Author: L.R. D.S. Date: To: tails-dev CC: jvoisin, The Tails public development discussion list, mcs, brade Subject: Re: [Tails-dev] Tails ISO verification extension for Firefox
> I'm putting our development list in copy so we can have this discussion > archived and in public.
Sorry, since it's open to the public discussion now, I would like to do some
observations...
> Possible attacks that we thought about (without really knowing whether
> they are possible or not):
>
> - Interfere with the checksum computation
This seems a infinite regress to me. What will verify the verifier? How can
we make sure this extension are not corrupted?
> - Interfere with the content of the web page to fool the user
DNS spoof? That will not be a problem if you guys do a SSH server...
> - Modify the downloaded ISO after verification
How it can be done, since it's already downloaded? A operating system malicious
code?
>work on a Firefox extension to verify Tails ISO image.
Why a Firefox extension after all?
In my opinion, a stand alone software could be much more secure and equally user
friendly:
- Setup rsync SSH servers, with strong crypto;
- This stand alone software connect to all these servers and start a distributed
download of the package(s);
- Software could work in a sandbox, with none privileges, so the iso image can't
be modified;
- After download, do a WoT with system default GnuPG and sha[256,512]sum.
Don't know if it's possible or how much effort this could demand, though.