Re: [Tails-dev] How to build tails for testing purposes?

[Austin English]

On Mon, Jul 19, 2021 at 10:04 AM Hans  wrote:
>
> Hi folks,
>
>
> I am experiencing with building my own version of tails, but got stuck.
>
>
> I downloaded the git, installed all needed packages on my debian system, made 
> my changes in ~/tails/config/ and then started
>
>
> rake build && rake vm:halt
>
>
> But this did not work. I got the message:
>
>
>  snip 
>
>
> You have uncommitted changes in the Git repository. Due to limitations
> of the build system, you need to commit them before building Tails:
> M config/chroot_local-packageslists/tails-common.list
> ?? config/chroot_local-packages/kali-undercover_2021.1.2_all.deb
> ?? vmdb2.log
>
>
> If you don't care about those changes and want to build Tails nonetheless,
> please add `ignorechanges` to the TAILS_BUILD_OPTIONS environment
> variable.
>
> Uncommitted changes. Aborting.
>
> --- snap -
>
>
> However, I do not want to commit anything yet, because I do not want to mess 
> up with your git-sources!
>
>
> How can I build just for me, without interfering your tails-git?
>
>
> Changes I made:
>
>
> 1. edited ~/tails/config/chroot_local-packageslists/tails-common.list
>
>
> 2. added kali-undercover*.deb into ~/tails/config/chroot_local-packages/
>
>
> If this is working, I will try to optimize things (maybe also build for 
> 32-Bit). Maybe I will then ask for more help, but first let me try, if I can 
> get it managed to build tails running with XFCE instead of Gnome and the 
> possibility, to look XFCE like Windows10.

As the output tells you, you need to set TAILS_BUILD_OPTIONS:

export TAILS_BUILD_OPTIONS="ignorechanges"

-- 
-Austin
GPG: 267B CC1F 053F 0749 (expires 2024/02/17)
___
Tails-dev mailing list
Tails-dev@boum.org
https://www.autistici.org/mailman/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] NSA tails and closed code

[Austin English]

On Tue, Jun 15, 2021, 16:42 syster via Tails-dev  wrote:

> What I always thought what would be nice:
>
> Having 2 versions of Tails. One pure and free, and one with proprietary
> code that is needed to run some hardware.
>
> If one has a wifi adapter that runs on free software, most if not all of
> the proprietary code that is included in Tails is of no use for that
> person, at least that's how I understand it. Such an wifi adapter can be
> be bought for the cost of an USB stick.
>

That has the downside of doubling development/testing efforts, and
confusion for users.

>
___
Tails-dev mailing list
Tails-dev@boum.org
https://www.autistici.org/mailman/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] [brainstorm] What are our public XMPP chat rooms useful for? (#17956)

[Austin English]

On Tue, Jan 5, 2021 at 2:41 AM intrigeri  wrote:
>
> Hi,
>
> (dropping my facilitator hat for this message)
>
> intrigeri (2021-01-03):
> > So, my question is:
> >
> >   What would we lose if we did not have any public chat room?
>
> > In other words:
> >
> >   What new problems would we face if we did not have any public
> >   chat room?
>
> I think we would lose:
>
>  - some of our soul and identity, i.e. "we work in the open"
>
>  - a place where friendly bystanders can lurk and follow our work:
>FOSS developers, users, etc.
>
>  - a little bit of the efforts we've put into dismantling the
>long-standing myth that Tails is produced by some sort of secret,
>unapproachable group of anonymous people
>
>  - a place where existing contributors who don't have access to our private
>communication channels can get a feeling of belonging, by hanging
>out with the rest of us
>
>  - a place where we can meet new contributors, get to know each other,
>collaborate and build trust until the project is comfortable with
>giving them more privileges
>
> Practically speaking, my main concern is that the implied subtle
> cultural shift and newly closed doors would make the boundary between
> in-group folks and kind-of-outsiders even harder to cross.
>
> This would make it a bit harder to go from "volunteer contributor" to
> "paid worker" (such transitions are rare in our recent past, but there
> are a few noticeable ones if we look further back in time), or from
> "unprivileged contributor" to "full-blown project member".
>
> Finally, note that we already lost quite some of this when we moved
> from IRC @ OFTC (where lots of FOSS contributors hang out already) to
> XMPP (which for many people would require extra setup work). IMO the
> status quo, in all these respects, is not great.


FWIW, as a former/lapsed volunteer developer (and still active FOSS
developer), I appreciated having a public chat that I could drop in to
ask questions of the devs.

I would've greatly preferred an IRC option, since I more generally use
that. I only set up XMPP to chat with tails developers when I needed
it, but it was useful when I did use it.

If possible, I'd love to see a public chat option preserved for
precisely the reasons intrigeri mentioned.

In any event, keep up the great work! Hopefully I'll find some time to
contribute again this year :).
--
-Austin
GPG: 267B CC1F 053F 0749 (expires 2021/02/18)
___
Tails-dev mailing list
Tails-dev@boum.org
https://www.autistici.org/mailman/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] [review'n'merge] grammar correction for whisperback

[Austin English]

On Tue, May 22, 2018, 02:00 emma peel  wrote:

> intrigeri:
> > intrigeri:
> >> emma peel:
> >>> please review this patch with a grammar correction for WhisperBack.
> >
> >> Thanks, this looks good to me. I'll apply this once bertagaz has
> >> pushed […]
> >
> > I've now applied this patch even though it's debatable whether this is
> > a grammar correction:
> >
> >   https://en.wikipedia.org/wiki/Serial_comma
>
> Any native speakers around? I want to add the 'or' but I have no
> preferences regarding the comma...
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> tails-dev-unsubscr...@boum.org.


Native (American) speaker. I typically use the Oxford comma. To me this
change is fine, though I can't speak for British English.
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Weird commits on stable

[Austin English]

Understood, thanks.

On Fri, Jul 14, 2017 at 7:59 AM, u <u...@451f.org> wrote:
> Hi,
>
> Austin English:
>> How is spam getting committed somewhere that requires credentials?
>
> it happens on the blueprints, which are freely editable.
>
> Cheers!
> u.
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to 
> tails-dev-unsubscr...@boum.org.



-- 
-Austin
GPG: 14FB D7EA A041 937B
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] [internal]1st week post-release help desk report

[Austin English]

On Jun 23, 2017 10:03, "intrigeri"  wrote:

Hi,

first of all, thanks *a lot* for this report!

tails-b...@boum.org:
> a lot of users were affected by
> https://tails.boum.org/news/version_3.0/#known-issues

Yeah, sorry about that :/ I've sent a fix to the RM (bertagaz), who
hopefully will release it soon so that at least Debian and Ubuntu
users get it ASAP.


Fyi Gentoo also has tails installer, and if I can get a patch or yeah I can
push it there as well.
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Tails 3.0 release

[Austin English]

On Wed, Jun 7, 2017 at 2:43 PM, x3 dre  wrote:
> Hi
>
> I'm looking around to find out information why, tails is going to dropping 32 
> bit cpu's ?
>
> As I know many people around the world that rely on older 32 cpu chipset and 
> other distributions like tails and others.
>
> It just seems those poorer people, will be locked out because of cost, and 
> their pockets not to be able to purchase secondhand 64 bit machines, which 
> could be a few months salary in some cases, especially in countries that are 
> dictatorial and where corrupt govs operate.
>
> Can you tell me the rationale behind this move?
>
> tia
>
> x3dre
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to 
> tails-dev-unsubscr...@boum.org.

See 
https://tails.boum.org/news/Tails_3.0_will_require_a_64-bit_processor/index.en.html#index3h1

In short: it provides significant security benefits to a large number
of users at the expense of dropping support for a marginal (and
declining) number of users.

-- 
-Austin
GPG: 14FB D7EA A041 937B
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Can't build tails, not enough ram?

[Austin English]

On 03/21/2017 02:05 PM, anonym wrote:
> Austin English:
>> Hi all,
>>
>> It's been a while since I've built tails, been busy with other
>> projects.. Anyway, I've done a git pull, git clean -fxd (to clear out
>> .vagrant), and removed ~/.vagrant.d. I then tried to build with noram,
>> since my laptop is low on free memory, and I get:
>>
>> austin@debian-laptop:~/src/tails$ export TAILS_BUILD_OPTIONS=noram
>>
>> austin@debian-laptop:~/src/tails$ rake build
>> rake aborted!
>> VagrantCommandError: 'vagrant ["status"]' command failed: 1
>> /home/austin/src/tails/Rakefile:61:in `capture_vagrant'
>> /home/austin/src/tails/Rakefile:84:in `vm_state'
>> /home/austin/src/tails/Rakefile:117:in `enough_free_memory_for_ram_build?'
>> /home/austin/src/tails/Rakefile:145:in `block in '
>> Tasks: TOP => build => parse_build_options
>> (See full trace by running task with --trace)
> 
> Weird! What happens if you run:
> 
>(cd vagrant && vagrant status)
> 
> Also, have you made sure that up-to-date packages of vagrant and 
> vagrant-libvirt are installed? (I know some people have had APT pinnings and 
> stuff that has kept them on old, unsupported versions.)
> 
> I'd also be interested if one of our development branches, where we've 
> reworked a lot how Vagrant works, improves the situation; can you please 
> checkout the wip/11972-use-vagrant-in-jenkins Git branch and try to build? 
> You might have to clear vagrant/.vagrant before you try starting this new VM.
> 
> Cheers!

Thanks for the tip, apparently vagrant-libvirt got uninstalled somehow
and I missed that. After installing, I had to fiddle with
vagrant/libvirt a bit to get the build vm up and in a good state, but
after that, seems to be working now.

Thanks anonym!

-- 
-Austin
GPG: 14FB D7EA A041 937B



signature.asc
Description: OpenPGP digital signature
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Add this project to Tails

[Austin English]

On Sat, Mar 18, 2017 at 7:53 PM, Lucas  wrote:
> Good Night, I would like to kindly ask you, the dev team, to add this nice
> and powerfull project to then Tails OS.
> ZeroNet (https://github.com/HelloZeroNet/ZeroNet/)
>
>
> ZeroNet is a new tech to use decentralized websites using Bitcoin crypto and
> the BitTorrent network.
> ZeroNet can be run though Tor.
> Thanks, Lucas.

This would need to be packaged in Debian first. There's already a WNPP
bug, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850474

-- 
-Austin
GPG: 14FB D7EA A041 937B
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

[Tails-dev] Can't build tails, not enough ram?

[Austin English]

Hi all,

It's been a while since I've built tails, been busy with other
projects.. Anyway, I've done a git pull, git clean -fxd (to clear out
.vagrant), and removed ~/.vagrant.d. I then tried to build with noram,
since my laptop is low on free memory, and I get:

austin@debian-laptop:~/src/tails$ export TAILS_BUILD_OPTIONS=noram

austin@debian-laptop:~/src/tails$ rake build
rake aborted!
VagrantCommandError: 'vagrant ["status"]' command failed: 1
/home/austin/src/tails/Rakefile:61:in `capture_vagrant'
/home/austin/src/tails/Rakefile:84:in `vm_state'
/home/austin/src/tails/Rakefile:117:in `enough_free_memory_for_ram_build?'
/home/austin/src/tails/Rakefile:145:in `block in '
Tasks: TOP => build => parse_build_options
(See full trace by running task with --trace)

I see the same thing when I build on my desktop, with ~15 GB free (with
or without noram), so I feel like I've done something wrong.

