29/06/14 03:51, Soul Plane wrote:
> On Sat, Jun 28, 2014 at 4:17 AM, <[email protected]
> <mailto:[email protected]>> wrote:
>
> Soul Plane:
> > On Wed, Jun 25, 2014 at 8:19 AM, <[email protected]
> <mailto:[email protected]>> wrote:
> >
> >> Soul Plane:
> >>> I tried Tails 1.0.1 and started Iceweasel. I went to the website
> >>> https://www.whatismyip.com and Iceweasel showed an information
> bar that
> >>> said "foxyproxy prevented a site from changing foxyproxy's
> >> configuration".
> >>> There was an allow button but I didn't click it. Since then I
> haven't
> >> seen
> >>> that message. Is that normal?
> >>
> >> I failed to reproduce that same problem by only entering the
> homepage of
> >> whatismyip.com <http://whatismyip.com>.
> >>
> >> - Did you do any thing else on the website?
> >> - Does this happens all the time?
> >> - Does this happens on a fresh install of Tails?
> >>
> >
> > I did not do anything else on the website. I cannot reproduce. I
> am using
> > Tails from the live CD. Is there any reason why I would see that
> message?
>
> Weird. Then maybe that time you used a malicious exit node:
>
> https://tails.boum.org/doc/about/warning/#index1h1
>
> If you ever face this issue again, please try to see from the Vidalia
> network map [1] which exit node you were using and send that information
> to us.
>
> [1]: https://tails.boum.org/doc/anonymous_internet/vidalia/
>
>
>
> Ok. But what is the attack? If a malicious exit node changes my
> foxyproxy what happens? It can get my real address?
No. If Iceweasel's proxy settings are changed in some way to "no proxy",
then Tails' firewall would block all traffic Iceweasel generates [0].
The default user in Tails cannot configure Iceweasel (or any other
application) to connect directly to the Internet -- administrative
privileges are required for that.
About what probably happened: FoxyProxy adds the 'proxy://' protocol
handler [1], which can be used to configure the proxy via an URI. It
very well may be that an exit node injected such an URI, and some
JavaScript code to visit it. FoxyProxy will not do such configurations
without user confirmation, but we definitely should completely ignore
this ill-thought "feature" any way. Ticket:
https://labs.riseup.net/code/issues/7479
[0] https://tails.boum.org/contribute/design/Tor_enforcement/
[1] http://getfoxyproxy.org/developers/proxyprotocol.html
Cheers!
_______________________________________________
tails-support mailing list
[email protected]
https://mailman.boum.org/listinfo/tails-support
To unsubscribe from this list, send an empty email to
[email protected].
