Bug #11137
Try to detect/warn in greeter if user has plugged tails device into untrusted system
10%
Description
See https://mailman.boum.org/pipermail/tails-dev/2016-February/010302.html, and the wider thread for background info.
In summary, some users are plugging in their Tails USB device into non-trustworthy systems, (e.g., Windows / OSX), and potentially infecting themselves. This is often noticeable because of stray files these OSes leave behind, e.g., .DS_Store, Thumbs.db, __MACOSX, etc.
We should detect these files and if any are found on the device, warn the user that their device is potentially compromised. Until Feature #7496 is finished, we don’t have any way to verify the Tails installation. Advising the user to make a clean install is likely the best course of action at this point.
A further improvement would be to detect hidden partitions on the device, and potentially change the warning as appropriate.
Files
Subtasks
Related issues
Related to Tails - Bug #11102: Document how much one effectively trusts non-Tails OS into which one plugs a Tails USB stick | Confirmed | 2016-02-10 |
History
#1 Updated by hybridwipe 2016-02-18 18:06:36
- related to Bug #11102: Document how much one effectively trusts non-Tails OS into which one plugs a Tails USB stick added
#2 Updated by intrigeri 2016-02-18 20:39:51
- Status changed from New to Confirmed
#3 Updated by hybridwipe 2016-03-02 02:38:24
- File detect_proprietary_garbage.sh added
- Status changed from Confirmed to In Progress
Here’s a rough draft of what I’m thinking for detecting stray files. It doesn’t yet do anything in the greeter, nor is it integrated into the build/boot process :), and it doesn’t detect hidden partitions yet either (I need to research how to script that).
#4 Updated by BitingBird 2016-06-29 06:55:40
- Assignee changed from hybridwipe to intrigeri
- % Done changed from 0 to 10
- QA Check changed from Dev Needed to Ready for QA
A patch was proovided, it should be reviewed :)
#5 Updated by intrigeri 2016-06-30 08:02:48
- Assignee changed from intrigeri to hybridwipe
- QA Check changed from Ready for QA to Dev Needed
> A patch was proovided, it should be reviewed :)
Not really: the patch is incomplete, and hybridwipe didn’t ask for other people to look at it yet.
#6 Updated by alant 2016-08-20 02:47:46
hybridwipe, are you still working on that? If you plan to work on greeter integration, please plug into the new greeter, in feature/revamp_phase1
in the greeter repository.
#7 Updated by Anonymous 2017-06-30 10:41:22
ping @hybridwipe, please see previous comment by alan. If you don’t plan to work on this anymore, please unassign yourself from this ticket. Thanks!
#8 Updated by intrigeri 2020-04-15 06:01:56
- Affected tool changed from Greeter to Welcome Screen