I've followed https://tails.boum.org/contribute/build/, but don't see
any workarounds for this. Anyone have any idea what I'm missing?

This is on Debian Sid, x86_64.

-- 
-Austin
GPG: 14FB D7EA A041 937B
austin@debian-laptop:~$ dpkg -l | grep -e rake -e libvirt -e dnsmasq-base -e 
ebtables -e qemu -e vagrant
ii  dnsmasq-base   2.76-5   
 amd64Small caching DNS proxy and DHCP/TFTP server
ii  ebtables   2.0.10.4-3.5 
 amd64Ethernet bridge frame table administration
ii  gir1.2-libvirt-glib-1.0:amd64  1.0.0-1  
 amd64GObject introspection files for the libvirt-glib library
ii  ipxe-qemu  1.0.0+git-20161027.b991c67-1 
 all  PXE boot firmware - ROM images for qemu
ii  libvirt-bin1.3.1-1  
 amd64Dummy transitional package
ii  libvirt-clients3.0.0-2  
 amd64Programs for the libvirt library
ii  libvirt-daemon 3.0.0-2  
 amd64Virtualization daemon
ii  libvirt-daemon-system  3.0.0-2  
 amd64Libvirt daemon configuration files
ii  libvirt-glib-1.0-0:amd64   1.0.0-1  
 amd64libvirt GLib and GObject mapping library
ii  libvirt0   3.0.0-2  
 amd64library for interfacing with different virtualization systems
ii  python-libvirt 3.0.0-2  
 amd64libvirt Python bindings
ii  qemu-efi   0~20161202.7bbe0b3e-1
 all  UEFI firmware for 64-bit ARM virtual machines
ii  qemu-kvm   1:2.8+dfsg-2 
 amd64QEMU Full virtualization on x86 hardware
ii  qemu-slof  20161019+dfsg-1  
 all  Slimline Open Firmware -- QEMU PowerPC version
ii  qemu-system1:2.8+dfsg-2 
 amd64QEMU full system emulation binaries
ii  qemu-system-arm1:2.8+dfsg-2 
 amd64QEMU full system emulation binaries (arm)
ii  qemu-system-common 1:2.8+dfsg-2 
 amd64QEMU full system emulation binaries (common files)
ii  qemu-system-mips   1:2.8+dfsg-2 
 amd64QEMU full system emulation binaries (mips)
ii  qemu-system-misc   1:2.8+dfsg-2 
 amd64QEMU full system emulation binaries (miscellaneous)
ii  qemu-system-ppc1:2.8+dfsg-2 
 amd64QEMU full system emulation binaries (ppc)
ii  qemu-system-sparc  1:2.8+dfsg-2 
 amd64QEMU full system emulation binaries (sparc)
ii  qemu-system-x861:2.8+dfsg-2 
 amd64QEMU full system emulation binaries (x86)
ii  qemu-utils 1:2.8+dfsg-2 
 amd64QEMU utilities
ii  rake   10.5.0-2 
 all  ruby make-like utility
ii  vagrant1.9.1+dfsg-1 
 all  Tool for building and distributing virtualized development 
environments




signature.asc
Description: OpenPGP digital signature
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Adding an event to monthly report?

[Austin English]

On Mar 8, 2017 6:51 AM, "intrigeri" <intrig...@boum.org> wrote:

Austin English:
> Slides are attached for anyone curious (apologies in advance for my
> lack of Libreoffice skills).

A pull request against
https://git-tails.immerda.ch/promotion-material/ would be welcome so
that your slides are listed on the Tails website :)
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.


Looks like sajolda beat me to it ;)

https://git-tails.immerda.ch/promotion-material/commit/?id=94bd6ac7480782e801efef6fdb1e4991062037b8
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

[Tails-dev] Adding an event to monthly report?

[Austin English]

Howdy all,

This was briefly mentioned on #tails-dev, but I gave a presentation
about Tails to the Austin (TX) Linux Meetup:
https://www.meetup.com/linuxaustin/events/233035224/

Slides are attached for anyone curious (apologies in advance for my
lack of Libreoffice skills).

It was suggested that this should be included in the monthly report.
I'm not sure who normally does that, but if you think it's relevant,
please do so :).

-- 
-Austin
GPG: 14FB D7EA A041 937B


tails-atx-lug.odp
Description: application/vnd.oasis.opendocument.presentation
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Presentation slides for Tails

[Austin English]

On Jan 10, 2017 3:26 PM, "BitingBird" <bitingb...@riseup.net> wrote:

Austin English:
> Hi there,
>
> My local Linux user group wants more desktop/user focused presentations,
> and I think Tails could be a good topic. I'm curious if anyone has any
> slides they've used before that I could base a presentation on?
>
> Thanks,
> Austin
>
You can look there:
https://tails.boum.org/contribute/how/promote/
and more precisely there:
https://tails.boum.org/contribute/how/promote/material/slides/

The slides are for different talks, but some of them are definitly not
for developers :)

Cheers,

 BitingBird


Great! Thanks BitingBird!
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

[Tails-dev] Presentation slides for Tails

[Austin English]

Hi there,

My local Linux user group wants more desktop/user focused presentations,
and I think Tails could be a good topic. I'm curious if anyone has any
slides they've used before that I could base a presentation on?

Thanks,
Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

[Tails-dev] tails-installer release announcements

[Austin English]

Is there a mailing list / some sort of automated tails-installer release
announcements I could sign up for?

-- 
-Austin
GPG: 14FB D7EA A041 937B



signature.asc
Description: OpenPGP digital signature
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

[Tails-dev] Old ISO downloads

[Austin English]

Where can I get old ISOs? http://dl.amnesia.boum.org/tails/ only has
stable and alpha afaict

-- 
-Austin
GPG: 14FB D7EA A041 937B



signature.asc
Description: OpenPGP digital signature
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] boum

[Austin English]

On Aug 14, 2016 8:35 PM, "Jacob Tang"  wrote:
>
> Dear Mr./Ms.,
>
> We are a service agency for registering domain names. Our center received
an application from Erin Zhu International today. They applied for the
registration of boum as their Brand Name and some top-level domain names.
But we found the main body of domain names is same as yours. We are not
sure about the relationship between you and them. As the registrar, we have
the duty to inform you the case.
>
> Now, we are processing this application. Our center needs to confirm
whether this company is authorized by your company. If so, we will continue
the next step of registration. If not, please let me know as soon as
possible in order that our center can deal with this problem timely. We
await your prompt reply.
>
> Best Regards
> Jacob Tang
> Tel:0086-551 634 911 91
> Fax:0086-551 634 911 92
> Tuogui Building, No.777, Ningguo South Road, Hefei, China
>
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.

Hi Jacob,

You should contact r...@boum.org (in cc) for an authoritative answer, but I
personally haven't heard of Erin Zhu. The application is likely spam.

Thanks for checking first!

-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] I need tool

[Austin English]

Hi swichi,

Can you verify that installing 'gnome-sound-recorder' meets your
needs? For instructions, see
https://tails.boum.org/doc/advanced_topics/additional_software/index.en.html.

On Sun, Jun 26, 2016 at 3:24 AM, intrigeri  wrote:
>> That's covered in https://labs.riseup.net/code/issues/10950
>
>> It was said there that if someone complained within 3 months of 2.0,
>> that it could be put back in. It's been 5-6, but I think there's value
>> in putting it back in. Stay tuned to that bug.
>
> It's not obvious to me that we actually got a request for that
> specific piece of software; this could also be a request for sound
> recording functionality, that we already provide software for.
>
> So, please make sure that swichi tries Audacity and checks if it
> satisfies his/her needs, before attempting to re-introduce GNOME
> Sound Recorder.
>
> Cheers,
> --
> intrigeri
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to 
> tails-dev-unsubscr...@boum.org.



-- 
-Austin
GPG: 14FB D7EA A041 937B
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] I need tool

[Austin English]

On 06/22/2016 02:21 PM, swi...@sigaint.org wrote:
> I need voice recorder. TAILS previous versions had it. Recent versions do
> not.
> 
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to 
> tails-dev-unsubscr...@boum.org.
> 

That's covered in https://labs.riseup.net/code/issues/10950

It was said there that if someone complained within 3 months of 2.0,
that it could be put back in. It's been 5-6, but I think there's value
in putting it back in. Stay tuned to that bug.

-- 
-Austin
GPG: 14FB D7EA A041 937B



signature.asc
Description: OpenPGP digital signature
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

[Tails-dev] https://labs.riseup.net/ is unreachable (certificate error)

[Austin English]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

In both Iceweasel and Chromium, I get a certificate error. Another
user on #tails-dev has the same issue.

I'm not sure where to report this, could someone do so / tell me where t
o?

- -- 
- -Austin
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQIcBAEBCAAGBQJXOrzKAAoJEBT71+qgQZN7fEQQALwuoy1A0pcVeD08ApVM2Ee4
PaccOeFDUZFe6mNnWZ7CvpFDH3/DLVvvqpv0IN0qLmg6fYe0XZZIVjIBbD7Ao7ly
L4kw8Rjo4SIjlN7MA6m0oi6nCswZFpZpkC6BXMzK0aeEt+Q2iFfWEgUr4801ICwr
CHh03FzillRvm1UUx7j9uq0wlyknyoQfoyv7KhFAAyQE4lsbNIMOMEENYO8cAeH0
/FKeeHTjdMuRoOpfuOtlZpSsR8qQPhAS4VC9VMiJkUbyv4wapWJedIYLJyceItzO
1gStixX9UO7PdqGSwUHvOk4YNuQpfUDzRMyJLEKtiCVf1nExl64nrmD2QKmDhd2Q
0XWfW9/j9CTBF1fSFMEaD/p51ZzLZrvreZdv/eEMlCsDD5gyCR/yriEozsZqJK1Z
5FOkvkkxzkqPN1ndm11zF93hfRiKg0YB4dl7L0mWvSWVqH9KVwd1OdNzPHZ+krN6
vgFgotYHi1dnIJ69q43NArsj3PPJ5Bp7Q3x0s/aTx11ftIOpWiX0GhZ1r1xuF8wB
cmKoKdsVDMfSk/Pf6Mkwd8ErdZY4a+qbEZcN1ctkMMcPnD9VUoUW6YlFU3pC3fyY
kM4r8B9LTmMV2+n5AH86Aezg91XAYTy6utKZYC8btbfvqe1qsKze+/S1Wq9758VR
N0qb/5H9hesqR+Y60WgW
=Vs7X
-END PGP SIGNATURE-
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Install & soft

[Austin English]

