@
https://labs.riseup.net/code/issues/9832
@ Explain the security drawbacks of DVD
Greetings, skillful developers of TAILS,
This msg is not intended to solve the issue but contribute to shaping the security of TAILS DVD/USB.
1. sha512sum hashes or better for all fixed files on the system, excluding files like /var/log/* which change. A simple script would do. Include an option/icon in Applications\System Tools for this. Maybe offer the option to 'refresh' the checksum database with a download from TAILS website. Include checksums for updates, too.
2. Tighten up some of the content of sysctl.conf - eliminate source routing and some other naughties (see old but faithful Tiger program and/or Lynis program results and their warnings/suggestions).
3. Paranoid mode: include scripts (like Rook Security have offered) to scan for potential HT/RCS infection. Doubtful, but why not. Include a list of known malicious checksums from various Linux malware, especially newer APT attacks. Similar to the *update* the 'rkhunter' package provides. Who knows, like MAT, this could become another useful standalone tool!
4. @ "A malicious or buggy DVD drive's firmware can modify the Tails system on-the-fly."
There should be some method (apart from the current methods of sum/sig of .ISO) of verifying the install to DVD and/or USB by way of checksums, maybe other integrity methods/tools following the install. Rather than pointing the users to a complex and over their head option of how to verify a burnt DVD including the measurement of slack space, would padding zeros to the end of the DVD offer a better method of post burn verification? Could this also protect against some malicious burner firmware/programs which could alter the data disc in some way on the fly?
5. Offering a standalone program like MAT, but for submitting ELF files to VirusTotal? IIRC I read in the news VT was becoming more supportive of ELF files and wanting more samples.
6. Could there be any tests ran prior to burning the DVD where some type of malware actions could be detected? I don't imagine there is since there's tons of firmware and most of it closed, but some type of *behavior*, maybe by pretending to burn a mini iso to a virtual location and monitoring it for rogue actions - checksum comparison of the file before and after? if something is triggered this could be sent as a log to TAILS.
