[liberationtech] Tails ISO verification extension for Firefox
Giovanni Pellerano
giovanni.pellerano at evilaliv3.org
Sun Apr 19 12:58:36 PDT 2015
hi Sajoda,
i find your idea really interesting and useful but i think the idea of
developing it in relation to ISO or simply file download in the end
would result in a limit, while this plugin would result really useful
and interesting if developed thinking in general to content
(regardless of the file type; passive/active content, etc)
authentication.
while developing GlobaLeaks (https://github.com/globaleaks/GlobaLeaks)
and developing our end-to-end encryption ideas where we would need
verify Javascript signing and collaborating with SecureDrop people in
relation to shared topics we ended in discussing exactly the same need
you are explaining but a little more generic in relation to projects
signing/integrity; we where thinking to build plugin (for firefox /
tor browser itself) in order to perform code integrity checks; we were
thinking to call it code integrity everywhere.
You find here the root document of the tentative specification we did
together in a shared hackaton done this summer in berlin together with
the SecureDrop team and supported by the Open Technology Fund.
https://securedrop.hackpad.com/Code-Signing-Everywhere-jKSUBY1civF
it would be interesting to continue on this collaborative design and
development on this topic.
best,
Giovanni
More information about the liberationtech
mailing list