On Sun, May 15, 2016 at 11:18 AM,   wrote:
> Sur 2016-05-13 14:19 UTC sajolida  écrit:
>>
>> leos...@i2pmail.org:
>> > Sur 2016-05-09 23:05 UTC sajolida  écrit:
>> >> intrigeri:
>> >>> leos...@i2pmail.org wrote (08 May 2016 20:42:18 GMT) :
>>  2/ The install procedure with 2 usb keys isn't the best way. It's more 
>>  easy to burn
>>  a iso image on a dvd, then install Tails from a dvd to an usb key.
>> >>>
>> >>> I'll let the people who are working on our installation process reply
>> >>> in more depth if they wish, but nowadays it seems that it's way
>> >>> easier, for many people, to get 2 USB sticks than a DVD burner.
>> >>
>> >> Right, that's what we had in mind even though I agree with you that the
>> >> procedure with 2 USB sticks might not be the fastest for everybody.
>> >>
>> >> A few more thoughts on the topic:
>> >>
>> >> - For Mac we documented both options: install the intermediary Tails on
>> >> USB or DVD. Here we *had* to integrate DVD in the flow for everybody
>> >> because Macs are a nightmare and have very different support for USB
>> >> stick. But the result is much more complex for the user.
>> >>
>> >> - For Linux, the technique with GNOME Disks is quite nice and is
>> >> available out-of-the-box for the major distros with their default
>> >> environment (Debian, Ubuntu, Fedora). But you're right, here we're
>> >> taking for granted that it's easier to have 2 USB stick handy than a DVD
>> >> burner and a blank DVD. We thought this was a reasonable assumption in 
>> >> 2015.
>> >>
>> >> - For Windows, the technique that we document, using UUI, is a bit
>> >> awkward but has the advantage of working independently of the Windows
>> >> version (I'm not sure whether DVD burning tools exists in Windows from
>> >> XP to 10) and of whether people have a DVD burner or not (this is
>> >> becoming less and less common on laptops). We thought it would be better
>> >> to recommend a single technique than to open multiple paths depending on
>> >> the Windows version and hardware. It was also much less work for us.
>> >>
>> >> This said, on each /install/{linux,win,debian} we have a secondary
>> >> option for "Burning Tails on a DVD". Now I'm realizing that maybe we
>> >> should add a note at the end of https://tails.boum.org/install/dvd/ to
>> >> make it clear to people that they can then clone this Tails on a USB 
>> >> stick.
>> >>
>> > I thank you for your answer sajolida. I understand that is easiest for 
>> > many people to use two usb keys. I run fedora, I used the technique with 
>> > GNOME Disks, but the first usb keys (intermediate Tails) has never start !
>>
>> Then that's a different (and interesting!) problem. So far on
>> https://tails.boum.org/support/known_issues I see only one PC (Lenovo
>> IdeaPad Y410p) that is known to fail starting from a USB stick created
>> using GNOME Disks. So, in your case, unless you have a Lenovo IdeaPad
>> Y410p, either:
>>
>> - Something failed while creating the intermediary USB stick and it
>> would be interesting to try again and see what might have failed (maybe
>> there's something we should adjust in our instructions).
>>
>> - Maybe your laptop really can't start from such a USB stick and this
>> should be listed as a known issue.
>>
>> So if you feel like it, it would be quite interesting if you could try
>> again to create an intermediary Tails using GNOME Disks, start from it,
>> and report your findings to tails-b...@boum.org as instructed here:
>>
>> https://tails.boum.org/doc/first_steps/bug_reporting/tails_does_not_start/
>>
>> We writing to tails-b...@boum.org point them to this thread:
>>
>> https://mailman.boum.org/pipermail/tails-dev/2016-May/010628.html
>
> Hi sajolida,
> I try again to create an intermediary Tails using Gnome Disk. I have 2 Dell 
> computers:
> The first one is a Vostro 1510, the intermediary Tails usb keys doesn't boot, 
> the bios message is: "Missing Operating System";
> the second one is an Inspiron 3847,I insert intermediary Tails usb key, but 
> no message and Fedora 22 boot.
> The final Tails installed from a DVD to an usb key boots and works fine on 
> the both.
>>I hope to help you...
>
> Also, I would like the next version of Tails is delivered with "proxychains". 
> Thank you.

As intrigeri asked previously, can you please provide a practical
example of why it would be useful or needed? I.e., what doesn't work
now that would work if proxychains were installed?

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] VeraCrypt and TAILS

[Austin English]

On May 5, 2016 12:29 PM,  wrote:
>
> Hi, I was wondering if the VeraCrypt encryption is better than the one in
Tails?
> And I am also wondering if this ecryption will come to Tails in the
future?

See https://labs.riseup.net/code/issues/8911

Note that I haven't had much time to look at it yet, however.
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] ebuild for tails-installer

[Austin English]

On Mon, Feb 8, 2016 at 7:50 AM, sajolida <sajol...@pimienta.org> wrote:
> Miguel Angel Marco Buzunariz:
>> If you want to include this information in the web page, and need
>> some further explanations, please contact me.
>
> The way our documentation (eg https://tails.boum.org/install/debian/usb)
> is built is both quite complicated and new. So I want to take some time
> to think about how integrating new package in other distros. I didn't
> expect this to go this fast! :)
>
> I create https://labs.riseup.net/code/issues/11080 to track this.
>
> Once Gentoo is documented I think it will be easier to add more distros
> in there.
>
>> However, I think roght now it would be better to wait and see if
>> Austin English can manage to include the ebuild in the main portage
>> tree, which would make the process even simpler.
>
> I'm glad I'll have a bit more time to work on #11080 :)
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to 
> tails-dev-unsubscr...@boum.org.

Hi all, sorry for the delay, upstream took a while to get me commit
access. I've committed a modified version of Miguel's ebuild for
tails-installer-4.4.8 [1]. Many thanks to Miguel for writing it!

Gentoo users can now simply:

# emerge tails-installer

to install tails. Depending on the user's portage settings, they may
need to unmask the package before it will install. Once it's been in
for 30 days with no open bugs, it can be stabilized, at which point no
workaround is needed.

[1] 
https://github.com/gentoo/gentoo/commit/0135da7291c4ad7df83d763db304416ce3d93ad1

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] w32codecs [Was: dconf-editor dropped, gedit-plugins, systemd, w32codecs]

[Austin English]

On Sat, Mar 12, 2016 at 12:20 PM, intrigeri <intrig...@boum.org> wrote:
> Hi,
>
> (splitting into a dedicated subthread, and reordering top-posted reply.)
>
> Austin English wrote:
>> On Mon, Mar 7, 2016 at 4:38 AM, intrigeri <intrig...@boum.org> wrote:
>>> Austin English wrote (07 Mar 2016 03:05:46 GMT) :
>>>> That said, including win32 codecs is probably worthwhile.
>>>
>>> Don't hesitate elaborating if you think it's worth it :)
>
>> Well, as emmapeel said when libdvdcss originally was discussed:
>> "I think access to culture is a very important right for people, and I
>> would be happy that Tails helps to make access to restricted/corporate
>> culture more easy, providing a framework to criticize it and create
>> their own."
>
> I see a bunch of .dll files in the w32codecs tarball I got (there
> seems to be various flavours of it, so it might be that we're not
> talking of the same thing; in which case it would be nice to specify
> more clearly what exactly is being proposed for inclusion).

I hadn't seen that before. This is a low priority for me, my concern
is that .wmv / .wma files may not be usable under tails currently
(unverified), and if that were the case, I'd like to see if that's
fixable. I have not had a chance to see if that is the case, and if it
is, what packages fixes it, but I'll be sure to check that they aren't
running windows binaries.

> I am sensitive to the "access to culture" argument up to a point, but
> including closed-source binary code that runs on the main CPU is quite
> far beyond that point; to be clear, it's in veto-land for me.

Ack.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Detecting hidden partitions?

[Austin English]

On Sat, Mar 12, 2016 at 4:45 PM, intrigeri <intrig...@boum.org> wrote:
> Hi,
>
> (reordered due to top-posting)
>
> Austin English wrote:
>>> I would try to help, but I don't know what you mean with "hidden
>>> partitions" exactly. Could you please clarify how this translates into
>>> non-ambiguous technical concepts?
>
>> This is for https://labs.riseup.net/code/issues/11137, trying to any
>> partitions that are listed in the partition table.
>
> Missing word?

Yes, 'detect':
This is for https://labs.riseup.net/code/issues/11137, trying to
detect any partitions that are listed in the partition table.

> IMO for #11137, checking the content of the Tails system partition
> is enough, so no need to check for "hidden" partitions. But if you
> want to:
>
>> I used a hidden FAT32 partition for testing:
>> 1g.img2 206848  227327   20480   10M 1b Hidden W95 FAT32
>
>> my other thought was checking the Partition ID, unless someone knows a
>> better way.
>
> OK.
>
> Is this about detecting partitions whose type is "Hidden W95 FAT32"?
>
> Or is it any broader?

It was not my original idea, it was originally proposed here:
https://mailman.boum.org/pipermail/tails-dev/2016-February/010303.html

Though I'm considering dropping that portion of the idea because there
is a lot of confusion about it. I'm not sure what exactly is
desired/requested, or how to find the information needed to detect
these partitions properly and being put in a position to defend those
decisions is not a place I like being.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Detecting hidden partitions?

[Austin English]

This is for https://labs.riseup.net/code/issues/11137, trying to any
partitions that are listed in the partition table.

I used a hidden FAT32 partition for testing:
1g.img2 206848  227327   20480   10M 1b Hidden W95 FAT32

my other thought was checking the Partition ID, unless someone knows a
better way.

On Sat, Mar 12, 2016 at 10:52 AM, intrigeri <intrig...@boum.org> wrote:
> Austin English wrote (12 Mar 2016 04:58:54 GMT) :
>> So, when it comes to detecting hidden partitions, is it as simple as
>> doing $(fdisk -l | grep -i hidden)?
>
> I'm afraid this is too brittle: this can return true for various
> reasons even if there is no "hidden" partition, e.g. a LV whose name
> contains the "hidden" string.
>
> I would try to help, but I don't know what you mean with "hidden
> partitions" exactly. Could you please clarify how this translates into
> non-ambiguous technical concepts?
>
> Cheers,
> --
> intrigeri
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to 
> tails-dev-unsubscr...@boum.org.



-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

[Tails-dev] Detecting hidden partitions?

[Austin English]

So, when it comes to detecting hidden partitions, is it as simple as
doing $(fdisk -l | grep -i hidden)? I realize is a simple difference and
has no real effect, but I'm not sure how to properly detect this 'feature'.

Thanks,
Austin



signature.asc
Description: OpenPGP digital signature
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] dconf-editor dropped, gedit-plugins, systemd, w32codecs

[Austin English]

On Wed, Mar 9, 2016 at 9:36 PM,  <maddonkeyk...@safe-mail.net> wrote:
>  Original Message 
> From: Austin English <austinengl...@gmail.com>
> Apparently from: tails-dev-boun...@boum.org
> To: The Tails public development discussion list <tails-dev@boum.org>
> Subject: Re: [Tails-dev] dconf-editor dropped, gedit-plugins, 
> systemd,w32codecs
> Date: Tue, 8 Mar 2016 20:44:40 -0600
>
>> TL;DR: I think we should ship as many codecs as we can, to allow as
>> wide of access to media as possible.
>>
>> On Mon, Mar 7, 2016 at 4:38 AM, intrigeri <intrig...@boum.org> wrote:
>> > Austin English wrote (07 Mar 2016 03:05:46 GMT) :
>> >> That said, including win32 codecs is probably worthwhile.
>
> RE: win32 codecs - I agree. So let's say we have win32 codecs installed. Can 
> Totem handle these codecs, or do we need to install another video player?

