[tor-talk] TBB, iptables, and seperation of concerns
intrigeri
intrigeri at boum.org
Mon Dec 12 18:01:32 UTC 2011
Hi,
Chris wrote (12 Dec 2011 08:35:01 GMT) :
> 1. A user should not have to download a CD from a site every time an
> update comes out.
What kind of better solution are you thinking of?
We've got an incremental upgrade system in the works:
https://tails.boum.org/todo/usb_install_and_upgrade/#index5h2
Don't hesitate using the Tails communication channels to suggest
improvements etc.
> 2. Users should not need to know how to authenticate the download (each
> update to TBB or Tails)- while nice users aren't competent enough to do in
> practice and the difficult in doing it makes it unlikely even those who
> know how may not do it. So we should avoid making the user do the
> authentication at all.
> That can be done if there is a distribution that is installed.
> Authentication of updates is already built into apt. Lets use it.
> Install once and forget.
I may be missing your point, but Tails is not a random collection of
packages that could be individually upgraded without any thought.
Tails is a carefully crafted system that aims at guaranteeing certain
properties. We do our best to ensure an ISO we ship meets a certain
specification. There is simply no possible way for us to ensure the
same for "that ISO plus any number of APT upgrades on top of it".
Details:
https://tails.boum.org/forum/Security_Updates:_apt-get_Sufficient__63__/#comment-ee6b87ae9397f6a9045f6c77fb52272d
> 3. Does tails prevent non-Tor communications? I was reading something
> which suggested it was an idea. If it is an idea chances are it isn't
> implemented.
It does. Details:
https://tails.boum.org/about/
https://tails.boum.org/contribute/design/
Cheers,
--
intrigeri <intrigeri at boum.org>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| The impossible just takes a bit longer.
More information about the tor-talk
mailing list