|author||Tails developers <firstname.lastname@example.org>||2013-07-18 21:14:11 +0200|
|committer||Tails developers <email@example.com>||2013-07-18 21:14:11 +0200|
Move blueprints to a dedicated directory.
Diffstat (limited to 'wiki/src/blueprint/protect_against_external_bus_memory_forensics.mdwn')
1 files changed, 26 insertions, 0 deletions
diff --git a/wiki/src/blueprint/protect_against_external_bus_memory_forensics.mdwn b/wiki/src/blueprint/protect_against_external_bus_memory_forensics.mdwn
new file mode 100644
@@ -0,0 +1,26 @@
+It should not be that easy, for an attacker with physical access, to
+retrieve Tails memory. (Note that this will especially be the case for
+a [[Tails server|todo/server_edition]] instance left unattended.
+## other implementation ideas
+* If a firewire card was inserted into the slot and the bus is active,
+ pop up a dialog and ask "hey, you want to use firewire/etc.?"
+* disable these buses by default, allow opt-in through tails-greeter
+ to enable
+* ask that users assert they want to use this or that bus, and make
+ the assertion bind to a single device, rather than all devices
+* de-activate PCMCIA and ExpressCard on systems that don't have any
+ PCMCIA or ExpressCard devices after running for 5 minutes. This is
+ going to byte some users, but probably only the first time.