It can, totem uses gstreamer.

> Now regardless of video player, there are a few different browser plugins 
> available in the repos to directly handle these codecs. The problem is, you 
> probably don't want these to load into Tor Browser.
>
> So what could be used instead? The unsafe browser or a separate profile or 
> browser with the codecs and plugin capability?

I think wma encoded videos embedded online are probably quite rare,
and are a separate use case from supporting them with totem.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] NSA

[Austin English]

On Thu, Mar 10, 2016 at 1:29 PM, u  wrote:
> Heya,
>
> (just a footnote.)
>
> flapflap:
>> sam pollina:
>
> [..]
>> o  If you happen to be in an environment hostile to Tor (like Iran,
>>China), you should not connect to the Tor network directly (likely,
>>your connection will be logged and blocked).  Instead, you should
>>connect to Tor via Bridges:
>
> Last time I tried in one of those countries, I realized that you cannot
> even connect in any other way, as all public Tor nodes are blocked.
> Website-wise torproject.org was blocked too, tails.boum.org was not.

I was in Iran last June, trying to connect to Tor was definitely
blocked, but IIRC I was able to access torproject.org and request
bridge info. Connecting via a bridge worked, albeit very slowly. It's
been a while since I was in China, and I didn't try Tor while there.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] dconf-editor dropped, gedit-plugins, systemd, w32codecs

[Austin English]

Well, as emmapeel said when libdvdcss originally was discussed:
"I think access to culture is a very important right for people, and I
would be happy that Tails helps to make access to restricted/corporate
culture more easy, providing a framework to criticize it and create
their own."

https://mailman.boum.org/pipermail/tails-dev/2015-August/009320.html

I remember years ago reading on vlc's forum about some camcorders that
recorded by default to wmv format, but I can't seem to find a link.
Regardless, I highly suspect some non-zero number of devices records
video in proprietary formats by default and may be unaccessible to
activists using Tails. Furthermore, even if they don't directly come
from freshly made video, there is plenty of wmv video out there that
would be made accessible.

TL;DR: I think we should ship as many codecs as we can, to allow as
wide of access to media as possible.

On Mon, Mar 7, 2016 at 4:38 AM, intrigeri <intrig...@boum.org> wrote:
> Austin English wrote (07 Mar 2016 03:05:46 GMT) :
>> That said, including win32 codecs is probably worthwhile.
>
> Don't hesitate elaborating if you think it's worth it :)
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to 
> tails-dev-unsubscr...@boum.org.



-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] dconf-editor dropped, gedit-plugins, systemd, w32codecs

[Austin English]

On Sun, Mar 6, 2016 at 7:17 PM, Anonymous  wrote:
> 1. Why was dconf-editor dropped from Tails?
>
> I found it very useful in previous versions of Tails.
> Please reintroduce it in the next version of Tails.
>
> 2. gedit-plugins
>
> This is a good package to have installed.
>
> 3. Systemd private directories in /tmp
>
> Why are there so many "systemd-private-" directories in /tmp
> There's systemd-private(long string of numbers and letters) with
> the following:
>
> -colord.service-
> -htpdate.service-
> -tails-reconfigure-kexec.service-
> -tails-sdmem-on-media-removal.service-
> -tor-controlport-filter.service-
> -tor@default.service-
>
> 4. win32 codecs
>
> If you're shipping libdvdcss2, why haven't you included
> the win32 codecs like the official MPlayer website has on
> their download page?

That was for https://labs.riseup.net/code/issues/7674, which
specifically requested. win32 codecs aren't needed for dvd playback.

That said, including win32 codecs is probably worthwhile.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Hacking Team looking at Tails

[Austin English]

Having some hardware issues so I can't build/test this on tails
directly right now, but I put this together as proof of concept on
Fedora.

On Mon, Feb 22, 2016 at 11:31 AM, Spencer <spencer...@openmailbox.org> wrote:
> Hi,
>
>>>>
>>>> Austin English:
>>>> filed https://labs.riseup.net/code/issues/11137
>>>>
>
> This is a very challenging problem.  There are two cases that come to mind.
>
> 1. The device may become compromised before becoming a Tails device.  In
> this case, the files/partitions are either hidden or protected and are not
> removed during reformatting.
>
> This is best addressed during the creation of a new Tails device.
>
> 2. The device may become compromised after becoming a Tails device.  In this
> case, the files/partitions, which may be hidden or protected, are not
> removed after shutdown.
>
> This is best addressed during either the startup or shutdown processes of a
> living Tails device.
>
>>>
>>> sajolida:
>>> not about detecting malware but about training
>>> users .. good practices
>>>
>
> So, detecting/educating *that* but not *what*.  This seems reasonable, as
> *what* would need blacklists, trust models, and so on.
>
> Also, given the actual (intended/expected) function of the hidden attribute
> files, e.g., preserving user settings, it seems that there are no benefits
> of having these, or any other, files on a Tails device.
>
>>>
>>> Don't plug your Tails in an untrusted OS
>>>
>
> I do not think this is an achievable model to promote because:
>
> - Trust is like STDIN; can be anything to anyone.
>
> - There seem to be no machines or systems that can have the guarantee that
> is referred to when we say 'Trust'.
>
>>>
>>> reinstalling is the only solution .. installing
>>> from the same untrusted OS really won't be.
>>>
>
> And educating (:
>
> How can Tails:
>
> - Inform of this device protection feature and what it does?
>
> - Detect the existence of unwanted files.
>
> - Disclose what the files are and where they were located in the file
> system?
>
> - Provide a resolution to remove the files and restore the devices
> integrity.
>
> - Guarantee the files removed are now gone and will not come back, or
> recommend a behavior model that will limit the possibility of files
> (re)appearing?
>
>>
>> Austin English:
>> help for the ux portion
>>
>
> I would be more than happy to put the files together or think through this
> some more.  Feel free to send anything my way; can be as rough or polished
> as you got it.
>
>>
>> if detected, have the greeter pop up some big red
>> warning box.
>>
>
> This warning could replace the greeter.
>
> This warning might want to be ignored.
>
>>
>> discussed on tails-ux
>>
>
> Copied for migration if needed.
>
> Wordlife,
> Spencer
>
>
>
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> tails-dev-unsubscr...@boum.org.



-- 
-Austin


detect_proprietary_garbage.sh
Description: Bourne shell script
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Adding KeepassX to Tails Startup; can it be done!

[Austin English]

On Feb 29, 2016 1:38 PM,  wrote:
>
> Hi Spencer, thanks for writing back,
> I think they should poll to see how many others like this idea :)
>
> I would also love to have an easy way to enter ASCII symbols into the mix
as well.
>
> I just feel with the advancement of todays super computers and server
farms that are specifically designed by governments to brute force attack
systems, there should be a way to limit how many times a password can be
entered. After a few bad attempts the program should stop for an hour.
After 8 bad attempts the system should wipe itself.

It's a neat idea, but as previously pointed out,  easily circumvented if
the attacker has (temporary) physical access to the drive. It might prevent
a roommate or low knowledge attacker, but anyone serious would clone and
attack at their convenience at an alternate location, without using tails,
so the protection would be lost.
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Heads up! Upgrade your ISO build setup to Jessie

[Austin English]

On Wed, Feb 24, 2016 at 3:36 AM, anonym <ano...@riseup.net> wrote:
> Austin English:
>> On 02/22/2016 07:02 AM, intrigeri wrote:
>>> Hi,
>>>
>>> anonym just merged the branch for #9262 aka. "Port our ISO build
>>> system to Jessie", so if you have an ISO build setup, you need to
>>> upgrade it:
>>>
>>>  * manual build system
>>>
>>>See the updated doc: https://tails.boum.org/contribute/build/#manual
>>>
>>>  * Vagrant (untested)
>>>
>>>rake vm:destroy
>>>rm -r vagrant/.vagrant
>>>rake vm:up
>>>
>>> Please report any issues to us :)
>>>
>>> JFTR, our Jenkins ISO builders have been upgraded yesterday already.
>>>
>>> Cheers,
>>
>> It broke vagrant for me:
>
> Argh!
>
> Spoiler: once we're based on vagrant-libvirt (#6354) the Vagrant build
> env should be stable since most (all?) developers will switch to it, and
> our Jenkins build slaves as well.
>
>> [default] Waiting for machine to boot. This may take a few minutes...
>> rake aborted!
>
> This was also the error you (and me!) got when using Sid's incompatible
> version of net-ruby-ssh. Can you please try
>
> sudo apt-get install ruby-net-ssh/jessie
>
> and then remove your current broken instance (execute from the Tails
> source root dir):
>
> rake vm:destroy
> rm -r vagrant/.vagrant
>
> and then
>
> rake vm:up
>
> If this fixed your issue you may want to pin jessie's version of this
> package so this situation won't return every time you update your system.
>
> Cheers!

So I was using:
austin@debian-laptop:~$ dpkg -l | grep ruby-net-ssh
ii  ruby-net-ssh   1:3.0.1-3
  all  Ruby implementation of the SSH protocol

Now using:
austin@debian-laptop:~/src/tails$ dpkg -l | grep ruby-net-ssh
ii  ruby-net-ssh   1:2.9.1-1
  all  Ruby implementation of the SSH protocol

will pin that, thanks.
-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] update suggestion

[Austin English]

On Wed, Feb 24, 2016 at 12:59 PM, Rene Charles Descartes
 wrote:
> No need for privacy in this, I'd like to see this added to the next TAILS
> update:
>
> http://embeddedsw.net/OpenPuff_Steganography_Home.html
>
> Basically, it's an excellent Stego software, with plausible deniability
> built in.
>
> Food for thought.

https://labs.riseup.net/code/issues/6913

It needs to be packaged in Debian before use in Tails.
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] is it safe to update these files in synaptic?

[Austin English]

On Wed, Feb 24, 2016 at 8:28 AM, Anonymous
 wrote:
> hi is it safe to update these files in synaptic?
>
> [23 Feb 2016] DSA-3487 libssh2 - security update

This should only matter if you're ssh'ing into other hosts, tails does
not run an sshd.

> [19 Feb 2016] DSA-3483 cpio - security update

cpio is a file archive tool, it should be safe to update live.

> there's a few others, too. the updates refuse to display
> a changelog, IDK why.
>
> there's one glibc or libc or something similar in Synaptic
> which wants updating of 2 separate packages. but don't those
> type of updates want a reboot?

glibc, for CVE-2015-7547. It's a bug in getadddrinfo, which is what
most programs use for DNS resolution. For tails, however, it is
currently believed to be mitigated because DNS lookups go out over
SOCKS/Tor (please, someone correct me if I'm wrong there).

While glibc does need a reboot to be fully effective (any running
programs are vulnerable until they load the new libc on start), it
would help for any programs you launch going forward. In other words,
your desktop manager may still be vulnerable, but if you launch
Libreoffice after updating glibc you should be protected.

> i usually backup updates and reinstall them in new Tails
> session, but i want to know what is safe to d/l without
> waiting for a new Tails .ISO and without upgrading a usb.

