[tor-talk] TBB, iptables, and seperation of concerns

intrigeri intrigeri at boum.org
Mon Dec 12 18:01:32 UTC 2011


Chris wrote (12 Dec 2011 08:35:01 GMT) :

> 1. A user should not have to download a CD from a site every time an
> update comes out.

What kind of better solution are you thinking of?

We've got an incremental upgrade system in the works:

Don't hesitate using the Tails communication channels to suggest
improvements etc.

> 2. Users should not need to know how to authenticate the download (each
> update to TBB or Tails)- while nice users aren't competent enough to do in
> practice and the difficult in doing it makes it unlikely even those who
> know how may not do it. So we should avoid making the user do the
> authentication at all.

> That can be done if there is a distribution that is installed.
> Authentication of updates is already built into apt. Lets use it.
> Install once and forget.

I may be missing your point, but Tails is not a random collection of
packages that could be individually upgraded without any thought.
Tails is a carefully crafted system that aims at guaranteeing certain
properties. We do our best to ensure an ISO we ship meets a certain
specification. There is simply no possible way for us to ensure the
same for "that ISO plus any number of APT upgrades on top of it".


> 3. Does tails prevent non-Tor communications? I was reading something
> which suggested it was an idea. If it is an idea chances are it isn't
> implemented.

It does. Details:


  intrigeri <intrigeri at boum.org>
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
  | The impossible just takes a bit longer.

More information about the tor-talk mailing list