Spencer:
> >Sure. Although that would work just as well if we would save these
> >settings for each network instead.
> >
> >But if we do this per network (maybe in a not-so-distant future), we
> >shouldn't offer the possibility to save the settings globally.
> >
>
> The 'Save Privacy Settings' check box really functions to preserve the
> settings in the "Check & Go" dialog, which was a big driver for our current
> design and currently risks exclusion if we can't resolve this section.
>
> Saving network configuration would need to be done in the 'Network
> Configuration' dialog and I am unsure of how involved configuration at the
> Greeter will be; it could be the same dialog, or a focused summary.
On a technical level, it might be best to leave the actual network
configuration after the session is loaded (so we are done with the
greeter). That's because if the users want to have guarantee they are
offline, we can enforce this quite strongly at the kernel level.
I also think that disabling automatic network probes—for people who
needs to hide that they are using Tor as much as possible—should be done
at the greeter. Because in the default case, we want to configure as
much as possible automatically. If a network cable is plugged on the
computer, negociating an IP address and starting Tor should happen
without user intervention. And this would happen just after the “Start
Tails” button in the greeter.
> If we are to support saving multiple setting configurations, what are the
> security issues, if any?
Could you be more specific? Are you talking about my proposal to
record settings that were made for a given network?
> >Basically this would add more confirmation screens before probing the
> >network. Because trying to connect to the Tor network directly might
> >trigger alarm, so we need to offer a possibility to use bridges and
> >pluggable transports as first choice.
> >
>
> This seems quite involved. I am proposing *only* activating network
> connections at the Greeter, leaving other choices for further down in the
> flow, as it is unclear what difference selecting "bridge, firewall, or
> proxy" makes at the Greeter - though I have explored this, too.
Network configuration currently goes after the greeter as we are
designing it. Ideally, it would be improved by having something more
guided and integrated (see the other thread about this) but it was still
thought as a separate step.
> Qubes-whonix is often a recommendation when people are looking to hide their
> usage of Tor, so I (jokingly) made the same here :)
They have the same problem than Tails here (and also the Tor Browser for
what it's worth): how do you make things as automatic as they can be for
people who can afford it while not harming those who need to be extra
cautious?
--
Lunar <lunar@???>