You should always update Tails whenever updates are released rather
than updating packages by hand as you find out about them.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Heads up! Upgrade your ISO build setup to Jessie

[Austin English]

On 02/22/2016 07:02 AM, intrigeri wrote:
> Hi,
> 
> anonym just merged the branch for #9262 aka. "Port our ISO build
> system to Jessie", so if you have an ISO build setup, you need to
> upgrade it:
> 
>  * manual build system
> 
>See the updated doc: https://tails.boum.org/contribute/build/#manual
> 
>  * Vagrant (untested)
> 
>rake vm:destroy
>rm -r vagrant/.vagrant
>rake vm:up
> 
> Please report any issues to us :)
> 
> JFTR, our Jenkins ISO builders have been upgraded yesterday already.
> 
> Cheers,

It broke vagrant for me:
austin@debian-laptop:~/src/tails$ time rake build
Using HTTP proxy: http://tails-builder-20150609.vagrantup.com:3142

This is the first time that the Tails builder virtual machine is
started. The virtual machine template is about 300 MB to download,
so the process might take some time.

Please remember to shut the virtual machine down once your work on
Tails is done:

$ rake vm:halt

Bringing machine 'default' up with 'virtualbox' provider...
[default] Box 'tails-builder-20150609' was not found. Fetching box from
specified URL for
the provider 'virtualbox'. Note that if the URL does not have
a box for this provider, you should interrupt Vagrant now and add
the box yourself. Otherwise Vagrant will attempt to download the
full box prior to discovering this error.
Downloading box from URL:
http://dl.amnesia.boum.org/tails/project/vagrant/tails-builder-20150609.box
Extracting box...te: 687k/s, Estimated time remaining: 0:00:01))
Successfully added box 'tails-builder-20150609' with provider 'virtualbox'!
[default] Importing base box 'tails-builder-20150609'...
[default] Matching MAC address for NAT networking...
[default] Setting the name of the VM...
[default] Clearing any previously set forwarded ports...
[default] Clearing any previously set network interfaces...
[default] Preparing network interfaces based on configuration...
[default] Forwarding ports...
[default] -- 22 =>  (adapter 1)
[default] Running 'pre-boot' VM customizations...
[default] Booting VM...
[default] Waiting for machine to boot. This may take a few minutes...
rake aborted!
Vagrant::Errors::VMBootTimeout: Timed out while waiting for the machine
to boot. This means that
Vagrant was unable to communicate with the guest machine within
the configured ("config.vm.boot_timeout" value) time period. This can
mean a number of things.

If you're using a custom box, make sure that networking is properly
working and you're able to connect to the machine. It is a common
problem that networking isn't setup properly in these boxes.
Verify that authentication configurations are also setup properly,
as well.

If the box appears to be booting properly, you may want to increase
the timeout ("config.vm.boot_timeout")
value./usr/share/vagrant/plugins/providers/virtualbox/action/customize.rb:40:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/boot.rb:18:in `call'
/usr/share/vagrant/plugins/providers/virtualbox/action/customize.rb:40:in `call'
/usr/share/vagrant/plugins/providers/virtualbox/action/sane_defaults.rb:49:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/forward_ports.rb:31:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/network.rb:112:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/clear_network_interfaces.rb:26:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/prepare_nfs_settings.rb:15:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/prepare_nfs_valid_ids.rb:12:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/prepare_forwarded_port_collision_params.rb:30:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/clear_forwarded_ports.rb:13:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/set_name.rb:48:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/clean_machine_folder.rb:17:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/check_accessible.rb:18:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/check_virtualbox.rb:17:in
`call'
/usr/share/vagrant/plugins/providers/virtualbox/action/check_virtualbox.rb:17:in
`call'
Tasks: TOP => build => vm:up


there was a similar issue happening before, that required ssh'ing into
builder and updating grub. This time, it's udev, and I can't force it to
upgrade:
Unpacking udev (215-17+deb8u3) over (215-17+deb8u1) ...
dpkg: error processing archive
/var/cache/apt/archives/udev_215-17+deb8u3_amd64.deb (--unpack):
 trying to overwrite `/lib/udev/write_net_rules', which is the diverted
version of `/lib/udev/write_net_rules.udev'
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
Processing triggers for systemd (215-17+deb8u1) ...
Processing triggers for man-db (2.7.0.2-5) ...
Errors were encountered while processing:
 /var/cache/apt/archives/udev_215-17+deb8u3_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

removing the divert gets it further:
# 

Re: [Tails-dev] Hacking Team looking at Tails

[Austin English]

On Sat, Feb 20, 2016 at 6:26 AM, sajolida <sajol...@pimienta.org> wrote:
> Austin English:
>> On Thu, Feb 18, 2016 at 11:37 AM, intrigeri <intrig...@boum.org> wrote:
>>> Austin English wrote (18 Feb 2016 16:56:29 GMT) :
>>>> I'm not sure what action we should suggest.
>>>
>>> Re-installing from scratch is perhaps the only safe option we can
>>> provide in the current state of our tools.
>>
>> +1
>>
>> I filed https://labs.riseup.net/code/issues/11137 to track this. I'll
>> work on this as time permits. May need some help with the greeter
>> portion, we'll see.
>
> I like this idea. As intrigeri pointed out, this is not so much about
> detecting malware for real, but really about training users about good
> practices "Don't plug your Tails in an untrusted OS". I also agree that
> we should explain that reinstalling is the only solution.
> Though installing from the same untrusted OS really won't be.

Agreed.

> Austin, once you get time to work on the implementation part of this, I
> suggest sharing with us mockups about this would be presented to the
> user on tails...@boum.org before you write the corresponding code (maybe
> you can write the detection code itself first). At least regarding the
> phrasing, when and how the message occurs, what's proposed as ways out
> of the message, the need for extra doc, etc.

Absolutely! I was going to request help for the ux portion, because
I'm uncomfortable with choosing that phrasing, as it is very
important. I'm a native English speaker, but I want to make sure the
message is clear to non-native speakers.

My thought was to have detection code before the greeter, then if
detected, have the greeter pop up some big red warning box. Beyond
that, I'm open to ideas on specifics. But that can be discussed on
tails-ux once the first part is done.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Hacking Team looking at Tails

[Austin English]

On Thu, Feb 18, 2016 at 11:37 AM, intrigeri <intrig...@boum.org> wrote:
> Austin English wrote (18 Feb 2016 16:56:29 GMT) :
>> I'm not sure what action we should suggest.
>
> Re-installing from scratch is perhaps the only safe option we can
> provide in the current state of our tools.

+1

I filed https://labs.riseup.net/code/issues/11137 to track this. I'll
work on this as time permits. May need some help with the greeter
portion, we'll see.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Hacking Team looking at Tails

[Austin English]

On Thu, Feb 18, 2016 at 10:51 AM, intrigeri  wrote:
>> I was thinking about this last night, it likely wouldn't be too hard
>> to write a wrapper for the greeter to detect if those files (or other
>> similar files/directories, like __MACOSX) are present. It should then
>> be possible to pop up a very big warning in the greeter, ideally
>> before the user has a chance to type in their persistence password (if
>> used) or before starting a session.
>
>> [...]
>
>> Thoughts? If there's interest / lack of opposition I'll file a ticket.
>
> Sounds like this could possibly help educate users about a dangerous
> practice, which seems great! Perhaps the proposal could include a part
> about what action this warning would suggest to the user?

I'm not sure what action we should suggest. Purging those files would
get rid of the warning, but doesn't guarantee that the installation is
safe to use. That may only hide the problem since it may be infected
by an attacker. I'm not sure how the user could detect / verify that
(realistically, you probably can't..). Running a rootkit checker from
another *nix OS may be helpful, but of unknown effectiveness.

> 2 more cts: the exact wording should probably not expose the feature
> as a malware detector (since a Tails system can't verify itself
> reliably, the way it's currently designed).

Agreed.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Hacking Team looking at Tails

[Austin English]

On Feb 16, 2016 2:42 PM, "anonym" <ano...@riseup.net> wrote:
>
> Austin English:
> > On Tue, Feb 16, 2016 at 12:25 PM, Spencer <spencer...@openmailbox.org>
wrote:
> >>> Austin English:
> >>> write a wrapper for the greeter to detect if those files
> >>> are present.
> >>
> >> It could also detect hidden partitions, correct?
> >
> > Possibly, I'm not sure how that would be accomplished myself..
>
> If you are referring to the "hidden partition" flag, then detection is
> trivial. This flag is just that, a bit somewhere that if set, software
> may *pretend* to not see it, if that has been implemented. :) Yes, a
> piece of software not implementing the hiding would see it, just like
> any other partition.

I'm familiar with that, I'm assuming that could be automated with fdisk or
similar. I didn't know if there was (potentially) something more nefarious
at play.
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Hacking Team looking at Tails

[Austin English]

On Tue, Feb 16, 2016 at 12:25 PM, Spencer <spencer...@openmailbox.org> wrote:
> Hi,
>
>>
>> Austin English:
>> write a wrapper for the greeter to detect if those files
>> are present.
>>
>
> It could also detect hidden partitions, correct?
>
>
> Wordlife,
> Spencer
>
>
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> tails-dev-unsubscr...@boum.org.

Possibly, I'm not sure how that would be accomplished myself..

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Hacking Team looking at Tails

[Austin English]

On Tue, Feb 16, 2016 at 2:41 AM, Spencer  wrote:
> Hi,
>
>>
>> intrigeri:
>> don't keep a record
>>
>> never looked deeper than the root directory
>>
>
> No worries (:
>
> Wordlife,
> Spencer
>
>
>
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> tails-dev-unsubscr...@boum.org.

Those files can definitely end up in lower directories (from what I've
seen of other live usb sticks).

I was thinking about this last night, it likely wouldn't be too hard
to write a wrapper for the greeter to detect if those files (or other
similar files/directories, like __MACOSX) are present. It should then
be possible to pop up a very big warning in the greeter, ideally
before the user has a chance to type in their persistence password (if
used) or before starting a session.

That would also allow differentiating between Windows and OSX, but I
don't think that differentiation matters in practice.

Thoughts? If there's interest / lack of opposition I'll file a ticket.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Mount VeraCrypt volumes

[Austin English]

On Sun, Feb 14, 2016 at 1:01 PM, SecUpwN  wrote:
>
> Dear Tails Developers,
>
> please have a look at attached message.
>
> Would you please include cryptsetup version 1.6.7 or above in the upcoming
> Tails to enable mounting of VeraCrypt volumes?
>
> Thank you so much for developing Tails! :)
>
> SecUpwN // The AIMSICD Privacy Project
> ANDROID APP: https://git.io/AIMSICD
>
>
>  Original Message 
> Subject: Re: Mount VeraCrypt volumes
> Local Time: February 14, 2016 6:43 pm
> UTC Time: February 14, 2016 6:43 PM
> From: tails-b...@boum.org
> To: secu...@protonmail.ch
>
>
> Hi,
>
> Sorry for the late reply.
>
> You should better get in touch with the dev team at tails-dev@boum.org
> for such feature request.
>
> Thanks.
>
>> please have a look at the following reply at
>> https://github.com/veracrypt/VeraCrypt/issues/42#issuecomment-180271421. In
>> short, the VeraCrypt developers would like you to update cryptsetup in
>> Tails.
>>
>>> >It is better to ask them to include cryptsetup version 1.6.7 or above
>>> > since VeraCrypt support has been included since this version:
>>> > https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/v1.6.7-ReleaseNotes
>> We'd be happy to see these things get adressed in the next Tails.
>>
>> Thank you and have a wonderful sunday!
>
>
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> tails-dev-unsubscr...@boum.org.

