Delivery-Date: Thu, 12 Mar 2015 00:36:24 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,URIBL_BLOCKED
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id A279E1E0BCA
	for <archiver@seul.org>; Thu, 12 Mar 2015 00:36:22 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id C5A1334408;
	Thu, 12 Mar 2015 04:36:03 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id CC23A3442D
 for <tor-talk@lists.torproject.org>; Thu, 12 Mar 2015 04:35:58 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Q8XEcbIWi25i for <tor-talk@lists.torproject.org>;
 Thu, 12 Mar 2015 04:35:58 +0000 (UTC)
Received: from mail.headstrong.de (mail.headstrong.de [81.7.4.112])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 516AA34408
 for <tor-talk@lists.torproject.org>; Thu, 12 Mar 2015 04:35:58 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1])
 by mail.headstrong.de (Postfix) with ESMTP id C0A761C000E3
 for <tor-talk@lists.torproject.org>; Thu, 12 Mar 2015 05:35:24 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=headstrong.de;
 h=content-type:content-type:subject:subject:mime-version:from
 :from:date:date:message-id:received; s=mail; t=1426134921; x=
 1427949322; bh=7sx+fX118ojRSAJp0AiQRnMSLWhWwarqP3h23TmQCKc=; b=g
 x0ujBLDOmbYvxadyDRPGs6s+L/fnNOuwDoB1yzYqL++PBZYhc9j/ttCxPHkTkmnA
 7PJ5HygMBjE5pWqDDZhTmfffi+kaKV7M3IuWkk14ze7vQop0HVsCzVv60rC/wDcl
 nbpnvb5xLvfLllS6xsQeN3ds10f7DP7hVOLCQFQBwc=
X-Virus-Scanned: Debian amavisd-new at mail.headstrong.de
Received: from mail.headstrong.de ([127.0.0.1])
 by localhost (mail.headstrong.de [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id dDxQubMQSZMl for <tor-talk@lists.torproject.org>;
 Thu, 12 Mar 2015 05:35:21 +0100 (CET)
Message-ID: <55011784.4040304@torservers.net>
Date: Thu, 12 Mar 2015 05:35:16 +0100
From: Moritz Bartl <moritz@torservers.net>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
Subject: [tor-talk] USB sticks for Tails (write protection switch)
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============7349822684827594134=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============7349822684827594134==
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="PVbvTKBWmwjPN2CI7gUf6U4PmvjOlfRoK"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--PVbvTKBWmwjPN2CI7gUf6U4PmvjOlfRoK
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi!

It's been a while, and a lot of people have since asked if I can repeat
the action: I plan to do another bulk order of USB sticks with physical
write protection switch. They are certainly not perfect, and there's no
guarantee that there aren't any software-based attacks possible! (**)
Still, they are definitely 'more useful' than regular USB sticks with no
write-protection whatsoever.

I will order only one model this time. I believe they are the same than
the square ones last time, but I don't know for sure. Here's some data
from the last batch:
https://blog.torservers.net/20131115/usb-sticks-for-tails.html ( the
blue ones on http://share.pho.to/48Egt ).

I will bring sticks with me to events. I will not put Tails on them, and
I will not repackage and mail them. I plan to give them away "as is" at
the price that I pay from the wholesale company in China. You can find
sellers on alibaba.com.

The price will be around 8 Euro for 16GB sticks. Last time I went for
the 8GB version, but it only makes ~1=E2=82=AC difference these days. It =
largely
depends on the quantity, and obviously it can get cheaper the more I
buy. Please ask _organizations_ that would be interested so I can get a
rough idea of how many I should order. Last time I got 200, which were
gone astonishingly fast (I barely had any left after a single c3
congress). I need organizations/groups to commit to at least 25 sticks.
I don't have the energy to deal with smaller "orders". :-) The amount of
feedback I get to this will determine how many extra sticks I will buy.
I am tempted to at least go for 500.

I do not plan to print or engrave logos on them, so they don't "stick
out". If an organizations wants their logo on sticks, I can share my
Chinese contact and the org can order directly.

(**) Nobody has actually proven that you can circumvent the read-only
bit and simply write with modified kernel drivers ("please don't write
me bit", not enforced by the drive controller), and/or that you can
reflash the firmware in read-only mode. It sounds plausible that you
can, so I don't think that these USB sticks will protect against a
highly motivated attacker. "Safer" options I've heard so far, but have
not verified:

The (micro)SD exposes registers for permanent write protection (cannot
be undone) and temporary write protection. If you set TMP_WRITE_PROTECT
and expose the SD card as USB device (not as mmc card), the registers
cannot be accessed from the host, so they cannot be changed. For an
example of this, see https://github.com/Nephiel/sdlocker-tiny . Maybe
there's a nice little SD card USB reader with a firmware that can be
patched for this. Or someone finally does a kickstarter around proper
USB sticks, with open hardware, and better protection against rogue
firmware updates. It could then of course be based on flash memory
chips, not necessarily SD cards. I think it would be nice to find a
cheap, small, hackable SD-to-USB adapter.

--=20
Moritz Bartl
https://www.torservers.net/


--PVbvTKBWmwjPN2CI7gUf6U4PmvjOlfRoK
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJVAReFAAoJEJFSZfzPZhg/LqEIAJE9z4jcVE9FwXEE6zSfZq7q
EBj+Kyy3qcgM2Vdy8Wbrc7qEjNZyP6Ug8mAyarUP1VlhIcUYQLzr6MaGgz5XuUzn
mxo14l1zpztSHoWxeYBRtRhMTt9X/FxPtCRqIpATMQo9F47QMed0G100owdvIgQj
z2+a1/aNlaHYfRj1wf2yrJGf0OGAtgrHIaTz5Db35sup/MFFoL/4q+h5WaRgyj3o
G/ssvsuv4D2eN3rB/tX5OIGXWMx+fYJv335sRKPHakAJVwF3j5p0zdUTuw6npR26
kGDEybzr/6yII5+E0EuN7ZF3GUz7feECKY49FUr99EP0xofiA1i4dhEj+QeEQNU=
=dlUS
-----END PGP SIGNATURE-----

--PVbvTKBWmwjPN2CI7gUf6U4PmvjOlfRoK--

--===============7349822684827594134==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============7349822684827594134==--

