Re: [Tails-dev] [review'n'merge:website advisory]
emmapeel wrote (13 May 2015 07:58:18 GMT) : the link to the tor advisory (the last) should be https://www.debian.org/security/2015/dsa-3216 instead of https://www.debian.org/security/2015/dsa-3246 patch attached! merged, thanks! ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] overlay support in bilibop
Hi, quidame wrote (09 May 2015 22:57:33 GMT) : On 07/05/2015 13:44, intrigeri wrote: May you please also provide a patch that applies on top of bilibop 0.4.23? I need to build a Tails/Jessie ISO with a newer kernel (that only supports overlayfs). 'git diff debian/0.4.23..451b58ad17c4ea4a lib/bilibop/common.sh' builds the attached patch. Thanks! /me feels stupid -- I should have thought of it myself :) Tested, works for basic usage at least. Any news on this front? Things work pretty good, and will probably be packaged next week. Yay! That's good news, given that Linux 4.0 packages (that replace aufs with overlayfs) are now in Debian unstable. Cheers, -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] VeraCrypt
sajolida wrote (13 May 2015 10:34:39 GMT) : intrigeri: https://tails.boum.org/blueprint/replace_truecrypt/ Says Due to various concerns, TrueCrypt is about to be replaced in Tails, either by tcplay or cryptsetup. Shall we delete that blueprint now that #5373 is solved? Thanks! I've added a warning on that blueprint. I'd like to keep it around as it has potentially useful historical information. ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] VeraCrypt
Marco Polo: I see you are looking at tcplay to replace TrueCrypt because it supports TC with additional functionality. I think it's a good idea. How do I add VeraCrypt to the list of candidates? VC is a direct upgrade of TC, completely backward compatible with existing TC volumes/containers, can convert them to VC (except encrypted systems), and provides significantly improved encryption algorithms. Since they're all related (TC, VC, tcplay), I bet it wouldn't be too difficult to suport them all - users love choices. And the zuluCrypt gui could handle all 3. Have you considered the use of LUKS - cryptsetup, advised by Tails? https://tails.boum.org/doc/encryption_and_privacy/truecrypt/ signature.asc Description: OpenPGP digital signature ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] overlay support in bilibop
Hi, quidame wrote (09 May 2015 22:57:33 GMT) : On 07/05/2015 13:44, intrigeri wrote: May you please also provide a patch that applies on top of bilibop 0.4.23? I need to build a Tails/Jessie ISO with a newer kernel (that only supports overlayfs). 'git diff debian/0.4.23..451b58ad17c4ea4a lib/bilibop/common.sh' builds the attached patch. Thanks! /me feels stupid -- I should have thought of it myself :) Tested, works for basic usage at least. Any news on this front? Things work pretty good, and will probably be packaged next week. Yay! That's good news, given that Linux 4.0 packages (that replace aufs with overlayfs) are now in Debian unstable. Cheers, -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] VeraCrypt
intrigeri: [please don't Cc me, I read the list.] Marco Polo wrote (13 May 2015 04:42:35 GMT) : I see you are looking at tcplay to replace TrueCrypt because it supports TC with additional functionality. Where did you find this information? It looks pretty much out-of-date to me. intrigeri: https://tails.boum.org/blueprint/replace_truecrypt/ Says Due to various concerns, TrueCrypt is about to be replaced in Tails, either by tcplay or cryptsetup. Shall we delete that blueprint now that #5373 is solved? Marco: We are not considering tcplay to replace TrueCrypt now that we have support to open TrueCrypt volumes in cryptsetup, see https://tails.boum.org/doc/encryption_and_privacy/truecrypt The only thing that we are considering changing regarding the current situation is to provide a graphical way of opening TrueCrypt volumes as an interoperability feature for encrypted data between Tails and other operating systems. See the discussion we had on: https://mailman.boum.org/pipermail/tails-dev/2015-April/008566.html But our conclusion was that we should work on having support to open TrueCrypt volume in the usual stack: cryptsetup udisks Disk Utility. -- sajolida ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] Jenkins build is back to normal : build_Tails_ISO_stable #391
See https://jenkins.tails.boum.org/job/build_Tails_ISO_stable/391/changes ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] Test to see why my emails are held in moderation
Look at the subject :) -- Giorgio Maone https://maone.net ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] Build failed in Jenkins: build_Tails_ISO_experimental #2265
