Project

General

Profile

Feature #16750

Persistence Plausible Deniability on Boot

Added by Anonymous 24 days ago. Updated 15 days ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
Persistence
Target version:
-
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
User interface design
Blueprint:
Starter:
Affected tool:

Description

Issue: When user creates persistent volume the presence of it is visible on boot, because the greeter asks for persistent volume password. Any person besides the owner can clearly see the presence of persistent volume by booting usb. Therefore, this poses a significant security issue.

Solution: Instead of prompting user to enter persistent volume password, user is required to add it as an additional settings instead. The persistent storage may exist or it may not and, therefore, there is no way to prove it on boot. This provides an elegant solution to plausible deniability on boot that only requires user interface change.


Related issues

Duplicates Tails - Feature #5929: Consider creating a persistence by default for plausible deniability Confirmed 08/20/2016

History

#1 Updated by intrigeri 24 days ago

  • QA Check changed from Dev Needed to Info Needed

Do I understand correctly that this would be useful only in the threat model when the adversary can see the user start Tails, but cannot get physical access to the boot medium?

#2 Updated by mercedes508 21 days ago

Anonymous wrote:

Any person besides the owner can clearly see the presence of persistent volume by booting usb. Therefore, this poses a significant security issue.

I'm wondering which security issue precisely?

Wouldn't it be solved by the following?:

https://redmine.tails.boum.org/code/issues/5929

#3 Updated by sajolida 15 days ago

  • Status changed from New to Duplicate
  • QA Check deleted (Info Needed)

#4 Updated by sajolida 15 days ago

What Anonymous is proposing could be a UX solution to #5929 but I'm still not convinced that we want that. See you on #5929.

#5 Updated by sajolida 15 days ago

  • Duplicates Feature #5929: Consider creating a persistence by default for plausible deniability added

Also available in: Atom PDF