Re: [Tails-dev] Potential OpSec issue - Identifying Tails Tor vs "other" Tor
On Sun, Jan 03, 2016 at 10:42:43PM -0500, Lee Brotherston wrote: > > * Is this the case with Tails 2.0~beta1 as well? > > I must confess to not having tried that. Downloading now and will let you > know! Just to confirm that Tails 2.0 beta1 "looks" like vanilla Tor from the perspective of the TLS fingerprint: [2016-01-04 00:18:05] Fingerprint Matched: "Tor uplink" TLSv1.2 connection from 192.168.1.16:54012 to 208.83.223.34:80 Servername: "www.63ddcuxsso5bfmh2widefaxs.com" [2016-01-04 00:18:07] Fingerprint Matched: "Tor uplink" TLSv1.2 connection from 192.168.1.16:54013 to 171.25.193.9:80 Servername: "www.3ixixrus.com" [2016-01-04 00:18:09] Fingerprint Matched: "Tor uplink" TLSv1.2 connection from 192.168.1.16:54015 to 167.114.155.249:9001 Servername: "www.zjdfnfuwka.com" ... etc Thanks Lee ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Potential OpSec issue - Identifying Tails Tor vs "other" Tor
On Sun, Jan 03, 2016 at 01:19:13AM +0100, intrigeri wrote: > * What version of Tor Browser is this? It was tails 1.7 running from the LiveCD, so whatever is the default for that. I think Tor Browser 5.0.4 and Tor 0.2.7.4. > * Is this the case with Tails 2.0~beta1 as well? I must confess to not having tried that. Downloading now and will let you know! > I suspect this might have something to do with the oldish distro Tor > Browser is built on: > https://trac.torproject.org/projects/tor/ticket/15578 Ah yes, an older version of Tor could well be to blame. I had, probably incorrectly, assumed that as part of the Tails distro that someone had modified Tor in some way. Thanks Lee ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] Tails Hardware
Hi, Jurre van Bergen: That exists already: http://libreboot.org/docs/install/x200_external.html For other hardware: http://libreboot.org/docs/install/index.html Thank you! Wordlife, Spencer ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] [Tails - Feature #5991] Include BitTorrent software
Hi, str4d: Feel free to email me off-list with any questions you might have :) Word; will do. Wordlife, Spencer ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] How to replace the green onion [was: What do we miss to replace Vidalia]
Hi Alan, intrigeri wrote (01 Jul 2015 12:32:49 GMT) : > Alan wrote (18 Mar 2015 21:20:02 GMT) : >> On Sun, 15 Mar 2015 23:29:55 +0100 >> intrigeri wrote: >>> sajolida wrote (15 Mar 2015 19:46:47 GMT) : >>> >> I'm personally undecided wrt. which one of these two is the best. >>> >>> > Neither am I :) >>> >>> Then I'm all for "those who do the work decide" — in this case, that >>> would be Alan. >>> >> Then there will be a menu I think. > May you (or someone else) please encode this decision (and sum up the > reasoning behind it) in a ticket, so that we don't have to retrieve it > from a lengthy thread in the future? Ping? (FTR, 6 months later: I'll now stop tracking that the outcome of this thread is properly written down somewhere.) Cheers, -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] [review] Adding handbooks to press.mdwn
Hi, please review and merge from elouann / documentation the commits * 9c2c2ce - The booklet by capulcu was updated * 2602858 - Fix link * 406f630 - Adding handbook from TCIJ Thank you, elouann signature.asc Description: OpenPGP digital signature ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] Call for testing new tools and instructions to get started with Tails
Hi, sajolida: DVD drives are disappearing from laptops The external ones don't work very well, either; drivers, updates, and so on; requires quite the intervention. Wordlife, Spencer ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Call for testing new tools and instructions to get started with Tails
Austin English: > On Wed, Dec 23, 2015 at 9:07 AM, sajolida wrote: >> We are aware that the process of getting started with Tails >> (downloading, verifying, installing, starting, and configuring) might be >> the main stumbling block for its wider adoption. >> >> Over 2015, we have worked very hard to make this process easier and >> today we are happy to release a first beta version of the new process. >> >> We worked on: >> >> 1. A Firefox add-on to automate the verification of the ISO image, >>written by Giorgio Maone, the author of NoScript. > > Awesome! Can confirm it works with Iceweasel on Debian Unstable > (tested using 40.0.3-3). Really slick, thanks Giorgio. Nice! > I was surprised that the Other Linux instructions mention two usb > drives but not an option to use a DVD and 1 usb drive. Was that > intentional? I don't always have extra usb sticks available (or ones > that I trust), but blank DVDs are relatively cheap (and that's how I > first installed Tails ;) ). Yes, we didn't mention this intentionally. We want to keep the final number of possible scenarios (and thus the choice to make while choosing one) to the minimum. We also thought that, as a global, tendency, DVD drives are disappearing from laptops and USB sticks are getting super cheap. ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] screen locker tutorial
