> I'm putting our development list in copy so we can have this discussion > archived and in public.
Sorry, since it's open to the public discussion now, I would like to do some observations... > Possible attacks that we thought about (without really knowing whether > they are possible or not): > > - Interfere with the checksum computation This seems a infinite regress to me. What will verify the verifier? How can we make sure this extension are not corrupted? > - Interfere with the content of the web page to fool the user DNS spoof? That will not be a problem if you guys do a SSH server... > - Modify the downloaded ISO after verification How it can be done, since it's already downloaded? A operating system malicious code? >work on a Firefox extension to verify Tails ISO image. Why a Firefox extension after all? In my opinion, a stand alone software could be much more secure and equally user friendly: - Setup rsync SSH servers, with strong crypto; - This stand alone software connect to all these servers and start a distributed download of the package(s); - Software could work in a sandbox, with none privileges, so the iso image can't be modified; - After download, do a WoT with system default GnuPG and sha[256,512]sum. Don't know if it's possible or how much effort this could demand, though. --mutus _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
