Re: [Tails-dev] SecureDrop and Tails vs Qubes
On 12/14/2017 01:00 PM, u wrote:
> Hi!
>
> Loic Dachary:
>> On 12/14/2017 11:31 AM, sajolida wrote:
>>> Loic Dachary:
It was suggested to launch a thread
(https://labs.riseup.net/code/issues/15052#note-3) about the reasons
why SecureDrop is working on a Qubes based workstation for
journalists as an alternative to using an airgap tails. Conor & Jen
are cc'ed so they can comment on this.
>>>
>>> Thanks for starting this discussion!
>
>>> Given that Tails will probably remain relevant in the SecureDrop
>>> ecosystem for a while (for example on the source's side), my intention
>>> with this thread is to:
>>>
>>> * Have more feedback from SecureDrop about the Tails in general,
>>> hopefully opening communication channels that can be fruitful for the
>>> future. I don't remember much discussion on public channels between
>>> Tails and SecureDrop in the past.
>>>
>>> * Understand what Tails should do to be more relevant in similar
>>> contexts ("Tails for journalists and their sources").
>>>
IMHO the most prominent ones are>
* Qubes is not amnesic and the user can customize it more easily than
Tails
* Tails is amnesic, usable with an airgap workstation and more
secure than Qubes
* Adding a software distribution channel to a Qubes workstation is
easy while creating and distributing tails derivatives is
challenging and discouraged
>>>
>>> I agree with "challenging". I partly disagree with "discouraged".
>>
>> I meant to say I was discouraged by
>> https://tails.boum.org/contribute/derivatives/ not that tail discourages it,
>> sorry about that. My hunch is that it would take me at least three months
>> full time to come up with a derivative addressing all problems (i.e.
>> security releases, quality assurance process, automatic upgrades, ...). And
>> most likely another three months before recommending that someone uses it
>> for real. This is taking into account that I have experience with packaging,
>> Q/A automated or manual and release management.
>
> Creating a derivative does not only involve creating the derivative, but
> maintaining it. As you might know, we release Tails every 6 weeks, based
> on the TorBrowser & FF ESR schedule.
Yes, that's what I meant above with "addressing all problems".
> I believe that this is not necessarily the way to go. Instead, it would
> be useful to know what SecureDrop is missing in Tails that it finds in
> Qubes, and how this might be addressed. So instead of creating a
> derivative, it seems more interesting to me at first sight to try to
> contribute improvements to Tails.
Absolutely right and I posted https://labs.riseup.net/code/issues/15052 in that
spirit.
Cheers
>
> Cheers!
> u.
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> tails-dev-unsubscr...@boum.org.
>
--
Loïc Dachary, Artisan Logiciel Libre
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] SecureDrop and Tails vs Qubes
Hi!
Loic Dachary:
> On 12/14/2017 11:31 AM, sajolida wrote:
>> Loic Dachary:
>>> It was suggested to launch a thread
>>> (https://labs.riseup.net/code/issues/15052#note-3) about the reasons
>>> why SecureDrop is working on a Qubes based workstation for
>>> journalists as an alternative to using an airgap tails. Conor & Jen
>>> are cc'ed so they can comment on this.
>>
>> Thanks for starting this discussion!
>> Given that Tails will probably remain relevant in the SecureDrop
>> ecosystem for a while (for example on the source's side), my intention
>> with this thread is to:
>>
>> * Have more feedback from SecureDrop about the Tails in general,
>> hopefully opening communication channels that can be fruitful for the
>> future. I don't remember much discussion on public channels between
>> Tails and SecureDrop in the past.
>>
>> * Understand what Tails should do to be more relevant in similar
>> contexts ("Tails for journalists and their sources").
>>
>>> IMHO the most prominent ones are>
>>> * Qubes is not amnesic and the user can customize it more easily than
>>> Tails
>>> * Tails is amnesic, usable with an airgap workstation and more
>>> secure than Qubes
>>>
>>> * Adding a software distribution channel to a Qubes workstation is
>>> easy while creating and distributing tails derivatives is
>>> challenging and discouraged
>>
>> I agree with "challenging". I partly disagree with "discouraged".
>
> I meant to say I was discouraged by
> https://tails.boum.org/contribute/derivatives/ not that tail discourages it,
> sorry about that. My hunch is that it would take me at least three months
> full time to come up with a derivative addressing all problems (i.e. security
> releases, quality assurance process, automatic upgrades, ...). And most
> likely another three months before recommending that someone uses it for
> real. This is taking into account that I have experience with packaging, Q/A
> automated or manual and release management.
Creating a derivative does not only involve creating the derivative, but
maintaining it. As you might know, we release Tails every 6 weeks, based
on the TorBrowser & FF ESR schedule.
I believe that this is not necessarily the way to go. Instead, it would
be useful to know what SecureDrop is missing in Tails that it finds in
Qubes, and how this might be addressed. So instead of creating a
derivative, it seems more interesting to me at first sight to try to
contribute improvements to Tails.
Cheers!
u.
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] SecureDrop and Tails vs Qubes
On 12/14/2017 11:31 AM, sajolida wrote:
> Loic Dachary:
>> It was suggested to launch a thread
>> (https://labs.riseup.net/code/issues/15052#note-3) about the reasons
>> why SecureDrop is working on a Qubes based workstation for
>> journalists as an alternative to using an airgap tails. Conor & Jen
>> are cc'ed so they can comment on this.
>
> Thanks for starting this discussion!
>
>> First of all this is not something new: people asked for it long ago
>> but Qubes was not mature enough. The upcoming Qubes version 4
>> changes that and motivated new development in the SecureDrop team. As
>> a result of this effort, started a few months ago, the pro and cons
>> of using tails vs Qubes appear more clearly.