I've updated https://labs.riseup.net/code/issues/8911 accordingly.
I'll take a deeper look in the coming days.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] ebuild for tails-installer

[Austin English]

Great Miguel!

I'll work on getting it merged once I'm back and I finish my developer
onboarding.

On Feb 7, 2016 3:30 PM, "Miguel Angel Marco Buzunariz" <mma...@unizar.es>
wrote:
>
> Good news!
>
> Poncho merged my pull requests in his torbrowser overlay. He also
improved my ebuild a bit. That means that option 2) of what I mentioned in
my previous email should "just work".
>
> So now, a gentoo user  that wants to get tails-installer just needs to do
the following:
>
> first, install the layman tool to manage overlays (if it is not already
installed):
>
> $ emerge layman
>
> then pull the torbrowser overlay (if it is not installed already):
>
> $ layman -a torbrowser
>
> finally, just the usual installation:
>
> $ emerge tails-installer
>
> Deppending on the user configuration, the system might complain about the
package not being marked as stable. In that case, add a line like
>
> =app-misc/tails-installer-4.4.7
>
> to the file /etc/portage/packages.keywords
> (again, deppending on the user configuration, the emerge command itself
could offer the option of doing this automatically).
>
> If you want to include this information in the web page, and need some
further explanations, please contact me.
>
> However, I think roght now it would be better to wait and see if Austin
English can manage to include the ebuild in the main portage tree, which
would make the process even simpler.
>
> Best,
>
> Miguel Marco
>
>
> > In gentoo, there are essentially three ways to install a package
through the
> > package manager:
> >
> > 1) Packages that are included in the main portage tree (that would be
the
> > official packages of the distro)
> > 2) Packages included in one of the layman overlays (would be like
thirthd
> > party repos, but can be easily managed with a tool provided by the
distro).
> > 3) Packages in the local overlay of the user (would be the equivalent of
> > downloading a .deb package and install it manually).
> >
> > I have no contact with the official gentoo team, so can't do much about
> > option 1). However, Austin English, who also showed interest in this,
might
> > help with that. AFAIK, he is on hollyday now. Maybe when he comes back
he
> > could help with that. If this get fixed, gentoo users that want to
install
> > tails-installer should just use the standard way:
> >
> > $ emerge tails-installer
> >
> > and that would be it (well, maybe some work should be done to allow the
> > installation of a package that is not marked as fully stable, but that
is
> > the
> > kind of things that a typical gentoo user is used to deal with)
> >
> > About option 2), I also don't maintain any of those semioficial
overlays.
> > However, one of those overlays is focused preciselly on torbrowser and
> > related packages. I have already sent a pull request to include my
ebuild
> > in it. If it is merged, the installation would be almost as easy. Just
> > install the layman tool in the usual way and then:
> >
> > $ layman -a torbrowser
> > $ emerge tails-installer
> >
> > Finally, until 1) and/or 2) become possible, a regular user can use a
local
> > overlay. In order to do so, (s)he should follow the following steps:
> >
> > a) enable the local overlay by adding a line like
> >
> > PORTDIR_OVERLAY = "/usr/local/portage/"
> >
> > to the file /etc/portage/make.conf
> >
> > b) copy the directory tails-installer and its content inside of the
> > directory
> > /usr/local/portage/app-misc
> >
> > c) run the usual "emerge tails-installer" command.
> >
> > I hope this helps to clarify the general picture. If you need more
details,
> > I
> > would be happy to provide them.
> >
> >
> > P.S. During the writing of the ebuild I noticed that there are several
> > dependencies that are not listed in the README file. They are the
following:
> >
> > configobj
> > urlgrabber
> > python-distutils-extra
> > pygobject
> > pyparted
> > cdrtools
> > gptfdisk
> >
> >
> > best,
> >
> > Miguel Marco
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] ebuild for tails-installer

[Austin English]

On Feb 3, 2016 3:19 PM, "intrigeri" <intrig...@boum.org> wrote:
>
> Hi,
>
> (sorry I didn't read the entire thread; if there's anything not
> Gentoo-specific that I should be aware of, please point me to it
> explicitly)

No, Gentoo specific, ignore :).

> Austin English wrote (03 Feb 2016 04:30:12 GMT) :
> > It would be extremely helpful if source tarballs were available at Tails
> > upstream for each release.
>
> Our upstream tarballs can be found there:
>
>  http://deb.tails.boum.org/pool/main/t/tails-installer/
>  http://ftp.us.debian.org/debian/pool/main/t/tails-installer/

Fantastic, thanks!
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] ebuild for tails-installer

[Austin English]

On Feb 1, 2016 6:33 PM, <mma...@unizar.es> wrote:
>
> In gentoo, there are essentially three ways to install a package through
the
> package manager:
>
> 1) Packages that are included in the main portage tree (that would be the
> official packages of the distro)
> 2) Packages included in one of the layman overlays (would be like thirthd
> party repos, but can be easily managed with a tool provided by the
distro).
> 3) Packages in the local overlay of the user (would be the equivalent of
> downloading a .deb package and install it manually).
>
> I have no contact with the official gentoo team, so can't do much about
option
> 1). However, Austin English, who also showed interest in this, might help
with
> that. AFAIK, he is on hollyday now. Maybe when he comes back he could help

Yes, I am, but I've got a few minutes to reply. I'm in the process of
becoming a Gentoo developer myself, and child commit it at that point, or I
have other contacts that may be willing.

> with that. If this get fixed, gentoo users that want to install
tails-installer
> should just use the standard way:
>
> $ emerge tails-installer
>
> and that would be it (well, maybe some work should be done to allow the
> installation of a package that is not marked as fully stable, but that is
the
> kind of things that a typical gentoo user is used to deal with)

Yes,  but unfortunately this package could never be stable,  as it's a
- (for non Gentoo people,  that refers to live/trunk ebuilds rather
than one that is tied to a specific version).

It would be extremely helpful if source tarballs were available at Tails
upstream for each release. That would allow Gentoo upstream to stabilize
known good versions after a period of testing.

> About option 2), I also don't maintain any of those semioficial overlays.
> However, one of those overlays is focused preciselly on torbrowser and
related
> packages. I have already sent a pull request to include my ebuild in it.
If it
> is merged, the installation would be almost as easy. Just install the
layman
> tool in the usual way and then:
>
> $ layman -a torbrowser
> $ emerge tails-installer
>
> Finally, until 1) and/or 2) become possible, a regular user can use a
local
> overlay. In order to do so, (s)he should follow the following steps:
>
> a) enable the local overlay by adding a line like
>
> PORTDIR_OVERLAY = "/usr/local/portage/"
>
> to the file /etc/portage/make.conf
>
> b) copy the directory tails-installer and its content inside of the
directory
> /usr/local/portage/app-misc
>
> c) run the usual "emerge tails-installer" command.
>
> I hope this helps to clarify the general picture. If you need more
details, I
> would be happy to provide them.
>
>
> P.S. During the writing of the ebuild I noticed that there are several
> dependencies that are not listed in the README file. They are the
following:
>
> configobj
> urlgrabber
> python-distutils-extra
> pygobject
> pyparted
> cdrtools
> gptfdisk
>
>
> best,
>
> Miguel Marco
>
>
>
>
>
>
> > Miguel Angel Marco Buzunariz:
> > > I have uploaded the ebuild to
> > > https://github.com/miguelmarco/tails-installer-ebuild
> > >
> > > If someone has access to a gentoo box, please test it.
> > >
> > > If furthermore someone maintains a gentoo overlay, or any other place
were
> > > it
> > > makes sense to offer an ebuild, please feel free to include it.
> >
> > Hi Miguel,
> >
> > I never used Gentoo myself so I won't be able to test this.
> >
> > But I wrote the new set of installation instructions [1] and I wonder
> > when and how we should document tails-installer for Gentoo in there.
> >
> > So, what would be the process for the official inclusion of
> > tails-installer in Gentoo? What needs to happen before a regular Gentoo
> > user can use your work?
> >
> > Once this happen, I'd like to get some basic instructions so I can maybe
> > test this in a Gentoo live CD and then I'll propose something to
> > document this in [1].
> >
> > [1]: https://tails.boum.org/install/
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] ebuild for tails-installer

[Austin English]

On Wed, Jan 20, 2016 at 6:14 AM,   wrote:
> Hi, all
>
> Since the recent announcement of tails-installer package for debian, I thought
> it could be cool to have packages for other distros. In particular I use
> gentoo, so writing an ebuild shouldn't be really hard (it is basically a
> script that downloads the code, compiles and installs it). I could do it
> myself, but I haven't found the location of the source code of tails-
> installer.
>
> Is it in the full repo of tails or does it have a specific repo somewhere 
> else?

Hi Miguel,

I was going to do to the same, and asked on IRC yesterday, but didn't
get a reply until this morning:
https://git-tails.immerda.ch/liveusb-creator

Before that, I was considering using the debian orig.tar.gz:
http://http.debian.net/debian/pool/main/t/tails-installer/tails-installer_4.4.6+dfsg.orig.tar.gz

Linked from:
https://packages.debian.org/en/sid/main/tails-installer

But if you're planning to do so, I'll hold off. I'm about to go on
holiday anyway, so it may be a while before I can.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Call for testing: Tails Installer in Debian testing/unstable, and Ubuntu

[Austin English]

On Sun, Jan 17, 2016 at 10:02 AM, intrigeri  wrote:
> Hi,
>
> Tails Installer is now available:
>
> 1. in Debian testing/unstable
>
> 2. in a Ubuntu PPA:
>
>   https://launchpad.net/~tails-team/+archive/ubuntu/tails-installer
>
> The package is called: tails-installer.
>
> Please test it :)
>
> We'll follow-up here once the package is also available for Debian
> stable (Jessie) users, via the official jessie-backports.
>
> Cheers,
> --
> intrigeri
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to 
> tails-dev-unsubscr...@boum.org.

I tested this on Debian Unstable, with an iso I already had
downloaded. There were some warnings about my internal hdd:
austin@debian-laptop:~$ tails-installer-launcher
[creator.py:622 (detect_supported_drives)] WARNING: Skipping device
'/org/freedesktop/UDisks2/block_devices/sda' connected to '' interface
[creator.py:622 (detect_supported_drives)] WARNING: Skipping device
'/org/freedesktop/UDisks2/block_devices/sda5' connected to ''
interface
[creator.py:622 (detect_supported_drives)] WARNING: Skipping device
'/org/freedesktop/UDisks2/block_devices/sda3' connected to ''
interface
[creator.py:622 (detect_supported_drives)] WARNING: Skipping device
'/org/freedesktop/UDisks2/block_devices/sda2' connected to ''
interface
[creator.py:622 (detect_supported_drives)] WARNING: Skipping device
'/org/freedesktop/UDisks2/block_devices/sda1' connected to ''
interface

fyi (not sure if that's intended for users to see or not). In any
case, the installer worked fine on a 4GB usb key, though it did
require me to authenticate with sudo twice. Perhaps a warning should
be made that this will occur in the GUI (or recommend root). It booted
on my hardware that I normally use with tails.

