[tor-bugs] #11300 [Tor Sysadmin Team]: Find a secure signing machine for TBB signing

[Tor Bug Tracker & Wiki]

#11300: Find a secure signing machine for TBB signing
-----------------------------------+--------------------
     Reporter:  mikeperry          |      Owner:  phobos
         Type:  task               |     Status:  new
     Priority:  normal             |  Milestone:
    Component:  Tor Sysadmin Team  |    Version:
   Resolution:                     |   Keywords:
Actual Points:                     |  Parent ID:  #11299
       Points:                     |
-----------------------------------+--------------------

Comment (by phobos):

 Replying to [comment:2 mikeperry]:
 > phobos: We currently lack hardware for this purpose. Weasel suggested
 that you were the person to find a machine for us. He said it should
 probably live in the Tor office, for physical security.

 The tor office is not the place to host machines, especially if you want
 physical security. Probably better off hosting an old laptop in someone's
 house than putting any "secure" machine in the office.

 > We could instead have Erinn try to hunt down a machine via donations
 (which she has been having luck with), and have it mailed there, if that
 is OK. Should we try to go that route, or is there an existing machine we
 can use instead? The downsides being we're trusting some random to give us
 hardware that we need to ensure package integrity, though, so perhaps a
 new machine is best?

 And then we're trusting the NSA/shipper/creator to not modify it in
 transit? How far down this rathole do we go?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11300#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online