Extend the upgrader to allow full (self) upgrade
I would be very nice to be able to have a few-clicks away full upgrade process (incuding downloading the upgrade, veryfing it and installing it). This could either upgrade to an other device, or preferrabily the source device.
An usecase for that is: someone got a Tails device created by a trusted party using "Clone and upgrade", they trust it but never went through the manual verification and installation process and don't know how to use them, so they end up using an outdated version.
Team: kurono (research, ? (implementation)
- Status changed from Rejected to Confirmed
- Assignee set to intrigeri
- Target version set to Tails_3.10
Actually we still want to at least consider this option if it can be done without too much work on our busy core people. Next steps are:
- intrigeri specifies what exactly we would need from Tails Installer to enable Tails Upgrader to use it to apply a full upgrade; I'll try to do this by the end of 2018
- intrigeri asks other contributors (e.g. kurono) if they would be up to implementing the required Tails Installer changes
- depending on the above and the timing vs. #15277, we consider implementing this in Tails Installer and Tails Upgrader
#17 Updated by adamantium about 15 hours ago
An idea: Add upgrade functionality to the booting menu.
Instead of upgrading a Tails with a second tails (manual upgrade), why not allow Tails to download an .iso, save it perhaps in the persistent storage or in a third location (other usb, external hd, etc). Functionality could be added to the "4 seconds to automatic boot" screen allowing the option "Upgrade this Tails from .iso"
The need would be there that the .iso be verified as signed by a known tails signing key. We need to ensure no security holes are introduced by this procedure I'm brainstorming. But if the current Tails bootloader knows the current Tails key/credentials, it could verify if a .iso image came from the Tails developers or somewhere else.
After an upgrade, trigger a reboot, and the user has not had to remove their Tails USB.
I realize there would be a problem if the tails signing key changes, but this is not likely to be a frequent occurence right?