Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday June 17 2018, @09:54AM   Printer-friendly
from the not-quite-secure dept.

A compromised local user can leak your IP by using a script to start unsafe-browser hidden in the background and use X11 trickery to leak your real IP without privilege escalation. Most applications exploited on Tails would be capable of this.

deleting /etc/sudoers.d/zzz_unsafe-browser after booting will fix this issue until Tails fixes it themselves

Bug #15635

Feature #7072: Research potential for deanonymization by a compromised "amnesia" user

The Unsafe Browser allows to retrieve the public IP address by a compromised amnesia user with no user interaction


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Interesting) by Anonymous Coward on Sunday June 17 2018, @05:05PM (1 child)

    by Anonymous Coward on Sunday June 17 2018, @05:05PM (#694290)

    "apt-get" on centos?

    Starting Score:    0  points
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  

    Total Score:   1  
  • (Score: 2, Touché) by Anonymous Coward on Sunday June 17 2018, @09:53PM

    by Anonymous Coward on Sunday June 17 2018, @09:53PM (#694355)

    To his credit his apt-get example on Centos was commented out behind the #.