[Tails-ux] Hacking Team looking at Tails

Delete this message

Reply to this message
Author: Spencer
Date:  
To: tails-dev
CC: tails-ux
Subject: [Tails-ux] Hacking Team looking at Tails
Hi,

>>>
>>> Austin English:
>>> filed https://labs.riseup.net/code/issues/11137
>>>


This is a very challenging problem. There are two cases that come to
mind.

1. The device may become compromised before becoming a Tails device. In
this case, the files/partitions are either hidden or protected and are
not removed during reformatting.

This is best addressed during the creation of a new Tails device.

2. The device may become compromised after becoming a Tails device. In
this case, the files/partitions, which may be hidden or protected, are
not removed after shutdown.

This is best addressed during either the startup or shutdown processes
of a living Tails device.

>>
>> sajolida:
>> not about detecting malware but about training
>> users .. good practices
>>


So, detecting/educating *that* but not *what*. This seems reasonable,
as *what* would need blacklists, trust models, and so on.

Also, given the actual (intended/expected) function of the hidden
attribute files, e.g., preserving user settings, it seems that there are
no benefits of having these, or any other, files on a Tails device.

>>
>> Don't plug your Tails in an untrusted OS
>>


I do not think this is an achievable model to promote because:

- Trust is like STDIN; can be anything to anyone.

- There seem to be no machines or systems that can have the guarantee
that is referred to when we say 'Trust'.

>>
>> reinstalling is the only solution .. installing
>> from the same untrusted OS really won't be.
>>


And educating (:

How can Tails:

- Inform of this device protection feature and what it does?

- Detect the existence of unwanted files.

- Disclose what the files are and where they were located in the file
system?

- Provide a resolution to remove the files and restore the devices
integrity.

- Guarantee the files removed are now gone and will not come back, or
recommend a behavior model that will limit the possibility of files
(re)appearing?

>
> Austin English:
> help for the ux portion
>


I would be more than happy to put the files together or think through
this some more. Feel free to send anything my way; can be as rough or
polished as you got it.

>
> if detected, have the greeter pop up some big red
> warning box.
>


This warning could replace the greeter.

This warning might want to be ignored.

>
> discussed on tails-ux
>


Copied for migration if needed.

Wordlife,
Spencer