Feature #9832: Explain the security drawbacks of DVD

Feature #9832

Explain the security drawbacks of DVD

Added by sajolida 2015-08-01 08:30:40 . Updated 2016-11-04 13:46:13 .

Status:

Rejected

Priority:

Normal

Assignee:

Category:

Target version:

Start date:

2015-08-01

Due date:

% Done:

Feature Branch:

Type of work:

End-user documentation

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

We’re telling users about some security benefits of booting Tails from a DVD (as opposed to from a USB stick), but there are some drawbacks too. Let’s start by listing them…

Once we get Tor persistent state, Tor will be stronger with persistence.
Without persistent you might be tempted to not use asymetric encryption, persistent keys, and fallback on weaker solutions.
No automatic upgrades. That’s not practical, and if you don’t take the time to upgrade manually, it’s a security risk.
A malicious or buggy DVD drive’s firmware can modify the Tails system on-the-fly.

Subtasks

History

#1 Updated by sajolida 2015-08-01 08:31:23

Type of work changed from End-user documentation to Research

#2 Updated by BitingBird 2015-08-01 09:44:13

With DVD, you don’t have automatic upgrades. That’s not practical, and if you don’t take the time to upgrade manually, it’s a security risk.

#3 Updated by intrigeri 2015-08-02 07:24:08

Description updated

#4 Updated by intrigeri 2015-08-02 07:25:51

Assignee set to sajolida
Type of work changed from Research to End-user documentation

Provided the info sajolida requested => reassigning to him so that he can decide what are the next steps / priority / etc.

#5 Updated by sajolida 2015-08-03 01:25:11

related to ~~Feature #9884~~: Rewrite explanation of benefits and drawbacks of different supports added

#6 Updated by sajolida 2015-08-03 01:27:00

Description updated

#7 Updated by sajolida 2015-08-03 01:55:48

Assignee deleted (~~sajolida~~)

Actually, I don’t mind other people working on this one now that its scope has been clarified :) Still, beware of ~~Feature #9884~~.

#8 Updated by emmapeel 2016-02-28 13:59:59

Assignee set to emmapeel

#9 Updated by sajolida 2016-03-07 12:40:23

Actually, now that we decided what to do with /doc/first_steps/media in ~~Feature #9884~~. This ticket should be part of ~~Feature #9884~~. Still, maybe this one could be resolved first by adding more bullet points to /doc/first_steps/media. But it could also probably benefit from a bit more rewriting and restructuring of the whole page.

#10 Updated by sajolida 2016-03-07 12:40:41

related to deleted (~~~~Feature #9884~~: Rewrite explanation of benefits and drawbacks of different supports~~)

#11 Updated by sajolida 2016-03-07 12:40:53

Parent task set to ~~Feature #9884~~

#12 Updated by sajolida 2016-11-04 13:46:13

Status changed from Confirmed to Rejected
Assignee deleted (~~emmapeel~~)

Parent task was rejected.