On 2/14/16, intrigeri <[email protected]> wrote: > Jacob Appelbaum wrote (14 Feb 2016 13:04:58 GMT) : >> I feel a bit sad to see this rehashed. Please just drop all packets on >> the floor? > >> People who use Tails and expect it to keep them safely torified are >> likely still vulnerable to things we wrote in our paper (vpwned). >> Allowing users by default to make non-tor connections, except for >> specific pluggable transports or dhcp, will probably ensure that >> variations on the disclosed issues stay relevant. > >> If a user wants to use a printer or touch the local subnet, why not >> make them jump through a (`sudo unsafe-network-unlock`) hoop? Why >> leave every other user vulnerable by default? > > I think you're confusing this thread with another one, > that is totally orthogonal as I see it. >
I was specifically replying to this bit: >> A conservative change to the tails config would be to keep an RELATED >> rule but limit it to known good ICMP messages. It seems odd to call that a conservative change, also. All the best, Jacob _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
