Hi,
I believe we're telling users about some security benefits of booting
Tails from a DVD (as opposed to from a USB stick), but apparently
there are some drawbacks too. Perhaps we need to adjust our
doc accordingly?
On Wed, 22 Jul 2015 08:59:43 -0700
Apple Apple <djjdjdjdjdjdjd32@???> wrote:
> On 22 Jul 2015 13:22, "Jacob Appelbaum" <jacob@???> wrote:
> > DVD drives are programmable computers until we find evidence
> > suggesting the opposite.
>
> And USB host controllers?
DVD drives really are; see for example [1] for information about DVD-RW
firmware modding and reflashing for NEC drives. Same as HDDs or SSDs.
USB host controllers by themselves are not known to have any reprogrammable
code, they are much simpler. If it's integrated into the motherboard, you will
just need to ensure it uses a free BIOS such as Coreboot.
However I have to wonder on what is your threat scenario that you cannot trust
a random anonymously bought off-the-shelf DVD drive. If the bootable OS
verifies signatures of files it loads from the disk, then it'd have to do a
rather sophisticated and specifically targeted for that OS "evil maid" attack.
[1]
http://liggydee.cdfreaks.com/page/en/FAQ/
--
With respect,
Roman
--
tor-talk mailing list - tor-talk@???
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
--
intrigeri