[Tails-dev] SSD Advisory Wget Arbitrary Commands Execution
"Vulnerability Description A vulnerability in the way wget handles redirects allows attackers that are able to hijack a connection initiated by wget or compromise a server from which wget is downloading files from, would allow them to cause the user running wget to execute arbitrary commands. The commands are executed with the privileges with which wget is running. This could prove to be quite severe when wget is launched as root. Vulnerable Version Wget version 1.17 and prior" More delish meaty bits: https://blogs.securiteam.com/index.php/archives/2701 ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] The PTB rely on HUMAN FLESH in the FOOD SUPPLY
The PTB rely on HUMAN FLESH in the FOOD SUPPLY to maintain their human appearance Human flesh exists in a lot of foods today. Sometimes it makes the news. These are PTB slip ups, and/or conditioning this reality. They rely on the consumption of human flesh to retain their human appearance. They all have the same scent. They exist from the bottom to the top of the pyramid. Some are bums, some are middle/upper class, some are those dancing for you on TV, in a web of deceit to keep your mind and body occupied. If you want to try and let one of them know that you know what they are, you might say to them: "This hamburger is really quite human" (inhale deeply) "This planet is filled with creatures which all smell the same" "I hope you enjoyed your flesh burger" "How long did your last regeneration period last?" "What office do you work for?" ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] Mozilla Crash Reporter
Name - webapprt.ini Folder - /usr/local/lib/tor-browser/webapprt File: webapprt.ini [Crash Reporter] ServerURL=https://crash-reports.mozilla.com/[snip] - Manually Changed via sudo to: [Crash Reporter] ServerURL= and saved, just in case. ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] Tails Amnesic Incognito Live Linux OS Spotted on 'Homeland'
linux_softpedia_com/blog/tails-amnesic-incognito-live-linux-os-spotted-on-the-homeland-tv-show-495141_shtml "The episode is called "Super Powers" and aired last Sunday, on October 18, 2015. During the show, at some point, Laura Sutton makes contact with Numan, who gives her a USB stick with some leaked CIA documents. She immediately goes back to her office, takes a Dell XPS 13 laptop from her safe and boots from the USB flash drive received from Numan, which apparently runs the Tails amnesic incognito Live Linux operating system." ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] Need more privacy
I'm nerved that Tails reconfigured the Tor browser bundle to redirect to boum.org (Tails website) at every startup or identity change. What's the purpose? Usage statistics? News? (There is not often important news..) Why can't it be empty by default or just the Torproject page, making it hard to differentiate between a normal Tor Browser Bundle user and a Tails user. I already saw tails.boum.org in referrer fields on my weblog. Now every Tails start or identity change , a Tor exit node must connect to this server, creating the possibility of passive browser fingerprinting (browserspy.dk like , screen dimensions are the most important) Besides a blank Startpage, slightly random window dimensions would be a great feature to INCREASE privacy I love to see this great project get even better but without my computer potentially passing screen-dimensions to the Tails webserver 30 times on a regular day. ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] TAILS (Tor Linux distribution) contains extra root CAs ?
I have a question: Tor Browser Bundle - Firefox ESR 17.0.9 (LATEST TOR) Compared to: Iceweasel 17.0.9 (LATEST TAILS Linux distribution) To be found in Tails (not found in TBB), some additional certificates: DigiCert Inc - DigiCert High Assurance EV CA-1 DigiCert Inc - DigiCert High Assurance CA3 GeoTrust Inc. - Google Internet Authority G2 StartCom Ltd. - StartCom Class 2 Primary Intermediate Server CA The Go Daddy Group, Inc - Go Daddy Secure Certification Authority The USERTRUST Network - Gandi Standard SSL CA All these are listed as Software Security Device certificaties. The others are Builtin Object Token and baked in the browser. Mozilla's documentation explains about Software Security Devices: Software Security Device stores your certificates and keys that aren't stored on external security devices, including any CA certificates that you may have installed in addition to those that come with the browser. https://www.mozilla.org/projects/security/pki/psm/help_21/using_certs_help.html Question is: did TAILS added some extra CA's ? ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev