>> If you are forced to boot off an external medium that is a secured >> environment this is unlikely to occur. > > Yeah, but for that the Tails distribution exists http://tails.boum.org/ . > > I've been saying about making "app-protection" against possible attacks > to the Browser and it's components, mitiganting it by sandboxing > automatically with a general framework that would limit: > - file system access > - socket access > - dangerous's OS API
Yea. Those are good too. People say to use Tails all the time and I cringe every time. There are many user related problems with Tails. It isn't that great. 1. A user should not have to download a CD from a site every time an update comes out. 2. Users should not need to know how to authenticate the download (each update to TBB or Tails)- while nice users aren't competent enough to do in practice and the difficult in doing it makes it unlikely even those who know how may not do it. So we should avoid making the user do the authentication at all. That can be done if there is a distribution that is installed. Authentication of updates is already built into apt. Lets use it. Install once and forget. 3. Does tails prevent non-Tor communications? I was reading something which suggested it was an idea. If it is an idea chances are it isn't implemented. _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