>
> NB, Conor's talk at LibrePlanet 17 who explains this in details already:
>
> https://media.libreplanet.org/u/libreplanet/m/securedrop-leaking-safely-to-modern-news-organizations/
>
> Given that Tails will probably remain relevant in the SecureDrop
> ecosystem for a while (for example on the source's side), my intention
> with this thread is to:
>
> * Have more feedback from SecureDrop about the Tails in general,
> hopefully opening communication channels that can be fruitful for the
> future. I don't remember much discussion on public channels between
> Tails and SecureDrop in the past.
>
> * Understand what Tails should do to be more relevant in similar
> contexts ("Tails for journalists and their sources").
>
>> IMHO the most prominent ones are>
>> * Qubes is not amnesic and the user can customize it more easily than
>> Tails
>> * Tails is amnesic, usable with an airgap workstation and more
>> secure than Qubes
>>
>> * Adding a software distribution channel to a Qubes workstation is
>> easy while creating and distributing tails derivatives is
>> challenging and discouraged
>
> I agree with "challenging". I partly disagree with "discouraged".
I meant to say I was discouraged by
https://tails.boum.org/contribute/derivatives/ not that tail discourages it,
sorry about that. My hunch is that it would take me at least three months full
time to come up with a derivative addressing all problems (i.e. security
releases, quality assurance process, automatic upgrades, ...). And most likely
another three months before recommending that someone uses it for real. This is
taking into account that I have experience with packaging, Q/A automated or
manual and release management.
How far am I from reality ?
> Sure, we've been discouraging people to shot themselves in the foot by
> customizing Tails to the point of breaking it.
>
> But we're also aware of the need for more customization and flexibility
> withing Tails and have made steps in this direction:
>
> - We published a statement in 2015 on how Tails derivatives should
> work and how to collaborate:
>
> https://tails.boum.org/contribute/derivatives/
>
> - We got funding this year to work on a better support for storing
> additional software in persistence which is so far only possible from
> the command line and not on air-gapped machines:
>
> https://labs.riseup.net/code/issues/14568
>
> - We documented how to configure additional APT repositories:
>
> https://tails.boum.org/doc/advanced_topics/additional_software/
>
>> * Tails is already mature while Qubes reaches maturity in 2018
>>
>> * Qubes is based on Xen and runs on a limited range of hardware
>> compared to tails
>>
>> On a personal note I'd like to work on improving the tails
>> experience for all existing SecureDrop users. Migrating to Qubes or
>> not will eventually be their decision, they won't be forced. In 2018
>> there will be a significant SecureDrop effort to improve the tails
>> journalist user experience.
>
> I'd be interested in hearing Jen and Conor's take on this.
> Would it make sense to have two options for the journalist workstation?
> And I would totally understand if it doesn't make sense for them :)
>
--
Loïc Dachary, Artisan Logiciel Libre
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] SecureDrop and Tails vs Qubes
Loic Dachary:
> It was suggested to launch a thread
> (https://labs.riseup.net/code/issues/15052#note-3) about the reasons
> why SecureDrop is working on a Qubes based workstation for
> journalists as an alternative to using an airgap tails. Conor & Jen
> are cc'ed so they can comment on this.
Thanks for starting this discussion!
> First of all this is not something new: people asked for it long ago
> but Qubes was not mature enough. The upcoming Qubes version 4
> changes that and motivated new development in the SecureDrop team. As
> a result of this effort, started a few months ago, the pro and cons
> of using tails vs Qubes appear more clearly.
NB, Conor's talk at LibrePlanet 17 who explains this in details already:
https://media.libreplanet.org/u/libreplanet/m/securedrop-leaking-safely-to-modern-news-organizations/
Given that Tails will probably remain relevant in the SecureDrop
ecosystem for a while (for example on the source's side), my intention
with this thread is to:
* Have more feedback from SecureDrop about the Tails in general,
hopefully opening communication channels that can be fruitful for the
future. I don't remember much discussion on public channels between
Tails and SecureDrop in the past.
* Understand what Tails should do to be more relevant in similar
contexts ("Tails for journalists and their sources").
> IMHO the most prominent ones are>
> * Qubes is not amnesic and the user can customize it more easily than
> Tails
>* Tails is amnesic, usable with an airgap workstation and more
> secure than Qubes
>
> * Adding a software distribution channel to a Qubes workstation is
> easy while creating and distributing tails derivatives is
> challenging and discouraged
I agree with "challenging". I partly disagree with "discouraged".
Sure, we've been discouraging people to shot themselves in the foot by
customizing Tails to the point of breaking it.
But we're also aware of the need for more customization and flexibility
withing Tails and have made steps in this direction:
- We published a statement in 2015 on how Tails derivatives should
work and how to collaborate:
https://tails.boum.org/contribute/derivatives/
- We got funding this year to work on a better support for storing
additional software in persistence which is so far only possible from
the command line and not on air-gapped machines:
https://labs.riseup.net/code/issues/14568
- We documented how to configure additional APT repositories:
https://tails.boum.org/doc/advanced_topics/additional_software/
> * Tails is already mature while Qubes reaches maturity in 2018
>
> * Qubes is based on Xen and runs on a limited range of hardware
> compared to tails
>
> On a personal note I'd like to work on improving the tails
> experience for all existing SecureDrop users. Migrating to Qubes or
> not will eventually be their decision, they won't be forced. In 2018
> there will be a significant SecureDrop effort to improve the tails
> journalist user experience.
I'd be interested in hearing Jen and Conor's take on this.
Would it make sense to have two options for the journalist workstation?
And I would totally understand if it doesn't make sense for them :)
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
