Author: BitingBird Date: To: The Tails public development discussion list Subject: Re: [Tails-dev] modify FAQ language to mention compromised firmware
Michael: > Hi folks,
>
> The current Tails FAQ states that only compromised hardware could render
> a system unsafe to use Tails:
>
> https://tails.boum.org/support/faq/index.en.html#index30h2 >
> This is not true because malicious firmware can render a system unsafe
> to use Tails.
>
> Relevant paper that explicitly mentions this re: Tails:
>
> http://legbacore.com/News_files/HowManyMillionBIOSesWouldYouLikeToInfect_Whitepaper_v1.pdf >
> I would suggest modifying the FAQ language to clarify. One example:
>
> """
> Is it safe to use Tails on a compromised system?
>
> Tails runs independently from the operating system installed on the
> computer. So, if your regular operating system has been compromised by
> malware (virus, trojan, etc.), it may be safe to use Tails on that
> computer.
>
> However, if the firmware of the computer has been compromised, or
> untrusted hardware has been added by someone with physical access to the
> computer, it may not be safe to use Tails.
> """
>
> Thanks,
> Michael