Author: intrigeri Date: To: The Tails public development discussion list Subject: Re: [Tails-dev] ISO verification
Hi,
Giorgio Maone wrote (07 Jul 2015 23:24:07 GMT) : > So, just to be clear, *web pages cannot interfere in any way* with the
> result of the verification performed by the browser add-on, except if
> there are bugs in the add-on itself (very unlikely, since its code is
> gonna be relatively simple and high-level) or in the hosting browser
> (less unlikely, as we know that sh*t happens) .
Thanks a lot for this clarification. Good to know!
For completeness' sake, let me ask another one:
Can a web page (and scripts it may be running) loaded in a given
browser tab interfere in any way with the content of another tab?
(Here, I'm defining "content" as "whatever the user sees". E.g.
detecting that the verification process is ongoing, and displaying
a "Verification successful" overlay or dialog box counts as
interfering in this context: most users won't know that such an
overlay or dialog box has a different origin and shall not
be trusted.)
> This said as an expert of browser technology and web security :)