Delivery-Date: Sat, 15 Aug 2015 07:20:54 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 8386D1E03D4;
	Sat, 15 Aug 2015 07:20:52 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 3B5263626F;
	Sat, 15 Aug 2015 11:20:47 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 59A0D36259
 for <tor-talk@lists.torproject.org>; Sat, 15 Aug 2015 11:20:44 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Xr4Nf9UDXOxk for <tor-talk@lists.torproject.org>;
 Sat, 15 Aug 2015 11:20:44 +0000 (UTC)
Received: from mail.imirhil.fr (imirhil.fr [IPv6:2001:bc8:3f23:100::1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "imirhil.fr", Issuer "CAcert Class 3 Root" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 2848E36170
 for <tor-talk@lists.torproject.org>; Sat, 15 Aug 2015 11:20:44 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.imirhil.fr (Postfix) with ESMTPSA id 225D38005F;
 Sat, 15 Aug 2015 13:20:40 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=imirhil.fr; s=mail;
 t=1439637640; bh=QXqkXrIZPhYWxQ18ulYMw6Wa9OkpyG6wsFJcf6Z6en0=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
 b=2Wcu5rAzsaW36gQmaWfDg75ZQFBfW3+w5cH4HjCh9SBudvCJ7JAxq2DPBKih6Dm1I
 MCUgZ/YW0YEW5RLQ4RiolyUVtOzinpiYapX6i8CNfk7QWInvd8+QIusmSumqsg+P7f
 SZVMcKWEKfpKXU4v73jLIq896jNGPx8HY8F9r5JU=
From: Aeris <aeris+tor@imirhil.fr>
To: tor-talk@lists.torproject.org
Date: Sat, 15 Aug 2015 13:20:37 +0200
Message-ID: <1703669.AW3coAmQdG@home>
In-Reply-To: <CAD2Ti2-ByCYi2uxwiWCQJasXjmLLHaTSYZ6fEVcGmYaunHtBXg@mail.gmail.com>
References: <d80c41f58078b36fa2826bf33766d630@openmailbox.org>
 <7f72afe3d945969015e09ae0d3ba9903@openmailbox.org>
 <CAD2Ti2-ByCYi2uxwiWCQJasXjmLLHaTSYZ6fEVcGmYaunHtBXg@mail.gmail.com>
MIME-Version: 1.0
Subject: Re: [tor-talk] How can I make sure that the Tails I'm running is
	legitimate?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============4351541695195680264=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============4351541695195680264==
Content-Type: multipart/signed; boundary="nextPart4865610.fh2f9qQcAn"; micalg="pgp-sha512"; protocol="application/pgp-signature"


--nextPart4865610.fh2f9qQcAn
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

> No, you cannot check a suspect OS with a suspect OS.

Oh yep, miss that point ><

Better to use another =C2=AB safe =C2=BB OS, but is re-building our own=
 sha256 tool=20
enough ?
Even if the OS is malware, seems impossible (or sooooooooo difficult at=
 least)=20
for me for a corrupted OS to tricks such tool.

The 2 only ways to do this I see at this moment is :
 - trick the /dev/XXX read to send the real OS data, but in this case n=
eed the=20
real data somewhere on the compromised image and so it size must be ver=
y=20
different (=C3=972).
 - trick the compiler [1] but difficult to do with a custom sha256=20
implementation (unable to guess we compile a sha256 to inject forced re=
turn=20
value if detecting compromissed OS data on input).

[1] https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf=


=2D-=20
Aeris
Individual crypto-terrorist group
self-radicalized on the digital Internet

Protect your privacy, encrypt your communications
GPG : EFB74277 ECE4E222
OTR : 5769616D 2D3DAC72
https://caf=C3=A9-vie-priv=C3=A9e.fr/
--nextPart4865610.fh2f9qQcAn
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part.
Content-Transfer-Encoding: 7Bit

-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJVzyCFAAoJEO+3Qnfs5OIiM9AQAIVnYhM15fFckypt/3Zyq4qd
ZEEvmQPky40PTX6L5o9mNUgllqMAG7WaYE4H1oj8PunL8finGllW6pESMmXzV0/J
H5Jt+yR7opyF8AZhJuo/5fvQasjvcFaVK5ExQNGUkxbH0jr8tHrUV98GjkUzVHHV
KvYamqVsCLSph7kVoNOWLQsb9lTp0aPsAJEYubEEIx6pZqBIpAZPZg+tBrp19Apy
8/Gphsj0H4IizLe065gAQTAHNRecpuRgdNQJqd+d5Hz9/5MrL23+Z38JuItgTtuP
opFy0X6y21L7gj4Cblx0oNRqZCXJ0f4NyXGhYfjdCdMJOq7ZVdFdiSPASQrlBRtT
HZKUo1afz6roYQKOos9RMwwHHRWUC5Iwg/XaA0+WQc1aBTwzhw0j0lMdsElvE8+u
L7sGzTsBoTapmJp5aL5rCcg9Zu//smf/l/bbXZpyzHVmqOr7KpoaIaXrcRTFNoRS
HgGzPnkOKzClF0TSgbTHQHPR/yvmb0ejAPFylxdmRGWuoa+CmeYr2BNzo7ykbHsC
7qrcgSvuYHwWaZ570W0mmnVc31vnX4zNKdECD4KkzSKGxvimr9Sb4gYNyd/NA202
C2l0qsygoAanokP6PPfcb+HzQR2XXAquAPd09R6r6mj9/RLvGWhcQHkS28zqKL5F
BZILMixjiBeJBuSfMsQ5
=0PlJ
-----END PGP SIGNATURE-----

--nextPart4865610.fh2f9qQcAn--


--===============4351541695195680264==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============4351541695195680264==--

