Re: [T(A)ILS-dev] Specification and security design document

Delete this message

Reply to this message
Author: tim smy
Date:  
To: The T\(A\)ILS public development discussion list
Subject: Re: [T(A)ILS-dev] Specification and security design document


Hello

>2. In 3.2.3, there is :
>
> - [cryptsetup](http://code.google.com/p/cryptsetup/) ensures storage
> encryption using [LUKS](http://en.wikipedia.org/wiki/LUKS)


please consider loop-aes its far more secure that the others mentioned.

tim



-------- Original-Nachricht --------
> Datum: Mon, 20 Dec 2010 14:10:24 -0800
> Von: alan@???
> An: tails-dev@???
> Betreff: Re: [T(A)ILS-dev] Specification and security design document


>
> El Tue, 14 Dec 2010 10:28:44 -0800
> alan@??? escribió:
> > From: intrigeri <intrigeri@???>
> > To: tails-dev@???
> > Date: Tue, 14 Dec 2010 10:28:04 -0800
> > Enc: unencrypted
> > Sig: No signature
> >
> > Hi,
> >
> > I've starting working on our specification and security design
> > document, based on good old Incognito's one:
> >
> >     https://amnesia.boum.org/contribute/design/draft/

> >
> > Help, critics and comments are of course welcome.
> >
> > Bye,
>
> Hi,
>
> I just read the draft and it's great. Just a few comments, even thought
> I don't know everything about Tails' internals.
>
> 1. First, about what you call the « post-mortem analysis ». I like the
> term but I want to know whether it is a canonical term for security
> experts or something that might need a bit more explanation.
>
> Then, apart from the threat model, the document is not very explicit
> about this issue. There might not be much to say but I think that it
> should at least be mentioned in the requirements, part 2 :
> - What is required for a PELD to prevent from post-mortem analysis?
> - How do we think this should be provided?
>
> Again in part 3, while presenting the implementation we should explain
> more about what Tails does to achieve that. There is a paragraph on
> host system RAM but I guess we can find more to explain, like :
>   - I could imagine that some LiveDistros detect the swap areas and use
>     them.  Do we ? ;)
>   - I could imagine that some LiveDistros read the disks and possibly
>     mount the available partitions automatically. Same thing.
>   - I wonder how Tails addresses the requirements in 2.1.2, for example
>     this one : « The usage of encrypted removable storage devices (such
>     as USB sticks) should be encouraged. »

>
> I think this whole post-mortem analysis thingie is the real difference
> to put forward while talking to the Tor people ; bringing their privacy
> concerns further than just the Internet connection. You can be a Tor
> freak and get the same Tor configuration as Tails on your own system
> but you won't get the same post-mortem analysis protection.
>
> 2. In 3.2.3, there is :
>
> - [cryptsetup](http://code.google.com/p/cryptsetup/) ensures storage
> encryption using [LUKS](http://en.wikipedia.org/wiki/LUKS)
>
> Should we rather say 'offers' instead of 'ensures'. Is Tails using LUKS
> if not asked to do so ?
>
> 3. You'll find attached to this mail a very small amount of aesthetics
> and language fixes. I'm not sure whether there is a native English
> speaker in the team but, well, we would a review at some point.
>
> Cheers,
>
> --
> sajolida
>
>
>
>
> --


--
GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt auch mit
gratis Notebook-Flat! http://portal.gmx.net/de/go/dsl