Re: [Tails-dev] Why Tails partition is non-deterministic?

Delete this message

Reply to this message
Autore: sajolida
Data:  
To: The Tails public development discussion list, Joanna Rutkowska
Oggetto: Re: [Tails-dev] Why Tails partition is non-deterministic?
bertagaz:
> [ Ignoring some kind of private answer sent here although it doesn't
> belong to this list. ]
>
> On Mon, Aug 08, 2016 at 09:32:17PM +0200, Joanna Rutkowska wrote:
>> Is there any special reason why the partition where Tails installs itself is
>> non-deterministic? It is thanks to differing timestamps on the filesystem.
>>
>> This posses a problem for a prudent user who would like to be able to verify
>> Tails integrity, e.g. by typing:
>>
>> dd if=/dev/sda1 | sha1sum
>>
>> This might be especially useful if one uses the stick on various computers and
>> would like to verify if her USB stick holding Tails installs hasn't been
>> modified (e.g. by a malicious BIOS). Yes, I'm aware that the first sector of the
>> disk (/dev/sda) would still differ thanks to different partition sizes.
>
> Good question. Did you try and found out that only timestamps were
> different? If it is, good news, means it may not be so hard to fix.
> Would be nice if you could post your data on our bug tracker
> (https://labs.riseup.net/code/projects/tails).
>
> So far we've been focusing on tails-verifier (ticket #7496, waiting for
> review...) for people to check their install, so I don't remember if we
> explored this.


Exactly. The technicalities of this are way over my head but I think
that segfault <segfault@???> already investigated all of this
while working on Tails Verifier [1] so he should be the one to talk to.

But if I remember correctly, he's super busy with other things right now
so maybe don't expect a quick answer (in the meantime, looking at the
code might help).

[1]: https://labs.riseup.net/code/issues/7496