[Parl-devel] Preseeding with an USB key from an untrusted source
Raphaël Vinot
raphael.vinot at circl.lu
Mon Mar 24 10:07:54 UTC 2014
On 2014-03-22 01:13, Jonas Smedegaard wrote:
Hi,
> Quoting JOSEFSSON Erik (2014-03-21 16:28:29)
>> I am not a developer, but this is a technical question that maybe
>> belongs here rather than on the users list.
>
> Thanks!
Thanks for the introduction.
>> I was thinking whether preseeding with an USB key from an untrusted
>> source would require some kind of "sanitizing"
>
> No. Loss of trust in source cannot be regained through "sanitizing".
The goal of this project is to provide an easy way for someone who
received a USB key to have a look at the content without opening the
original document.
Social pressure or simply the need to get work done will very often make
people connect an USB key they receive anyway. Running it in CIRCLean
will add a layer of complexity to a potential attacker.
Cheers,
--
Raphaël Vinot
CIRCL - Computer Incident Response Center Luxembourg
c/o smile - "security made in Letzebuerg" GIE
41, Avenue de la Gare; L-1611 Luxembourg - (352) 247 88444
info at circl.lu - www.circl.lu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/parl-devel/attachments/20140324/220d3bb8/attachment.sig>
More information about the Parl-devel
mailing list