On Sat, 2 Aug 2014 10:47:29 +0000 (UTC) intrigeri <[email protected]> wrote:
> Hi,
>
> Kill Your TV wrote (01 Aug 2014 15:19:02 GMT) :
> > the vulnerability requires
> > [...]
> > - visiting a malicious I2P site
>
> Can't any Tor exit node exploit the vulnerability when visiting any
> website over plain-text HTTP? (And anyone who controls the content
> served to the browser, actually.)
What I intended was
s/visiting/accessing/
Since I obviously wasn't clear (even though you probably knew what I
meant): You cannot get bitten by this bug if I2P isn't running and *NO
ONE* should be running I2P 0.9.13 (or older) and since 0.9.13 is in
Tails, no one should run I2P in Tails before I2P is updated.
(My main reason for replying was to counter "Tails devs don't heed
their own advice!", as if the hardworking Tails devs would give "remove
this package" advice if it wasn't _completely_ safe to do so.)
--
GPG ID: 0x5BF72F42D0952C5A
Fingerprint: BD12 65FD 4954 C40A EBCB F5D7 5BF7 2F42 D095 2C5A
signature.asc
Description: PGP signature
_______________________________________________ tails-support mailing list [email protected] https://mailman.boum.org/listinfo/tails-support To unsubscribe from this list, send an empty email to [email protected].
