Re: [Tails-dev] HTML prototype for new download page

Nachricht löschen

Nachricht beantworten
Autor: anonym
Datum:  
To: Uzair Farooq, sajolida
CC: Muhammad Usman Subhani, The Tails public development discussion list
Betreff: Re: [Tails-dev] HTML prototype for new download page
Uzair Farooq:
> Hey,
>
>> How long does it take to get a successful result of the verification
>> extension on your machine?
>
> It took half an hour for us. We haven't processed such large SHA files
> previously so I wasn't aware that it could take this long. Again, the
> problem here is that the javascript implementation of the SHA algo is not
> that efficient enough. We can try some other SHA libraries but I don't
> expect they will make a considerable difference.


Looking at this benchmark:

    https://github.com/brillout/test-javascript-hash-implementations


I can see a >10x speed difference between different implementations, so I think it's worth looking into this, so let's hope you picked a comparatively slow library. :)

Regarding the time it takes to do the computation:

- 30 minutes is just too long to expect our users to wait (in addition to the download), to the point where I think we'd decide to drop the whole extension idea. :/
- Ideally calculating the checksum should take less than 1 minute.
- If we can't get that fast, we might have to add a progress bar to the computation: we can't expect people to wait several minutes without any indication on how long the whole process will take. With a progress bar maybe up to 5? 10? minutes maximum would be acceptable.

So, can you please look at the top candidates among those implementations and report back your measurements? Of course, we're only interested in "streaming" variants, that can calculate the digest chunk-by-chunk, so not the whole ISO image has to be read into RAM at the same time.

>> So do you confirm that we won't be able to do certificate pining in the
>> new extension?
>
> Yeah, unfortunately not possible with webextensions.


That's unfortunate, but not catastrophic (users visit our web page without certificate pinning involved). We'll discuss internally what to do about this (if anything) but for now let focus on solving the issue around hashing first as it's a critical one.

Cheers!