Bug #11137: Try to detect/warn in greeter if user has plugged tails device into untrusted system

Bug #11137

Try to detect/warn in greeter if user has plugged tails device into untrusted system

Added by hybridwipe 2016-02-18 18:06:22 . Updated 2020-04-15 06:01:56 .

Status:

In Progress

Priority:

Normal

Assignee:

hybridwipe

Category:

Target version:

Start date:

2016-02-18

Due date:

% Done:

10%

Feature Branch:

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Welcome Screen

Deliverable for:

Description

See https://mailman.boum.org/pipermail/tails-dev/2016-February/010302.html, and the wider thread for background info.

In summary, some users are plugging in their Tails USB device into non-trustworthy systems, (e.g., Windows / OSX), and potentially infecting themselves. This is often noticeable because of stray files these OSes leave behind, e.g., .DS_Store, Thumbs.db, __MACOSX, etc.

We should detect these files and if any are found on the device, warn the user that their device is potentially compromised. Until Feature #7496 is finished, we don’t have any way to verify the Tails installation. Advising the user to make a clean install is likely the best course of action at this point.

A further improvement would be to detect hidden partitions on the device, and potentially change the warning as appropriate.

Files

detect_proprietary_garbage.sh (3178 B)

hybridwipe, 2016-03-02 02:36:41

Subtasks

Related issues

Related to Tails - Bug #11102: Document how much one effectively trusts non-Tails OS into which one plugs a Tails USB stick

Confirmed

2016-02-10

History

#1 Updated by hybridwipe 2016-02-18 18:06:36

related to Bug #11102: Document how much one effectively trusts non-Tails OS into which one plugs a Tails USB stick added

#2 Updated by intrigeri 2016-02-18 20:39:51

Status changed from New to Confirmed

#3 Updated by hybridwipe 2016-03-02 02:38:24

File detect_proprietary_garbage.sh added
Status changed from Confirmed to In Progress

Here’s a rough draft of what I’m thinking for detecting stray files. It doesn’t yet do anything in the greeter, nor is it integrated into the build/boot process :), and it doesn’t detect hidden partitions yet either (I need to research how to script that).

#4 Updated by BitingBird 2016-06-29 06:55:40

Assignee changed from hybridwipe to intrigeri
% Done changed from 0 to 10
QA Check changed from Dev Needed to Ready for QA

A patch was proovided, it should be reviewed :)

#5 Updated by intrigeri 2016-06-30 08:02:48

Assignee changed from intrigeri to hybridwipe
QA Check changed from Ready for QA to Dev Needed

> A patch was proovided, it should be reviewed :)

Not really: the patch is incomplete, and hybridwipe didn’t ask for other people to look at it yet.

#6 Updated by alant 2016-08-20 02:47:46

hybridwipe, are you still working on that? If you plan to work on greeter integration, please plug into the new greeter, in feature/revamp_phase1 in the greeter repository.

#7 Updated by Anonymous 2017-06-30 10:41:22

ping @hybridwipe, please see previous comment by alan. If you don’t plan to work on this anymore, please unassign yourself from this ticket. Thanks!

#8 Updated by intrigeri 2020-04-15 06:01:56

Affected tool changed from Greeter to Welcome Screen