New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Creating a browser extension to automate and simplify the verification of the ISO when downloaded (by modifying the Tails verification extension) #2755

Open
ghost opened this Issue Apr 18, 2017 · 2 comments

Comments

Projects
None yet
2 participants
@ghost

ghost commented Apr 18, 2017

One can assume that most users don't verify their ISO when downloaded, especially non-technical users. To make it easier to verify the ISO and to automate the process to make it user friendly for them, I suggest that someone (maybe by the community?) rebases the Tails extension for automatic verification for Qubes, and it gets implemented in the Qubes OS website.

The Tails team already made an extension for automatic ISO verification extension for Firefox
https://tails.boum.org/blueprint/bootstrapping/extension/

Their download page: https://tails.boum.org/install/download/
https://addons.mozilla.org/en-US/firefox/addon/tails-download-and-verify/

(They are also working for one extension for Chromium users, but for now only the Firefox one is available)

What is your opinion on this?

@andrewdavidwong

This comment has been minimized.

Show comment
Hide comment
@andrewdavidwong

andrewdavidwong Apr 18, 2017

Member

Neat idea, but there's a risk of moral hazard. That is, users who might otherwise have locally verified the ISO (because the convenient option was not available) might instead rely solely on the convenient option, thereby decreasing their security.

https://www.qubes-os.org/doc/user-faq/#should-i-trust-this-website

Member

andrewdavidwong commented Apr 18, 2017

Neat idea, but there's a risk of moral hazard. That is, users who might otherwise have locally verified the ISO (because the convenient option was not available) might instead rely solely on the convenient option, thereby decreasing their security.

https://www.qubes-os.org/doc/user-faq/#should-i-trust-this-website

@andrewdavidwong andrewdavidwong added this to the Documentation/website milestone Apr 18, 2017

@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Apr 18, 2017

Member
Member

adrelanos commented Apr 18, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment