BenWestgate
commented
1 year ago The trust level is absolute. With some expertise they can modify bitcoin and Tails in ways that let them steal 100% of the users funds and data. However, if they haven't done this, then later decide to attack the user, they won't have an advantage if I force a "reencrypt" command or alternately the clone is completed without admin rights in the running tail which keeps the new clone's masterkey a secret.
Even though the trust is absolute, the new user also has absolute trust in github, or me, or later on, my release signers, unless they read all the code and install themselves.
It's not clear that someone they know personally is a worse option for obtaining an authentic copy of The Software than trusting strangers on the internet, and it is certainly more decentralized and should be preferred whenever the trust level is equal. It will also save days of IBD as well.
Is your feature request related to a problem? Please describe. Tester #2 did not understand what it means to trust someone to clone Bails from them.
Describe the solution you'd like Wants a link to the threat model of cloning vs installing the software. Wants to know what the person he is trusting can do to him. Negative affects of cloning vs using this website. Review code before running would be better than the current script. Check checksum. Check signature before executing.
Describe alternatives you've considered
Additional context