> In our (I'm cc'ing Marsh here, please keep him in the cc list unless he > objects) recent FOCI12 paper, we discuss some novel attacks on VPNs and > we focus on anonymity related issues. Largely, I think that this paper > is not news to Tails developers, I even sent in a per-release copy > months in advance to a few Tails hackers. > > Here are the urls for the paper: > https://www.usenix.org/conference/foci12/vpwns-virtual-pwned-networks > https://www.usenix.org/system/files/conference/foci12/foci12-final8.pdf
We have already put on our plate to do a proper review of it: <https://tails.boum.org/todo/analyze_Jake_FOCI12_paper/> > So my main concern was that we found the lack of transparent routing to > be an actual hole in Tails. There is not a compelling reason for > allowing all RFC1918 space given our findings. This might need to be discussed some more, but probably what needs to be done is filtering RFC1918 by default. But Tails is also meant to be able to produce documents. Some users might need to get sources on a NAS or use a printer in their local network. So implementation is not only about about changing three lines in the firewall, but also about having a way for users to allow access to the local network is also needed. This is not hard, but makes it less trivial. -- Ague
pgpxbs7CMGCxK.pgp
Description: PGP signature
_______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