This should make testing new isos MUCH easier, thanks everyone!
-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] TAILS camouflage

[Austin English]

It was removed because it wasn't compatible with Jessie's gnome.

See 78261b6b7ffd8af41b05d4dbe41e54d05ec16492

On Thu, Jan 14, 2016 at 4:49 PM, Christian Medel
 wrote:
> Hi,
>
> Due to the lack of time of the "original" developers, I have come with the
> idea of maybe trying to create code to include the camouflage, hopefully in
> 2.0.
>
> I have done some research on how Debian loads up the system, but haven't
> found a specific file (or fileS) that starts up the DE.
>
> Can someone indicate which files are those displaying, for example, the
> advanced options pop-up or the advanced options window BEFORE Gnome loads?
>
> --
> Christian Medel
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> tails-dev-unsubscr...@boum.org.



-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] TAILS camouflage

[Austin English]

Hi Christian,

Yeah, I saw your previous post and greatly appreciate the work you put
into this :)

I'd love to help with this, unfortunately my time for the next month
or two is very limited, and I'm not familiar with how theming works.
I'll try to test this when time permits, but I hope someone else will
beat me to it.

In any case, if someone that is familiar with tails and its (previous)
theme configuration is available for some questions, please let me
know so I can ping you when trying to add back camo support.

Cheers,
Austin

On Thu, Jan 14, 2016 at 8:58 PM, Christian Medel
<cmedelahum...@gmail.com> wrote:
> I was asked if I could adapt this one for 2.0 since I'm the developer :
> http://gnome-look.org/content/show.php/Windows+10+Transformation+Pack?content=171327
>
> Earlier in this mailing list, I posted this link that directed to the
> "adapted" version for GNOME 3.8
>
> 2016-01-14 18:11 GMT-05:00 Austin English <austinengl...@gmail.com>:
>>
>> It was removed because it wasn't compatible with Jessie's gnome.
>>
>> See 78261b6b7ffd8af41b05d4dbe41e54d05ec16492
>>
>> On Thu, Jan 14, 2016 at 4:49 PM, Christian Medel
>> <cmedelahum...@gmail.com> wrote:
>> > Hi,
>> >
>> > Due to the lack of time of the "original" developers, I have come with
>> > the
>> > idea of maybe trying to create code to include the camouflage, hopefully
>> > in
>> > 2.0.
>> >
>> > I have done some research on how Debian loads up the system, but haven't
>> > found a specific file (or fileS) that starts up the DE.
>> >
>> > Can someone indicate which files are those displaying, for example, the
>> > advanced options pop-up or the advanced options window BEFORE Gnome
>> > loads?
>> >
>> > --
>> > Christian Medel
>> >
>> > ___
>> > Tails-dev mailing list
>> > Tails-dev@boum.org
>> > https://mailman.boum.org/listinfo/tails-dev
>> > To unsubscribe from this list, send an empty email to
>> > tails-dev-unsubscr...@boum.org.
>>
>>
>>
>> --
>> -Austin
>> ___
>> Tails-dev mailing list
>> Tails-dev@boum.org
>> https://mailman.boum.org/listinfo/tails-dev
>> To unsubscribe from this list, send an empty email to
>> tails-dev-unsubscr...@boum.org.
>
>
>
>
> --
> Christian Medel
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> tails-dev-unsubscr...@boum.org.
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Call for testing new tools and instructions to get started with Tails

[Austin English]

On Wed, Dec 23, 2015 at 9:07 AM, sajolida  wrote:
> We are aware that the process of getting started with Tails
> (downloading, verifying, installing, starting, and configuring) might be
> the main stumbling block for its wider adoption.
>
> Over 2015, we have worked very hard to make this process easier and
> today we are happy to release a first beta version of the new process.
>
> We worked on:
>
> 1. A Firefox add-on to automate the verification of the ISO image,
>written by Giorgio Maone, the author of NoScript.

Awesome! Can confirm it works with Iceweasel on Debian Unstable
(tested using 40.0.3-3). Really slick, thanks Giorgio.

> 2. The inclusion of Tails Installer directly in Ubuntu (and Debian
>really soon), to avoid burning a DVD, using two USB sticks, or going
>through the command line.

Also awesome!

> 3. New instructions on the website to present the process
>step-by-step, according to your operating systems, skills, and
>available hardware.

Very nice.

> We would love to have many diverse people test it and tell us what
> they think. For example, if you tried to install or verify Tails in
> the past but failed, your feedback will be much appreciated!
>
> It would be most helpful to point out:
>
>   - Technical problems. If you think that something technical failed
> during the process, try to describe in details what you were
> trying to do and how it failed.
>   - Usability problems. If you fail to understand something, point us
> to the part that is unclear; if you get a result different from
> what you expected, tell us what surprised you in a bad way.
> Please don't report problems that you think other people might
> face, unless you are a usability expert :)

I was surprised that the Other Linux instructions mention two usb
drives but not an option to use a DVD and 1 usb drive. Was that
intentional? I don't always have extra usb sticks available (or ones
that I trust), but blank DVDs are relatively cheap (and that's how I
first installed Tails ;) ).

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Windows 10 theme for Tails/Jessie

[Austin English]

Hi Christian,

Any update on this? Tails 2.0 (jessie) has entered beta.

On Tue, Oct 27, 2015 at 2:59 PM, Christian Medel
 wrote:
> I got it to work shortly, and this is the result :
>
>
>
> 2015-10-27 15:36 GMT-04:00 Christian Medel :
>>
>> I get a SHELL crash everytime I activate this extension.
>>
>> I guess their focus is on 3.18 now
>>
>> 2015-10-27 15:16 GMT-04:00 Christian Medel :
>>>
>>> Makes sense to me. I'll try that extension and post the result. Hope the
>>> poor guy who will have to port won't have much work...
>>>
>>> 2015-10-27 14:46 GMT-04:00 anonym :

 Christian Medel:
 > Wow! what an extension, it looks perfect!
 >
 > I'll have a try at it right now.

 Excellent!

 > By the way I had a try at applying the theme in the latest TAILS ISO
 > and
 > this is the result :
 >
 > Preview of Windows 10 on TAILS latest testing version
 > http://imgur.com/a/22nzi
 >
 > *note : GNOME-SHELL theme didn't change nothing*

 Yeah, I saw this in your other email. Looks like a step in the right
 direction, but without some sort of "task-bar" extension, like the one
 above, it will not be very convincing.

 I'm eagerly anticipating what you'll manage to cook up with that
 extension! :)

 > Also, Murrine engine is needed for the gtk 2 apps to have a decent
 > look,
 > otherwise they look like win95

 Right. Like I said before, I think it's most efficient if you focus on
 making your theme work on Debian Jessie, and then some Tails developer
 make it work in Tails. What do you think?

 Cheers!

 ___
 Tails-dev mailing list
 Tails-dev@boum.org
 https://mailman.boum.org/listinfo/tails-dev
 To unsubscribe from this list, send an empty email to
 tails-dev-unsubscr...@boum.org.
>>>
>>>
>>>
>>>
>>> --
>>> Christian Medel Ahumada
>>
>>
>>
>>
>> --
>> Christian Medel Ahumada
>
>
>
>
> --
> Christian Medel Ahumada
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> tails-dev-unsubscr...@boum.org.



-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Windows 10 theme for Tails/Jessie

[Austin English]

On Thu, Dec 10, 2015 at 9:51 AM, Christian Medel
 wrote:
> It's been a while since I last emailed about this. Anyways, I got Jessie
> working on Virtualbox but Debian crashes for no reason. I have GTK 2 and 3
> ready, for some weird reason Metacity refuses to work, but I know the
> structure is all right.
>
> I'll reinstall Debian and post results when finished. Sorry for taking so
> much time.

Thanks for working on this Christian! I think it's very important to
many tails users.

--
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Support of "go get" command

[Austin English]

On Fri, Oct 30, 2015 at 3:54 PM,  wrote:

> Austin,
>
> can you write the exact command you've used? Tails 1.6?
>
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to
> tails-dev-unsubscr...@boum.org.
>

Hi there,

No, I used 1.7-rc1 as mentioned in the previous thread (1.6 failed for me
last I tried, but my memory is fallible).

For 1.7-rc1, I:
* booted tails
* set an administrator password
* logged into tails
* once Tor was activated, I opened a terminal:
$ sudo su -
# apt-get update
# apt-get -y install golang
# exit
$ go get github.com/golang/example/hello

Hope that helps.
--
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Support of "go get" command

[Austin English]

On Mon, Oct 12, 2015 at 10:47 AM, intrigeri  wrote:
> Hi,
>
> billingscience...@ruggedinbox.com wrote (17 Sep 2015 20:25:14 GMT) :
>> Running git under torsocks under go get under torsocks fails because
>> the outer torsocks doesn't allow the inner torsocks to connect
>> to localhost.
>
> Interesting statement: last time I checked, torsocks 2.x avoided
> putting its shared library twice into LD_PRELOAD, and one could
> perfectly well run "torsocks torsocks $COMMAND". Perhaps this comment
> was about torsocks 1.x? Or rather about mixing torsocks with
> connect-socks?
>
> The quoted text was authored by Leif [2], Cc'ed, who might want to
> clarify or test it again.
>
> [2] https://github.com/agl/xmpp-client/issues/82#issuecomment-77403349
>
> Cheers,
> --
> intrigeri
> ___
> Tails-dev mailing list
> Tails-dev@boum.org
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to 
> tails-dev-unsubscr...@boum.org.

This seems to work for me out of the box in 1.7-rc1, using
https://github.com/golang/example for example code to get.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] Tails fails to run inside Qubes OS

[Austin English]

On Mon, Oct 19, 2015 at 2:40 AM, intrigeri  wrote:
> Hi,
>
> Patrick Schleizer wrote (18 Oct 2015 14:30:50 GMT) :
>> For some reason I cannot answer to any Tails redmine tickets.
>
> If you believe there's a bug on the Redmine side:
> https://labs.riseup.net/code/projects/riseuplabs/issues
> (but please ensure you retry with JS enabled first.)
>
>> So here is my test report of Tails inside Qubes OS.
>
> Thanks, interesting.
>
> It would be good to know what version of Tails you tried, because the
> bug report is self-contradicting ("I've downloaded Tails 1.6.
> Stored in my iso-download (debian-8 based) AppVM").

I don't think it's self contradicting. debian-8 based describes the
Qubes VM that the ISO was downloaded in, not a description of which
Tails version was used.

But yes, testing a Jessie build would be great.

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] [Bug-wget] Wget Sending Original IP !!

