{"id":6071,"date":"2014-07-30T10:00:02","date_gmt":"2014-07-30T14:00:02","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=6071"},"modified":"2014-07-30T10:00:02","modified_gmt":"2014-07-30T14:00:02","slug":"privacy-focused-tails-os-compromised-how-to-stay-safe-until-its-patched","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/30\/privacy-focused-tails-os-compromised-how-to-stay-safe-until-its-patched\/","title":{"rendered":"Privacy-focused Tails OS compromised: How to stay safe until it&#8217;s patched"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/www.pcworld.com\/article\/2458640\/until-the-tails-privacy-tool-is-patched-heres-how-to-stay-safe.html\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/tails_screenshot-100262037-large.png\" alt=\"\" \/><\/a><\/p>\n<p>Vulnerabilities in the Tails operating system could reveal your IP address, but you can avoid trouble by taking a couple of precautions.<\/p>\n<p>Tails, a portable operating system that employs a host of privacy-focused components, plans to patch flaws contained in I2P, a networking tool developed by the Invisible Internet Project that provides greater anonymity when browsing. It\u2019s similar in concept to Tor.<\/p>\n<p>On Saturday, I2P developers released several fixes for XSS (cross-site scripting) and remote execution flaws found by Exodus Intelligence, a vulnerability broker that irked some by announcing first on Twitter it knew of flaws but didn\u2019t immediately inform Tails.<\/p>\n<p>It wasn\u2019t clear when Tails would release an update with I2P\u2019s fixes. It couldn\u2019t be immediately reached Sunday.<\/p>\n<p>On Friday, Tails advised that users can take steps to protect themselves in the meantime. It recommended that I2P not be intentionally launched in Tails version 1.1 and earlier.<\/p>\n<p>Luckily, I2P is not launched by default when Tails is started. But Tails warned that an attacker could use some other undisclosed security holes to launch Tails and then try to de-anonymize a user. To be sure that doesn\u2019t happen, the I2P software package should be removed when Tails is launched.<\/p>\n<p>The danger of hackers using the I2P vulnerabilities is mitigated somewhat by the fact the details of the flaws haven\u2019t been disclosed publicly. But Tails wrote that hackers may have figured them out.<\/p>\n<p>Even general descriptions of vulnerabilities often give hackers enough information of where to start hunting for flaws, enabling them to figure out the exact problems.<\/p>\n<p>To execute an attack on I2P, a hacker must also lure someone to a website where they\u2019ve manipulated the content, Tails said. That sort of lure is usually set using social engineering, successfully tricking a person into loading malicious content. Savvy users may spot such a lure, but it\u2019s easy to get tricked.<\/p>\n<p>Soon after it wrote on Twitter of the flaws, Exodus Intelligence said it would provide the details to Tails and not sell the information to its customers. It wasn\u2019t clear if public pressure influenced Exodus.<\/p>\n<p>The company wouldn\u2019t say if it would make similar exceptions for privacy-focused software in the future such as Tails, which has been recommended by former National Security Agency contractor Edward Snowden.<\/p>\n<p>via <a href=\"http:\/\/www.pcworld.com\/article\/2458640\/until-the-tails-privacy-tool-is-patched-heres-how-to-stay-safe.html\" target=\"_blank\">Privacy-focused Tails OS compromised: How to stay safe until it&#8217;s patched | PCWorld<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerabilities in the Tails operating system could reveal your IP address, but you can avoid trouble by taking a couple [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[7,9],"tags":[778,849,1177],"class_list":["post-6071","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-operating-systems","tag-privacy","tag-vulnerabilities"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1zV","jetpack-related-posts":[{"id":9309,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/03\/18\/this-week-in-tech-658-the-matador-defense\/","url_meta":{"origin":6071,"position":0},"title":"This Week in Tech 658: The Matador Defense","author":"NCCT","date":"March 18, 2018","format":false,"excerpt":"https:\/\/youtu.be\/ZLvZn_xEil0 