Tails

#1 Updated by Gaff 2018-06-12 23:56:47

In-case anyone is wondering - I used the disk tool to add multiple luks partitions. It’s important that they are all labelled ‘TailsData’.

#2 Updated by Gaff 2018-06-13 00:00:34

Related-to / Partial solution of: https://labs.riseup.net/code/issues/5929

#4 Updated by Gaff 2018-06-14 11:40:20

> This use case is already being worked on, but using another mean, persistent volume by default

Sure - but my fix is compatible with the other fix. (Indeed they complement each other very well. One could suppose the default install comes with multiple persistent volumes - It would be impossible to know how many have been configured with passwords and how many were dummies).

Also my fix is cheap and has no downsides that I can see. And I’ve submitted a patch for it already (see above). Is there anything else I should do in order to get this considered for merge?

Thanks!

#7 Updated by intrigeri 2018-06-14 13:10:20

> This use case is already being worked on, but using another mean, persistent volume by default:
> https://labs.riseup.net/code/issues/11681

Err, it’s not ever been worked on (yet) and that ticket is about deciding whether we want to implement that and how.

#9 Updated by Gaff 2018-06-14 13:20:39

intrigeri wrote:
> > Allow multiple users to share a tails device whilst still maintaining privacy.
>
> FWIW I don’t remember this being ever requested in the past. It’s hard to explain the amount of trust each of these users must put into all others: any of these users can patch the shared Tails system to log their passphrase and get access to their data. So “whilst still maintaining privacy” is pretty weak here.

I accept this use-case is pretty tenuous. It’s mostly to frame justification for the other use case.

> > * Support plausible deniability / rubber hose protection - users can create several partitions and when pressed reveal the password to a unimportant partition
>
> Given all persistent volumes are visible, I can’t imagine an adversary, in such a threat model, being satisfied with being given access to only one of N>1 such volumes. So this use case is pretty weak IMO.

True. It’s strength is mostly against non-expert adversatories. This use case could be significantly strengthened if Tails created multiple partitions by default (something for another ticket).

> Regardless, I’ll take a look at the patch and if it’s really trivial, non-invasive and safe, why not.

Cheers!

#11 Updated by Gaff 2018-06-14 13:45:36

intrigeri wrote:
> * The check_output_and_error change seems to be orthogonal to this ticket. If it’s useful/necessary, please include it in a separate commit.

It’s definitely a useful bugfix. Willdo.

> * It would be nice to know how partitioning software behaves in front of a device that has multiple GPT partition entries that all have the TailsData name. Can you please test basic operations on such a drive with at least udisks2, parted and gfdisk and report back the results + how to reproduce them?

I’ve been using parted, fdisk, and gnome-disks extensively to test this. Honestly these apps do little more than present the labels in the output / GUI. No issues whatsoever with this. [As an aside - one could argue that labelling your partitions TailsData is terrible for plausible deniability. Something for another ticket!]

> * Please test how “Configure persistent volume” works on a device that has multiple GPT partition entries that all have the TailsData name. A quick look at the code suggests it might just work but I’d like a confirmation that one can still configure their persistent volume in such a case.

Configuring an already-mounted device “just works”. Obviously it’s not possible to create multiple volumes this way - and I confess I didn’t attempt to use the tool to delete a TailsData partition. Having said that - even if the tool fails it’s not relevant for this ticket. There are dozens of ways to misconfigure your USB device such that the tool fails (trust me - I found a whole bunch of them while testing!). The tool doesn’t pretend to work for every configuration, and I’m not pretending that multiple TailsData partitions are fully supported (yet). Even so this patch is good to go (IMHO).

#13 Updated by Gaff 2018-06-14 13:56:04

Moved the bugfix to Bug #15656

#15 Updated by intrigeri 2018-06-14 14:31:59

> I confess I didn’t attempt to use the tool to delete a TailsData partition. Having said that - even the tool fails it’s not relevant for this ticket.

Fair enough.

Please set the ticket as Ready for QA again whenever you feel it’s ready for another review.

#21 Updated by intrigeri 2018-06-18 07:06:01

By the way, Gaff, if you’d like to improve the Greeter in more ways, now that you’re somewhat familiar with its code, I’ve cooked a custom query for you that lists good candidates: https://labs.riseup.net/code/projects/tails/issues?utf8=%E2%9C%93&set_filter=1&f%5B%5D=status_id&op%5Bstatus_id%5D=o&f%5B%5D=cf_18&op%5Bcf_18%5D=%3D&v%5Bcf_18%5D%5B%5D=Greeter&f%5B%5D=cf_15&op%5Bcf_15%5D=%3D&v%5Bcf_15%5D%5B%5D=Code&f%5B%5D=cf_9&op%5Bcf_9%5D=%21&v%5Bcf_9%5D%5B%5D=Info+Needed&v%5Bcf_9%5D%5B%5D=Ready+for+QA&v%5Bcf_9%5D%5B%5D=Pass&f%5B%5D=category_id&op%5Bcategory_id%5D=%21&v%5Bcategory_id%5D%5B%5D=177&f%5B%5D=priority_id&op%5Bpriority_id%5D=%21&v%5Bpriority_id%5D%5B%5D=3&f%5B%5D=&c%5B%5D=status&c%5B%5D=priority&c%5B%5D=fixed_version&c%5B%5D=subject&c%5B%5D=category&c%5B%5D=cf_15&c%5B%5D=assigned_to&c%5B%5D=cf_9&group_by=&t%5B%5D=. Usually we would leave alone tickets that are already assigned to someone but in this case, I think it’s fair enough to take anything that’s been assigned to Alan for a long time with no recent progress.