[Tails-dev] Next Low hanging fruit session tomorrow!

[Emma Peel]

Ey there!

Tomorrow at 19 UTC we have our monthly Low Hanging Fruit session.


 Friday, September 12, on #tails-dev
 (indymedia.org/h7gf2ha3hefoj5ls.onion) at 19:00 UTC (21:00 CEST)


The idea is to spend a while together on many small tasks that take
less than 2 hours each.

Not only these sessions are very useful to make Tails better, but we
were happy to see new people join these parties recently. We hope to
see even more of that in the future: these sessions are great times to
start contributing to Tails!

For newcomers, the list of easy tickets should be a great place to
start: https://tails.boum.org/contribute/easy_tasks/

See you there tomorrow!

ps: No kittens have been wrongfully used to make a point on this
announcement. Oh, wait...
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

[Tails-dev] Metadata Anonymisation Toolkit Warning in TAILS 1.1.1

[Carribbean Rob]

Hi,

I'm using Tails 1.1.1 and I've been trying to use the Metadata 
Anonymisation Toolkit (both mat from the command line and mat-gui) to 
clean some image files but I am getting a warning message when the 
cleaning occurs.


The warning I get is:
Warning: Sorry, adobe is not writable

Has anyone else come across this and managed to find a solution? The 
program appears to remove the metadata from the file but it doesn't 
create a backup by default like it used to in Tails 1.0. Running 'mat -b 
filename' from the command line seems to work though.


Also, is the MAT application supposed to be removed from the 
Applications-Accessories menu? I haven't seem it since the upgrade to 
Debian 7.


Thanks
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] calendar

[BitingBird]

The calendar doesn't give the next low-hanging fruits sessions and
contributors meetings. Since we decided to have fixed dates, this should
maybe be written at the top or the bottom of the page ?

https://tails.boum.org/contribute/calendar/

low-hanging fruits sessions every 12th of the month
contributors meetings every third day of the month on #tails-dev at 9pm
CEST or CET (7pm or 8pm UTC).

Every Tails contributor is welcome to attend.
https://tails.boum.org/contribute/meetings/

Cheers,

 BitingBird
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

[Tails-dev] Secure way to set time using Hidden Service descriptors

[bancfc]

The current secure timesyncing solution has some serious implications 
for security because they rely on an untrusted model using clearnet 
servers. Even though SSL is used, the broken CA model negates its 
protection and the adversary could easily MITM requests and send fake 
replies or potentially exploit the time synchronizer process running on 
the system.


To overcome this, here is a suggestion for a reassessment of the tordate 
approach, to overcome the problems mentioned above and the shortcomings.


Use of Hidden Service descriptors to obtain more accurate time:

There are some problems with using Directory Authority consensus data, 
the only one IMO is the fuzzy window of three hours which makes it 
harder to set a realistic time.


My proposal is to have a time synchronizer daemon query the DHT for 
specific Hidden Service descriptors from the HSDir Authorities without 
actually connecting to them and calculate a more finegrained time to 
set. Here is why i think its a good idea:


* Descriptors contain a timestamp field which shows the time they are 
generated. Time reported is number of microseconds since 1970.
* Descriptors are signed by the HS and cannot be spoofed by the 
HSDirAuth.

* Descriptors are refreshed hourly. [1]
* A malicious HS that want to fool our time check has to go out of its 
way and forge the timestamp in its descriptor. If they are doing this by 
just running with a wrong clock, they will make themselves inaccessible.

* According to rend-spec, the damage is much limited (only and 18 hour
window) before HSDir Authorities reject these forgeries. [2]
* There does exist stable, available and friendly HS besides the TPO one 
that was taken down. The only addresses that will be used are those of 
trusted organizations that will not carry out the forging attacks 
described above. These will be Whistleblowing and Freedom friendly 
sites. Some suggestions: Wikileaks, RiseUp (each service they provide 
has a unique HS address assigned), TheNewyorker's SecureDrop service and 
probably more.

* The way to go about this is to fetch descriptors without connecting.
* The timestamps will be averaged to get a more accurate reading.

A high time resolution is possible, we can pinpoint within that one hour 
range the probable time because each server was started at a different 
time than the other so it uploads its descriptor at asynchronously.


With 1400 HSAuth Dirs on the network, I don't think there will be much 
of a load problem.




Problems and solutions:

Couldn't the consensus data be replayed?

Not possible if forcing Tor to depend only on verified consensus data. 
Tor doesn't depend on CAs and SSL is safe from cryptanalysis meaning no 
MITM attack is possible when communication with DirAuths



But what if a bridge feeds the client a stale consensus?

We have come up with a technique to check against this very kind of 
attack. In short, it involves fetching consensus data through the Tor 
bridge connection and cross referencing it with what the bridge gave us. 
If its off, the user will be warned and the stale data will be replaced 
by the fresh set. Then after Tor connects the time is further adjusted 
using HS descriptors.



Won't this give off a fingeprintable network pattern when Tor restarts 
after a failed connection because the fresh consensus hadn't been 
fetched?


There is no reason to believe that these actions are different from any 
Tor that is used in common setups. If someone suspends their machine and 
Tor is running, there will be TCP connections are frozen in the middle. 
And by the time they continue after a resume, the other side will 
receive unexpected packets and reject them. (It thought the other side 
timed out, now suddenly a closed connection wants to continue as if 
nothing happened.) Freezing a TAILS session should result in the same 
situation as freezing TBB on any other supported host.




[1] http://donncha.is/2013/05/trawling-tor-hidden-services/
[2] 
https://gitweb.torproject.org/torspec.git?a=blob_plain;hb=HEAD;f=rend-spec.txt


___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Metadata Anonymisation Toolkit Warning in TAILS 1.1.1

[intrigeri]

Carribbean Rob wrote (11 Sep 2014 16:45:15 GMT) :
 The warning I get is:
 Warning: Sorry, adobe is not writable

May you please report this bug to the MAT author? We (as in the Tails
project) are not maintaining it ourselves. Thanks!

 Also, is the MAT application supposed to be removed from the
 Applications-Accessories menu? I haven't seem it since the upgrade to Debian 
 7.

It's now in Applications - System Tools.

Cheers,
-- 
intrigeri
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.