Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
tails
tails
Commits
c30dbaa4
Commit
c30dbaa4
authored
Jan 21, 2015
by
Tails developers
Browse files
Document current mitigation of some attacks against our incremental upgrade system.
parent
f945b8a3
Changes
1
Hide whitespace changes
Inline
Side-by-side
wiki/src/contribute/design/incremental_upgrades.mdwn
View file @
c30dbaa4
...
...
@@ -577,6 +577,15 @@ Both with the old and new Tails upgrade systems, mounting such an
attack requires either to take control of the Tails website or to
break the SSL/TLS connection between the client and the server.
This attack is slightly mitigated by the fact that we are announcing
new releases in other ways:
* one that does not rely on our website at all (Twitter);
* one that does not rely on our website to be safe at the time Tails
Upgrader checks for available upgrades, as long as it was safe at
the time the new release was published (<amnesia-news@boum.org>
announce mailing-list).
The move to a secure upgrade system, such as TUF, would make this
stronger, thanks to short-lived signatures on meta-data.
...
...
@@ -599,6 +608,10 @@ The upgrade-description files downloader and verifier could refuse to
download upgrade-description files bigger than some reasonable
constant, but this is not implemented yet.
This attack, when performed against the upgrade-description files
downloader and verifier is slightly mitigated in the same way as
"Indefinite freeze attacks" are.
### Slow retrieval attacks
> An attacker responds to clients with a very slow stream of data that
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment