On 7/27/14, Kill Your TV <[email protected]> wrote: > On Fri, 25 Jul 2014 11:08:19 +0000 (UTC) > intrigeri <[email protected]> wrote: > >> Note: what follows is *not* about finding a solution to the last >> de-anonymization vulnerability found in I2P 0.9.13. I trust the I2P >> team will do a proper job at it. > > A new release is out that resolves this recent XSS and a few other > issues, but it has had very, very little testing. Perhaps there are > other problems lurking which haven't been reported yet; people are > certainly giving I2P more attention *now*.
Is it possible to disable the I2P console entirely until it has been audited? > (Exodus reported *multiple* > 0days incl RCE affecting Tails. See also > http://www.twitlonger.com/show/n_1s2jibg. Are these others in I2P? Tor? > Something else? Will these other 0 days be disclosed or are they > to be sold?) > I have a similar concern. I think that this suggests that we need to get our act together and audit audit audit. We should also work to mitigate these kinds of bugs - assuming that we've missed something as we have probably missed something. :( > WRT to the last I2P release: I do know that the filtering is a little > too strict and broke retrieving torrent metainfo, so I think that there > will be a point release relatively soon (Perhaps the I2P-users on Tails > don't bother with this feature?). Will the Debian packages be updated sometime soon? > > I still haven't had a chance to play 'catch-up' with the posts, > Redmine, and/or IRC to give the level of detail that they deserve, > but a few quick things: > > apparmor: This was in my plans prior to this bug but of course its > priority has been raised. Wouldn't any policy that blocks the latest RCE also block the way that I2P actually functions? > > 'router console access': How many on Tails on I2P just visit I2P > internal sites? How many look at or change settings here? Should this be > disabled by default? Yes, please disable it, if that is possible. Or perhaps make a web view or something similar with it? > > greeter or boot option: Seems like a reasonable compromise. I suppose > could also allow the "I2P-specific" rules to be set if-and-only-if this > option is specified. I think it would be good to privilege separate administration of I2P (eg: console) from usage of I2P (eg: touching the network). > > More will be forthcoming. Sounds good. I look forward to hearing more and I'm happy to help. What do you think about routing all I2P traffic over Tor? That seems like something that may happen as a stop gap. Thoughts on that are really needed. All the best, Jacob _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
