What's the unsafe browser even for? Capture portals?
Adrian Allen
Did you know that Tails updates very fast for obvious security reasons?
I think that leak will be fixed in 3.8.
Isaac Nelson
If someone compromises Tor Browser, they would still need to get around apparmor to execute something like this.
Gabriel Ross
You can bypass Tor Browser's apparmor policy through pulseaudio or x11, there are PoCs out. Pulseaudio has an API that allows connected programs to execute commands, and pulseaudio doesn't have an apparmor profile on Tails yet. X11 is a nightmare and won't be fixed until Wayland.
Hunter Campbell
kek
Dominic Bell
He obviously means public facing. Don't try to feign intelligence through sophistry.
what do you expect when every Linux skiddie in the world unironically plays around with things like sudo and X's retarded undocumented security architecture. sandboxing in linux is a joke. 99% of linux skiddies will just run X with default settings which allows the server (i.e, your entire desktop and everything you do) to be controlled over TCP. how is this relevant to the tails IP leaking exploit? because privilege separation is a much easier problem to solve than avoiding leaking the IP address yet they can't even get _that_ right
So, someone would have to physically be next to me or use JavaScript (which is by default blocked) to do this? It doesn't seem like a big deal. Is it getting worked on?
I guess a post-boot script could be made to delete this, as a temporary solution.
Landon Wright
If any application is exploited (browser, totem, libreoffice, archiver, pidgin, etc) they could get your IP. Normally, they would need to chain a privilege escalation exploit afterwards to leak your IP.
Mason Bailey
What in the name of Christ is xdotool?
Brody Anderson
It let's you script stuff like pressing keys or moving the mouse.
Carter Morgan
Really, fuck off, self-important roastie bitch. Everyone should be as offensive as possible to these cunts and hopefully they all have a stroke or at the very least fuck off into unicorn land where they belong.
Robert Thomas
She's right. If you aren't willing to stop being a huge faggot all the time people will not respond, further prolonging anything from being fixed.
Hunter Hall
Who cares if some retard's question doesn't get answered or if some pajeet's problem doesn't get fixed? People asking questions have literally no leverage over anybody.
Asher Howard
A local users could log your keys, gather information about your MAC address/router address MAC, and hardware serial numbers. It's best to use something like Qubes-Whonix if you want to prevent leaks. It would have no internet access except through a Tor gateway running in another VM.
A VM escape or Tor exploits would be needed to leak your IP. Tails is only good because of it's amnesic feature.
Juan Foster
Welcome offical conference Tails in XMPP! Here are the developers:
