Author: Jacob Appelbaum Date: To: tails-dev Subject: Re: [Tails-dev] Last steps toward enabling incremental upgrades by
default [Was: Please test incremental upgrades (from 0.22~rc1 to 0.22~rc2)]
intrigeri:
> Sounds good, did I miss anything?
>
I would suggest including a small shell script and one utility to test
the integrity of a tails release - something as simple as md5deep. Once
we start to change the Tails disk, we really want to ensure that an
attacker can't stick around past a reboot.
I could write such a utility but I'd like some feedback - for example -
should we run this after install and put the current state into the
persistence? Should we keep a list of hashes of all possible updates, so
that we can check a user's data set against a known good list?
The easy bit is basically to write something to check the MBR, the
partitions and then walk the file systems. It won't detect firmware
changes to the disk drive (usb, sata, whatever) but it should be able to
very easily detect any binaries that are changed. Obviously we'd need
two tails disks to really be able to do this kind of basic forensics.