group-
creator this scenario doesn't makes sense?)

-------------

Well I hope this is enough to make an idea.

Thanks for your time,

I really appreciate the work you're doing and know Tails development has
priorities, I'm not asking for you to change them and and I'm open to
reconsider my project if some of the work that must be done fits my knowledge
and my university work requirements. I must say that I make this project as a
first in step in getting deeper into sysadmin and programming on Tails / Debian
so don't expect too much from me in this next months ;)

Salute,
noid