Stories
Slash Boxes
Comments

SoylentNews is people

Facebook Paid for a Tails Zero-Day Exploit to Help the FBI Catch a Predator

posted by Fnord666 on Sunday June 14 2020, @11:22PM   Printer-friendly
from the Zero-day-for-sale-sold! dept.

Halibut writes:

Motherboard reports that Facebook hired a cybersecurity firm to develop a zero-day exploit for the video player in Tails (The Amnesic Incognito Live System). Facebook provided this exploit to the FBI to aid in the apprehension of a predator using Facebook to harass victims. This exploit was not disclosed to the Tails developers.

Also covered by Gizmodo, as seen on Schneier's blog.

[Ed Note - The zero day was provided to the FBI via a third party, not directly from Facebook.]

Original Submission

 
This discussion has been archived. No new comments can be posted.
Facebook Paid for a Tails Zero-Day Exploit to Help the FBI Catch a Predator | Log In/Create an Account | Top | 15 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2, Interesting) by Anonymous Coward on Tuesday June 16 2020, @12:46AM

    by Anonymous Coward on Tuesday June 16 2020, @12:46AM (#1008415)

    Doesn't Tails run apps under AppArmor and Firejail sandboxes? A compromised browser or video player should not be able to discover the real networking information of the physical machine, or make direct outbound connections. They must have additionally used kernel-level exploits to break out of the sandbox, if I'm not mistaken.

    Starting Score:    0  points
    Moderation   +2  
       Interesting=2, Total=2
    Extra 'Interesting' Modifier   0  
    Total Score:   2