Project

General

Profile

Feature #8931

Bug #7552: Firefox extension to automatically verify the ISO checksum

Feature #8564: Design a wireframe of the ISO verification extension

Decide if we want to do the verification in the website or in the add-ons menus

Added by sajolida almost 5 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Installation
Target version:
-
Start date:
02/21/2015
Due date:
% Done:

0%

Feature Branch:
Type of work:
Discuss
Blueprint:
Starter:
Affected tool:
ISO Verification Extension

Description

Since the extension is targeted at new users, a MitM or exploit on
our website could defeat any verification technique by providing
simplified instructions or by faking ISO verification.

To mitigate such
an attack in some cases we could both:

  • Encourage external documentation (screencasts on YouTube, printed
    forms, etc.). But those would be vulnerable to other kind of
    attacks...
  • Not rely on the website to perform the ISO verification (use the
    add-ons menu for example). But the UX will suffer from this...

History

#1 Updated by sajolida almost 5 years ago

  • Affected tool set to ISO Verification Extension

#2 Updated by sajolida almost 5 years ago

  • Parent task changed from #8849 to #8564

Actually, this is more a UX that a security discussion.

#3 Updated by sajolida over 4 years ago

  • Status changed from Confirmed to Resolved

Since people installing Tails will have to rely on our website to provide trustworthy instructions anyway, explaining on the website how to do a better verification without relying on the website seems contradictory or at least not worth the complication in UX that it brings. And this is even more true as the extension is targetted primarily at first time user who will most likely land on our website first and install from there (for full upgrades we should rather work on #7499).

External ressources like books, security guides, and other training material should maybe instead encourage people to go through the Debian expert verification, if possible, which would then effectively provide stronger authentication.

Also available in: Atom PDF