[Austin English]

On Fri, Oct 2, 2015 at 6:54 AM, Austin English <austinengl...@gmail.com> wrote:
> On Oct 2, 2015 4:50 AM, "intrigeri" <intrig...@boum.org> wrote:
>>
>> Hi,
>>
>> Austin English wrote (07 Sep 2015 20:30:59 GMT) :
>> > On Mon, Sep 7, 2015 at 3:25 PM, Austin English <austinengl...@gmail.com>
>> > wrote:
>> >> Rebasing it was trivial (the conflict was on adding the test to the
>> >> Makefile). It looks like upstream has a bug (they don't actually run
>> >> the tests), but that's fixed in this patch.
>>
>> > Small correction, their build system changed, upstream does not have a
>> > bug in that regard.
>>
>> Thanks again for requesting a CVE ID about it. The CVE folks have
>> analyzed this in depth and concluded it is a Tails vulnerability, not
>> a wget one. So we got our first CVE ID, it seems:
>>
>>   http://www.openwall.com/lists/oss-security/2015/10/01/10
>>
>> ⇒ this won't get fixed via Debian security update, and we need to
>> handle it on our side.
>>
>> Austin, given this, can you please give advice wrt. what's the easiest
>> safe way to fix that problem in Tails? Can we do that on Tails/Wheezy
>> with configuration only, or do we need to patch wget? Is it any
>> different in Tails/Jessie, or with wget 1.16.3 that we could perhaps
>> backport?
>>
>> (Sorry, I've no time/energy at the moment to re-read the entire thread
>> and the one it links to.)
>>
>> Also, any idea if other FTP clients we ship (at least Tor Browser and
>> Nautilus) are affected by this problem?
>>
>> I'd like to see tickets on our Redmine track the known problem, and
>> the research about more potential ones. If you don't feel like
>> creating these tickets, let me know and I'll do it.
>>
>> Cheers,
>> --
>> intrigeri
>
> I'm on holiday for the next two weeks,  so please create the tickets.
>
> Afaict, it requires patching wget. The fix backports cleanly, the tests
> don't (I've manually backported that).

wget/CVE-2015-7665: https://labs.riseup.net/code/issues/10364
Investigate nautilus/Tor Browser: https://labs.riseup.net/code/issues/10365

-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] [Bug-wget] Wget Sending Original IP !!

[Austin English]

On Oct 2, 2015 4:50 AM, "intrigeri" <intrig...@boum.org> wrote:
>
> Hi,
>
> Austin English wrote (07 Sep 2015 20:30:59 GMT) :
> > On Mon, Sep 7, 2015 at 3:25 PM, Austin English <austinengl...@gmail.com>
wrote:
> >> Rebasing it was trivial (the conflict was on adding the test to the
> >> Makefile). It looks like upstream has a bug (they don't actually run
> >> the tests), but that's fixed in this patch.
>
> > Small correction, their build system changed, upstream does not have a
> > bug in that regard.
>
> Thanks again for requesting a CVE ID about it. The CVE folks have
> analyzed this in depth and concluded it is a Tails vulnerability, not
> a wget one. So we got our first CVE ID, it seems:
>
>   http://www.openwall.com/lists/oss-security/2015/10/01/10
>
> ⇒ this won't get fixed via Debian security update, and we need to
> handle it on our side.
>
> Austin, given this, can you please give advice wrt. what's the easiest
> safe way to fix that problem in Tails? Can we do that on Tails/Wheezy
> with configuration only, or do we need to patch wget? Is it any
> different in Tails/Jessie, or with wget 1.16.3 that we could perhaps
> backport?
>
> (Sorry, I've no time/energy at the moment to re-read the entire thread
> and the one it links to.)
>
> Also, any idea if other FTP clients we ship (at least Tor Browser and
> Nautilus) are affected by this problem?
>
> I'd like to see tickets on our Redmine track the known problem, and
> the research about more potential ones. If you don't feel like
> creating these tickets, let me know and I'll do it.
>
> Cheers,
> --
> intrigeri

I'm on holiday for the next two weeks,  so please create the tickets.

Afaict, it requires patching wget. The fix backports cleanly, the tests
don't (I've manually backported that).
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] [Bug-wget] Wget Sending Original IP !!

[Austin English]

On Sep 1, 2015 12:17 PM, "Austin English" <austinengl...@gmail.com> wrote:
>
> On Tue, Sep 1, 2015 at 11:08 AM, intrigeri <intrig...@boum.org> wrote:
> > Hi,
> >
> > Austin English wrote (31 Aug 2015 19:48:50 GMT) :
> >> On Tue, Aug 18, 2015 at 5:03 AM, intrigeri <intrig...@boum.org> wrote:
> >>> Could you please check:
> >>>
> >>> 1. if this is worth a CVE ID
> >
> > Ping on this part? Without a CVE, it'll be painful to track by the
> > Debian security team.
> >
> >>> 2. if the proposed patchset applies on top of Debian Wheezy's wget
> >
> >> The patch has been applied upstream:
> >>
http://git.savannah.gnu.org/cgit/wget.git/commit/?id=075d7556964f5a871a73c22ac4b69f5361295099
> >
> >> it does not apply cleanly to 1.16.3, conflicting on tests. The source
> >> changes, however, apply without conflict, I've attached that diff.
> >
> > OK, that's a good start. Thanks for checking! I think that resolving
> > the merge conflict will make Debian security team more at ease taking
> > the patch. Does it seem doable?
> >
> > Cheers,
> > --
> > intrigeri
> > ___
> > Tails-dev mailing list
> > Tails-dev@boum.org
> > https://mailman.boum.org/listinfo/tails-dev
> > To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
>
> I didn't try and won't be able to until next week.
>
> --
> -Austin

Note: the tests weren't too long,  so it probably wouldn't be too
difficult. I will look into it next week if no one beats me to it (but
given that it is a security issue,  I'd be happy if someone did ;) ).
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] [Tails-ux] RFC: Phrasing for warning users when running in a non-free VM

[Austin English]

On Mon, Aug 10, 2015 at 8:42 AM, sajolida sajol...@pimienta.org wrote:
 Austin English:
 On Sun, Aug 9, 2015 at 6:42 AM, sajolida sajol...@pimienta.org wrote:
 Austin English:
 On Aug 8, 2015 11:30 AM, intrigeri intrig...@boum.org wrote:

 Consider using a
 href='https://www.virtualbox.org/'VirtualBox/a instead.

 I'd rather move this one to the doc page about virtualization (linked
 below), which will give us more room to warn agains the non-free
 extension pack that's featured quite prominently on their download
 page. That would be the second modification needed there, to make it
 consistent with what Austin English is implementing.

 Thoughts?

 Ok, so adjusting my last proposal we could:

 1. Change the title into Warning: non-free virtual machine detected!

 2. Change the body into:

 Both the host operating system and the virtualization software are
 able to monitor what you are doing in Tails.

 Additionally, only free software, both as operating system and
 virtualization software, can be trustworthy.
 a
 href='file:///usr/share/doc/tails/website/doc/advanced_topics/virtualization.en.html#security'Learn
 more.../a

 That's better, no?

 That phrasing sounds awkward to me. How about:
 Both the host operating system and the virtualization software are
 able to monitor what you are doing in Tails.

 Only free software can be considered trustworthy, for both the host
 operating system and the virtualization software.

 a 
 href='file:///usr/share/doc/tails/website/doc/advanced_topics/virtualization.en.html#security'Learn
 more.../a

 Still not perfect, but it's an awkward sentence to try to phrase.

 Fine with me, especially if you're a native speaker. I don't know if
 that's your case, but personally I'm not :)

Yes, I am :). It sounds more natural to me than your suggestion,
though there's definitely room for improvement on it, as it sounds a
bit awkward.

Updated patch attached:
https://labs.riseup.net/code/attachments/download/884/updated-warning.txt
-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] RFC: Phrasing for warning users when running in a non-free VM

[Austin English]

Sure, sorry about that. My brain read that as tails-dev..

On Fri, Aug 7, 2015 at 4:23 PM, intrigeri intrig...@boum.org wrote:
 Hi,

 thanks a lot for caring about UX and phrasing!

 Now, as said on https://labs.riseup.net/code/issues/5315#note-23, this
 RFC should rather go to tails...@boum.org. That's where our UX folks
 discuss, and most of them do not read tails-dev@.

 May you please resend it there?

 Cheers,
 --
 intrigeri



-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

[Tails-dev] RFC: Phrasing for warning users when running in a non-free VM

[Austin English]

Howdy all,

I've attached a patch to issue 5315 [1] to warn users when running in
a non-free VM (VMWare/Oracle/etc.) I'd like to seek comments on the
actual text of the warning. My draft patch has:
Both the host operating system and the virtualization software are
able to monitor what you are doing in Tails. Additionally, non-free
virtualization software cannot be independently audited or inspected
for defects.

For reference, free (speech) VM users will receive the same warning as
they do now, which is:
Both the host operating system and the virtualization software are
able to monitor what you are doing in Tails.

[1] https://labs.riseup.net/code/issues/5315

Thanks,
Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.

Re: [Tails-dev] 32bit UEFI

[Austin English]

https://tails.boum.org/contribute/release_process/test/

On Mon, Jul 13, 2015 at 12:03 AM, 林哲民 (Lin Zhemin) lin.zhe...@gmail.com wrote:
 Hi.

 I've successfully booted TAILS nightly build (20150712) from Asus X205TA on
 a Trenscend 4GB USB 2.0 disk.  Since X205TA's internal WiFi is not supported
 until Linux 4.0 (you also have to download a binary firmware, which might
 not be secure), I used TP-LINK TL-WN722N USB WiFi and it's able to get IP
 from DHCP server.

 Unsafe browser is able to connect to my home router.

 However, with default configuration, Tor Browser shows Tor is not ready.

 Running arm in console also shows that Tor is disconnected.
 Shutting down Mac spoofing doesn't help.
 Running vidalia in console shows Vidalia was unable to start Tor.
 Tor isn't available with a USB-Ethernet adapter + DSL connection, either.

 Minor bug:
 1. Restart immediately resulted in system shutdown.
 2. Loading progress bar is broken when system boots.

 Is there an official check list to follow for a complete testing report?

 Thanks.


 2015-07-11 22:36 GMT+08:00 intrigeri intrig...@boum.org:

 Hi,

 [please don't Cc me, I read the list.]

 林哲民 (Lin Zhemin) wrote (11 Jul 2015 09:16:08 GMT) :
  I really wanted to test / work on 32bit UEFI support.  I got an Asus
  X205TA
  and want to run Tails on it.  Is there anything I can do, any test image
  I
  can run, or docs to read?

 Excellent! I meant to send a call for testing once our doc people have
 validated the approach I've chosen. So make sure you subscribe to
 our -testers@ mailing list: https://tails.boum.org/contribute/how/testing/

 Meanwhile, you can get the latest ISO image from:
 http://nightly.tails.boum.org/build_Tails_ISO_feature-8471-32-bit-UEFI/

 It needs to be installed with Tails Installer (either 'Clone 
 Upgrade' from a running DVD where you've burnt that ISO, or 'Upgrade
 from ISO' if you can spare two Tails USB sticks).

 Thanks in advance, I can't wait for your testing reports!

 Cheers,
 --
 intrigeri




 --
 A time to love, and a time to hate; a time of war, and a time of peace.
 (Ecc 3:8)

 ___
 Tails-dev mailing list
 Tails-dev@boum.org
 https://mailman.boum.org/listinfo/tails-dev
 To unsubscribe from this list, send an empty email to
 tails-dev-unsubscr...@boum.org.



-- 
-Austin
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
tails-dev-unsubscr...@boum.org.