Re: [Tails-dev] Tails Hardware

Delete this message

Reply to this message
Author: intrigeri
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Tails Hardware
Hi,

Michael English wrote (01 Jan 2016 15:49:44 GMT) :
> Tails should have a page on the website dedicated to recommended
> computer hardware.


I'd be glad to see a team commit to set up _and maintain_ such
a page :) I'm told it's often asked on #tails what hardware one
should get their hands on, to use Tails.

> For example, Tails should link users to the Computer
> vendors that pre-install Debian webpage
> https://www.debian.org/distrib/pre-installed for guaranteed
> compatibility with Tails.


Sadly, this does *not* imply guaranteed compatibility with Tails: at
least some Tails-specific problems (e.g. firmware incompatibility with
our GPT disk layout) would probably go unnoticed by these vendors.
I realize it may be nitpicking. If we're going to recommend to buy
hardware as guaranteed to work with Tails, we'd better be 100% sure it
will indeed work with Tails (for the time being, and in the future).
So perhaps it's simply a matter of phrasing it correctly, without any
promise we are not sure we can hold :)

> Also, major computer manufacturers are known
> to have BIOS level backdoors which renders Tails security useless.
> Smaller computer manufacturers on the above list would be less likely to
> violate users' security and privacy on a hardware level.


If we're going to use security as an *explicit* reason to recommend
specific vendors, we'd better have a strong argument behind it.

For example, there are such "backdoors" in Intel ME (present in any
recent Intel CPU, cannot be disabled in practice), and most computer
manufacturers use firmware (BIOS) provided by very few vendors => I'm
not convinced smaller computer vendors are significantly safer.

Here too, it may be a matter of phrasing :)

Cheers,
--
intrigeri