[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: torified netinst.iso and live.iso

On Mon, Aug 15, 2016 at 05:17:00AM +0000, Tempest wrote:
>hi, debian-cd list. this is my first email here.


>since debian and tor project announced the availability of onions for
>package upgrades and installs through apt-get, i've been exploring ways
>to create images so users can install debian over tor from first run.
>despite some success with experiments, the main issue is that, as an
>anonymous person, i'm not trust worthy.
>now that apt-transport-tor is part of jessie, would it be possible for
>the debian project to create a netinst.iso and live.iso that implements
>tor, apt-transport-tor and the onions in /etc/spt/sources.list? that
>way, debian could gpg sign it as usual and there would be no concern of
>potential tampering from someone like myself.
>i work on a guide that uses debian as a host and whonix as the gateway
>and workstation that is aimed towards novices who wish to explore
>methods of privacy and anonymity. such isos would allow for the guide to
>use tor from practically start to finish, which is ideal, in that third
>parties would have a more dificult time knowing if anyone is installing
>if there is any way i can help make this happen, please let me know.

This sounds like a very good idea, thanks! As far as I can see, we'd
need to:

 1. add the extra packages (tor, apt-transport-tor, anything else?)

    very easy - I can add those to the package lists for d-i and/or
    debian-cd very easily

 2. change the sources.list to use those and the onion addresses

    slightly more involved - we'd need to tweak things, maybe give
    users the choice during installation

 3. if the user chose to use tor at install time, change d-i itself to
    use tor for even the initial installation packages

    much more complex - we'd need tor support built into d-i too, I

If we'd want #3 too, that will need development work in d-i from
somebody who knows tor?

Steve McIntyre, Cambridge, UK.                                steve@einval.com
< Aardvark> I dislike C++ to start with. C++11 just seems to be
            handing rope-creating factories for users to hang multiple
            instances of themselves.

Reply to: