Re: [Tails-dev] Why Tails partition is non-deterministic?

Delete this message

Reply to this message
Autor: bertagaz
Data:  
Dla: The Tails public development discussion list
Temat: Re: [Tails-dev] Why Tails partition is non-deterministic?
Hi,

[ Ignoring some kind of private answer sent here although it doesn't
belong to this list. ]

On Mon, Aug 08, 2016 at 09:32:17PM +0200, Joanna Rutkowska wrote:
> Is there any special reason why the partition where Tails installs itself is
> non-deterministic? It is thanks to differing timestamps on the filesystem.
>
> This posses a problem for a prudent user who would like to be able to verify
> Tails integrity, e.g. by typing:
>
> dd if=/dev/sda1 | sha1sum
>
> This might be especially useful if one uses the stick on various computers and
> would like to verify if her USB stick holding Tails installs hasn't been
> modified (e.g. by a malicious BIOS). Yes, I'm aware that the first sector of the
> disk (/dev/sda) would still differ thanks to different partition sizes.


Good question. Did you try and found out that only timestamps were
different? If it is, good news, means it may not be so hard to fix.
Would be nice if you could post your data on our bug tracker
(https://labs.riseup.net/code/projects/tails).

So far we've been focusing on tails-verifier (ticket #7496, waiting for
review...) for people to check their install, so I don't remember if we
explored this.

Bert.