Document how much one effectively trusts non-Tails OS into which one plugs a Tails USB stick
As stated on https://mailman.boum.org/pipermail/tails-dev/2015-July/009234.html, about Hacking Team bits about Tails:
o Infecting USB device which appears to be a bootable disk (Antonio
Giovanni)§ It will drop (release) the scout, then it will run
Seems to be the same, but from a running and already infected non-Tails OS, when a Tails USB stick is plugged in it. That’s more concerning. We should check if we’re communicating clearly enough that:
- the OS used to install or upgrade a Tails device can corrupt it
- plugging one’s Tails device in an untrusted OS is dangerous
I constantly run into Tails USB sticks that have “hidden” files that indicate they have been plugged into Windows or OSX machines. Maybe I mostly run into users who don’t care about security (I doubt it), maybe we don’t do a good job at the 2nd point.
The 1st point became slightly more important now that we distribute
Tails Installer outside of Tails: the Tails filesystem is mounted for
several minutes during the installation process, which gives the
attacker more time (and a nicer environment) to corrupt stuff than when
doing a mere block copy (
Setting priority >> normal, since it’s not a theoretical threat: the Hacking Team documents drop tells us that actual attackers are on it.