Controversial RyzenFall AMD flaws revealed. Leo gives up Facebook for good over Cambridge Analytica scandal. Broadcom gives up its Qualcomm takeover. Apple announces an education-themed event on March 27th. Farewell Adrian Lamo. Theranos officially charged with fraud. Bitcoin mining will drain the world's energy.","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/ZLvZn_xEil0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9305,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/02\/26\/this-week-in-tech-655-banana-is-phone\/","url_meta":{"origin":6071,"position":1},"title":"This Week in Tech 655: Banana Is Phone","author":"NCCT","date":"February 26, 2018","format":false,"excerpt":"https:\/\/youtu.be\/3Ndfvf28O5o Samsung announces 2 new phones as Mobile World Congress kicks off in Barcelona. iCloud keys are stored in China. All 150 new emojis for 2018 revealed. Nokia's newest phone is a nod to The Matrix. GDPR and H.R. 1865 and their implications. Intel knew about flaws in chips but\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/3Ndfvf28O5o\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9387,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/07\/29\/this-week-in-tech-677-to-serve-cat\/","url_meta":{"origin":6071,"position":2},"title":"This Week in Tech 677: To Serve Cat","author":"NCCT","date":"July 29, 2018","format":false,"excerpt":"https:\/\/youtu.be\/9koTMZi05pk This Week in Tech Facebook's stock crash, Tesla surfboards, Russia hacks utilities, and more. -- Jason Calacanis tells us what's going on with his buddy Elon Musk. -- Apple fixes the MacBook Pro's throttling issue. -- Facebook and Twitter stock takes a dive over poor growth numbers, but Google\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/9koTMZi05pk\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9318,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/04\/01\/this-week-in-tech-660-bankwupt\/","url_meta":{"origin":6071,"position":3},"title":"This Week in Tech 660: Bankwupt","author":"NCCT","date":"April 1, 2018","format":false,"excerpt":"https:\/\/youtu.be\/swk768CkIus Best April Fools Tech Jokes. Cloudflare's 1.1.1.1 DNS service. Apple's Education Event. US wants visa applicants' social media accounts. Tim Cook talks privacy. Ready Player One review. SpaceX's satellite internet plans. Fatal Tesla crash.","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/swk768CkIus\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9511,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/01\/22\/millsplain-it-to-me-this-week-in-tech-702\/","url_meta":{"origin":6071,"position":4},"title":"Millsplain It to Me &#8211; This Week in Tech 702","author":"NCCT","date":"January 22, 2019","format":false,"excerpt":"https:\/\/youtu.be\/EtTfFJVBZ6s -Apple's Tim Cook Calls for Data Privacy. -773M Passwords Pwned - How to Find Out If Yours Was. -Amazon Tries to Make Alexa Sound \"Newsy.\" -Google Buys Fossil. -74% of Facebook Users are Clueless. -Facebook's 10 Year Challenge. -Atari Founder Making Alexa Board Games. -Stop Using Windows Phone! -Tokyo\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/EtTfFJVBZ6s\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9528,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/03\/10\/third-party-dog-hats-this-week-in-tech-709\/","url_meta":{"origin":6071,"position":5},"title":"Third-Party Dog Hats &#8211; This Week in Tech 709","author":"NCCT","date":"March 10, 2019","format":false,"excerpt":"https:\/\/youtu.be\/-nUG1REHhwU Location Tracking, Facebook Privacy, Breaking Up Big Tech, and More! -- Foursquare Location Tracking Leaps Past the Creepy Line -- Will Zuck Make Facebook Private? -- Thousands of New Millionaires are Coming to San Francisco -- Apple has Big Plans for Self-Driving Cars -- Elizabeth Warren Wants to Break\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/-nUG1REHhwU\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/6071","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=6071"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/6071\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=6071"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=6071"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=6071"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}