Hi, sajolida wrote (08 Dec 2015 11:59:54 GMT) : > intrigeri: >> sajolida wrote (07 Dec 2015 18:22:46 GMT) : >>> Is it safe to lock the screen this way in Tails? >> >> Given my results on #9408, it seems that it is. Before assessing this >> I'd like to go through #5684, its subtasks and blueprint to make sure >> we didn't forget anything, though. I guess it's on my plate as >> a side-effect of porting to Jessie ⇒ I'll do it and report back here. Done, looks sane to me (modulo the "false sense of security" argument, of course: physical access still gives an attacker a lot of power; we have lots of good plans to improve things in this area, but some problems simply can't be fixed by the operating system, and we often lack manpower when it comes to hardening Tails). > I'll have a look as well since I'm the one who volunteered for the > "screen locker" on our roadmap for 2017. Cool :) > From the subtasks I think: > - #5878 "Add a lock screen action to the shutdown button" should be > closed as we don't have the shutdown button anymore in Jessie. Well, it's the same problem to solve, and exactly the same solution, technical implementation details put aside (s/shutdown button/system menu/); it's also the place where the work already done in this area (for GNOME Shell) is referrenced. So, instead of replacing this ticket with a new one, I've repurposed it. > - #6017: "Ensure that the emergency shutdown works while the screen is > locked". I tested that and it works on Tails Jessie. Do we need anything > else? Automated tests? Thanks for testing. I've no idea when the problem this ticket was referring to was current, but I suspect it dates back to Squeeze area or similar ⇒ IMO it's not worth writing + maintaining + running a regression test. So I think that this ticket can simply be closed. > From the blueprint: Meta: here I'm merely trying to make sure the current state of the devel branch is not crazy, and to provide pointers for anyone who want to handle the technical side of things here: #5684 still needs developers, as this thread confirms. > - The "How to activate it?" section should be updated to Jessie. > - Automatically after X minutes of idle: This is not the case in Tails > Jessie. The screen is only blanked. Shall we discuss this further? I bet this is because we explicitly disable the lock screen in our configuration (hence Benjamin's dconf command). Maybe one of those would help: gsettings set org.gnome.desktop.lockdown disable-lock-screen false gsettings set org.gnome.desktop.screensaver lock-enabled true (I did both and after N idle minutes the screen locked.) > - When closing the lid: This doesn't work. We have: [org/gnome/settings-daemon/plugins/power] lid-close-ac-action = 'blank' lid-close-battery-action = 'blank' ... which may explain the behaviour you see. > Shall I create a ticket? Yes, please. Can be useful whenever someone wants to work on this :) > - The "Which password to use?" is still relevant and I propose to create > a ticket for that under #5684, unless you prefer creating another ticket > for "Screen locking without administration password" as this might take > more time to get implemented. Isn't this what #8383 is about? > Shall I also create a ticket to write automated tests for all this? Sure. >> And then it would be awesome if someone reintroduced the code we >> removed in #8316 (display a Lock Screen button in the Shell's >> top-right menu), after making it conditional to having an admin >> password set. > Shall I create a ticket for that too? I think that #5878 should do the job just fine. >>> My second question: >> >>> If gnome-screensaver remains in Tails Jessie, do we want to document >>> this (with all the due warnings for people without an administration >>> password) or do we think it will encourage people to set up an >>> administration password when they don't need to and we don't want to do >>> that? >> >> I think it would be great to document it, but not a blocker for 2.0 as >> long as the only UI is a keyboard shortcut. > Agreed. I'll let you judge if it's worth a ticket. >>> And the third one: >> >>> If gnome-screensaver remains in Tails Jessie, are we OK with the current >>> UX for people with no password (blanking the screen but not locking it)? >> >> I'd rather disable it but I can live with it. See earlier discussion >> on this topic: https://labs.riseup.net/code/issues/10403#note-3 > Meta: it's often hard for me to extract information from tickets like > these and be sure that I sorted out correctly the relevant information > from all the rest that I don't understand. Got it, and I'm sorry. Merely dropping such a link sucks, even on a development mailing-list. Since I read this a month ago, I've started to try and be more careful, e.g. to point to the specific excerpts I want _you_ to look at. > I understand from this one that the automatic screen blanking (and not > locking) is activated in Tails Jes
Re: [Tails-dev] [Tails - Feature #5991] Include BitTorrent software
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Spencer wrote: > Hi, > >> >> Spencer: Though I might not get around to this for a week or >> two, or three :) >> > > Or more. In progress, though. Feel free to email me off-list with any questions you might have :) str4d > > Wordlife, Spencer > > > > > > ___ Tails-dev mailing > list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev > To unsubscribe from this list, send an empty email to > tails-dev-unsubscr...@boum.org. > -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJWh1APAAoJEBO17ljAn7Pg1rYQAI53HceO9OyMG1JpmENhW5F4 gBtL2+T2fXh57tUuXQ4iKA3gk5LZr4HYqu16n7ySAh4cBm5wq+ZJOjFyKHMN6A3o YQLWUhQ4oc4BTsBf+ogeAkSKzZakosGY4m1XAvYwSmkvkypcaHk72tvrQtLjNEsK O7ksZrIrWvKf/9U5Uhe/Z8Mq7YjYBozAV94yR5maSP+NicJEI95904ZmIRJH7JHE 8ZykXm/koT90UNeDLJ0qsky5WsXQMsCExgRMcSZLQ41oJhLkfwuV2Fn4eSkspcoj TJsW8afaql2FnLr3tC9TvZQ33//6fi3l4XkaAGuQTtyuDiZyRmDKYzeJItqk6unV CWF7Fzv5nlErRjx4AkrhlFx0T5CJxOdk2zDEZBRPvITxGaoGNWAisxNW4HGPmLl1 UGoRJea/L70ZYNudu4f9w7AbL7AMqZ1uTyBwiAkyWLt+i3mwt1lktlmdxG7mIkZm arVHwWmLNJPjWcL+HPpA0na4rn0v9zCpB0yUv5nGdsWB2D4+E49SZ5Xyzb9rdS9O UqeoQ6BeYSbTbRam+fmKQVvZEm92w2T6bXuhmjMOkHSDI9yeAC3naGz++xJiWh5B haTX8bnwcGUVjCbdnAXC8/43NpAbjSwraswshyGa1EvdjWX33yA2MNEbXrP7wUFm l0RjXlthlpriSunlTNF6 =zW1E -END PGP SIGNATURE- ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.