Re: [Tails-dev] modify FAQ language to mention compromised f…

Delete this message

Reply to this message
Autore: BitingBird
Data:  
To: The Tails public development discussion list
Oggetto: Re: [Tails-dev] modify FAQ language to mention compromised firmware
Michael:
> Hi folks,
>
> The current Tails FAQ states that only compromised hardware could render
> a system unsafe to use Tails:
>
> https://tails.boum.org/support/faq/index.en.html#index30h2
>
> This is not true because malicious firmware can render a system unsafe
> to use Tails.
>
> Relevant paper that explicitly mentions this re: Tails:
>
> http://legbacore.com/News_files/HowManyMillionBIOSesWouldYouLikeToInfect_Whitepaper_v1.pdf
>
> I would suggest modifying the FAQ language to clarify. One example:
>
> """
> Is it safe to use Tails on a compromised system?
>
> Tails runs independently from the operating system installed on the
> computer. So, if your regular operating system has been compromised by
> malware (virus, trojan, etc.), it may be safe to use Tails on that
> computer.
>
> However, if the firmware of the computer has been compromised, or
> untrusted hardware has been added by someone with physical access to the
> computer, it may not be safe to use Tails.
> """
>
> Thanks,
> Michael


Hi!

Thanks for your interest in Tails documentation. This time, however, we
already have work in progress on that :)
https://labs.riseup.net/code/issues/9116

Cheers,

BitingBird