Re: [Tails-dev] ISO verification

This message is part of the following thread:
Mthe complete thread tree sorted by date
MGiorgio Maone at <-
MGiorgio Maone at ->
Delete this message

Reply to this message
Author: intrigeri
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] ISO verification
Hi,

Giorgio Maone wrote (07 Jul 2015 23:24:07 GMT) :
> So, just to be clear, *web pages cannot interfere in any way* with the
> result of the verification performed by the browser add-on, except if
> there are bugs in the add-on itself (very unlikely, since its code is
> gonna be relatively simple and high-level) or in the hosting browser
> (less unlikely, as we know that sh*t happens) .

Thanks a lot for this clarification. Good to know!

For completeness' sake, let me ask another one:

Can a web page (and scripts it may be running) loaded in a given
browser tab interfere in any way with the content of another tab?

(Here, I'm defining "content" as "whatever the user sees". E.g.
detecting that the verification process is ongoing, and displaying
a "Verification successful" overlay or dialog box counts as
interfering in this context: most users won't know that such an
overlay or dialog box has a different origin and shall not
be trusted.)

> This said as an expert of browser technology and web security :)

Yay :)

Cheers,
--
intrigeri

This message was posted to the following mailing lists:
tails-dev
Mailing List Info | Nearby Messages		<-Re: [Tails-dev] ISO verification[Tails-dev] Build failed in Jenkins: build_Tails_ISO_feature-jessie #579->
lists.autistici.org administrated by postmasterLurker (version 2.3)