See https://jenkins.tails.boum.org/job/build_Tails_ISO_experimental/2265/ -- [...truncated 3805 lines...] 102 translated messages, 4 fuzzy translations, 5 untranslated messages. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 90 translated messages, 14 fuzzy translations, 7 untranslated messages. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 102 translated messages, 4 fuzzy translations, 5 untranslated messages. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 102 translated messages, 4 fuzzy translations, 5 untranslated messages. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. done. 110 translated messages, 1 untranslated message. ... done. 102 translated messages, 4 fuzzy translations, 5 untranslated messages. . done. 110 translated messages, 1 untranslated message. .. done. 102 translated messages, 4 fuzzy translations, 5 untranslated messages. .. done. 91 translated messages, 13 fuzzy translations, 7 untranslated messages. .. done. 108 translated messages, 2 fuzzy translations, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 102 translated messages, 4 fuzzy translations, 5 untranslated messages. .. done. 91 translated messages, 13 fuzzy translations, 7 untranslated messages. .. done. 102 translated messages, 4 fuzzy translations, 5 untranslated messages. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. .. done. 102 translated messages, 4 fuzzy translations, 5 untranslated messages. .. done. 0 translated messages, 111 untranslated messages. .. done. 110 translated messages, 1 untranslated message. .. done. 110 translated messages, 1 untranslated message. ar: .. done. az: .. done. ca: .. done. cs: .. done. cy: .. done. da: .. done. de: .. done. el: .. done. en_GB: .. done. es: .. done. fa: .. done. fi: .. done. fr: done. fr_CA: .. done. hr_HR: .. done. hu: .. done. id: .. done. it: .. done. ja: .. done. km: .. done. ko: .. done. lv: .. done. nb: .. done. nl: .. done. pl: .. done. pt: .. done. pt_BR: .. done. ru: .. done. sk: .. done. sk_SK: .. done. sl_SI: .. done. sq: .. done. sr: .. done. sv: .. done. tr: .. done. uk: .. done. zh: .. done. zh_CN: .. done. zh_TW: .. done. * Current translation support in tails ar: 102 translated messages, 4 fuzzy translations, 5 untranslated messages. az: 102 translated messages, 4 fuzzy translations, 5 untranslated messages. ca: 110 translated messages, 1 untranslated message. cs: 110 translated messages, 1 untranslated message. cy: 90 translated messages, 14 fuzzy translations, 7 untranslated messages. da: 110 translated messages, 1 untranslated message. de: 110 translated messages, 1 untranslated message. el: 102 translated messages, 4 fuzzy translations, 5 untranslated messages. en_GB: 110 translated messages, 1 untranslated
[Tails-dev] [review'n'merge:website advisory]
Small typo on the security notes, spotted by user, confirmed by me. At https://tails.boum.org/security/Numerous_security_holes_in_1.3.2/index.en.html the link to the tor advisory (the last) should be https://www.debian.org/security/2015/dsa-3216 instead of https://www.debian.org/security/2015/dsa-3246 patch attached! From 49004e80e820eed463433a27cdb64e43742a6ee7 Mon Sep 17 00:00:00 2001 From: Tails developers amne...@boum.org Date: Wed, 13 May 2015 07:51:14 + Subject: [PATCH] tor debian advisory typo --- wiki/src/security/Numerous_security_holes_in_1.3.2.mdwn |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wiki/src/security/Numerous_security_holes_in_1.3.2.mdwn b/wiki/src/security/Numerous_security_holes_in_1.3.2.mdwn index 59fc0f3..a7cb6be 100644 --- a/wiki/src/security/Numerous_security_holes_in_1.3.2.mdwn +++ b/wiki/src/security/Numerous_security_holes_in_1.3.2.mdwn @@ -28,4 +28,4 @@ Details - libxml2: Fixup on [[!cve CVE-2014-3660]] for [[!debsa2014 3057]] - OpenJDK 7: [[!debsa2015 3235]] - ppp: [[!debsa2015 3228]] - - tor: [[!debsa2015 3246]] + - tor: [[!debsa2015 3216]] -- 1.7.10.4 signature.asc Description: OpenPGP digital signature ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] extension specification
On 12/05/2015 18:54, sajolida wrote:
B. It's not the latest version of the extension. This version is
incompatible with the version of the page. We can't go forward or
otherwise stuff won't work:
- How can we detect that? Through a version number in the URL as you
are proposing? Wouldn't a version number in the code of the page be more
simple?
I vote for a version string at a fixed location (div
id=ui-version1.0/div) of the HTML.
Of course, we can keep it user-invisible via CSS (#ui-version { display:
none }).
- Then what do we do once we detected that incompatibility? Redirect
to a compatible version of the page that we're keeping on the website
for backward compatibility?
The extension can detect the incompatibility and ask the user that if
she wants to proceed by upgrading the downloader first ([Upgrade
Downloader] / [Abort]).
On [Upgrade Downloader], the extension forces its own upgrade to be
performed quietly (with no further prompts / warning unless something
goes wrong, e.g. if AMO's SSL certificate is bogus) and goes on with the
download+verify process.
C. It's not the latest version of the extension. This version is
compatible with the version of the page but we did a security upgrade of
the extension and we want to force people to update. In that case, we
need something on the page that says which version of the extension is
expected and asks for an upgrade if it doesn't match. That would be a
different version of slide 3 but to update instead of install.
Same as B above.
Of course all of this is particularly relevant for those who have
automatic add-ons updates disabled, such as Tor Browser users AFAIK.
Regular Firefox users would usually receive the most recent version of
the extension silently and timely through AMO.
--
Giorgio Maone
https://maone.net
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] VeraCrypt
Hi, [please don't Cc me, I read the list.] Marco Polo wrote (13 May 2015 04:42:35 GMT) : I see you are looking at tcplay to replace TrueCrypt because it supports TC with additional functionality. Where did you find this information? It looks pretty much out-of-date to me. How do I add VeraCrypt to the list of candidates? https://tails.boum.org/support/faq/#new_software Cheers, -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
