Firm says vulnerability in Tails contained in I2P component

[InfoSec News <alerts () infosecnews org>]

http://www.computerworld.com/s/article/9249939/Firm_says_vulnerability_in_Tails_contained_in_I2P_component

By Jeremy Kirk
IDG News Service
July 23, 2014

A vulnerability broker published a video demonstrating one of several 
flaws it has found in the privacy-focused Tails operating system, which is 
used by those seeking to make their Web browser harder to trace.

Exodus Intelligence of Austin, Texas, said its short clip shows how the 
real IP address of a Tails user can be revealed using the flaw. The 
company said it hoped publicizing its findings would serve as a warning to 
users about putting "unconditional trust" in a software platform.

"Users should question the tools they use, they should go even further to 
understand the underlying mechanisms that interlock to grant them 
security," Exodus said in a blog post on Wednesday.

Tails is a self-contained, Linux-based operating system and suite of 
applications that can be carried on a USB stick, an SD card or a DVD. It 
is designed in part for use on public Internet terminals, protecting a 
person's online activity and leaving few digital traces on the computer it 
runs on.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/