On 7/26/14, [email protected] <[email protected]> wrote: > intrigeri wrote: >> So, the main goals I have in mind are: >> >> 1. making it harder, for an attacker who compromises I2P running in >> Tails, to upgrade their attack to anything non-I2P; >> >> 2. making it harder, for someone attacking a Tails user's web >> browsing over Tor, to take advantage of bugs in the I2P router >> console; >> >> 3. protecting the Tails users who don't intend to use I2P at all, >> from vulnerabilities in I2P, by making it harder, for an attacker, >> to start I2P in Tails, or to trick a user into doing it. >> >> Regarding #3, I think we should replace the sudo credentials that >> allow the `amnesia' user to start I2P, with an I2P option in Tails >> Greeter. I assume the new Greeter that's currently worked on would >> allow this. >> >> * If we keep I2P without adding any protection immediately, when do >> we expect *which* protections to be ready? (reality check: we won't >> have AppArmor before October; I guess the Greeter won't be ready >> earlier either) > > Regarding the "when", if we decide to do a first temporary step by > having an "i2p" boot option instead of an option in the Greeter, then we > don't have to wait for the new Greeter... It feels a bit like going > backward regarding our plans on the Greeter but we've been doing that > for truecrypt forever and the doc is ready... That could be ready for > Tails 1.1.1, no? >
A boot option seems like a fine way to fix things quickly without actually harming the needs of actual i2p users. I wonder though if that also means that the firewall would be locked down by default? All the best, Jacob _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
