Researchers plan to disclose critical bugs to TAILS team soon

Discussion in 'privacy technology' started by Minimalist, Jul 22, 2014.

Thread Status:
Not open for further replies.
  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
  2. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
    http://www.theverge.com/2014/7/22/5927917/the-worlds-most-secure-os-may-have-a-serious-problem
     
  3. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    If you want to be safe when using a computer then don't use one. There is a reason why the Germans and Russians want to go back to manual typewriters. The three letter agencies (that includes non-US affiliated ones as well) have nearly infinite amount of money when compared to the TAILS developer/community. So it's always going to be cat and mouse game with the cat always catching up.
     
  4. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
    http://threatpost.com/researchers-demo-tails-flaw-exploit-disclose-details-to-developers
     
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
  6. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
    Yes, even vice president of Exodus is saying, we should not trust any software:
    “Our main goal…was to bring attention to the fact that no software is infallible and those seeking anonymity should not blindly trust a software recommendation (even if it is from Snowden),” Portnoy said via email.
     
  7. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    It also depends on how interesting you are to target in the first place. World population is around 7 billion.
     
  8. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    I said it in another thread as well, but that line of thinking is as dead as security by obscurity. Global surveillance isn't about interesting targets, it's about mass. The idea is that by keeping tabs on everyone, threats are more likely to be stopped. Preferably before they even begin, which is why you're seeing folks get tagged for "interesting" Google searches, etc. That idea is not working and the intelligence community knows it. But, naturally, they don't want to get rid of their toys of course and as always higher ups make the decisions for the real experts. So, the programs keep chugging along and more and more money is thrown at it.

    Hqsec pointed out a statement that I believe everyone should remember as well. Snowden isn't the end all, be all of security and can't tell you every nook and cranny of every piece of software on earth. He doesn't make software and isn't a security "god". Snowden has become a sort of hero, a symbol of "patriotism". Yes, he stood up and said "enough", but so have hundreds of other people. Many a former agent has warned of what has been going on for years and years, only to be discounted as a nut or told to sit down and shut up. Many of us who have connections inside these agencies have repeatedly said something was wrong, but were dumped in the FUD/Tinfoil hat trashcan. Go through this forum alone and look at posts and threads of years past. He's one guy in an enormous machine, and not even his revelations are going to change things where they need changing. You cannot rely on anything to keep you safe. No VPN, no TOR or Tails or chaining all of them together can guarantee you anything. Of course I expect that opinion to be trashed as well, which is okay. I can already see "But, math!" coming a mile away to counter it. I'll simply wait for another "revelation" to come around and be proven right.
     
  9. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    I'd say that using Tails (or TOR in general) makes you a target for certain government agencies...
     
  10. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    To both of you: I know all of this. More than half my posts echo what you're saying.
    https://www.wilderssecurity.com/threads/i-dont-like-opting-out.366310/#post-2393026
    https://www.wilderssecurity.com/thr...abetting-tlas-boycot-tor.366193/#post-2392949

    There's the automation and collection of the masses, but then there's the actual agents/contractors/people/teams that work against one particular target.

    http://blogs.computerworld.com/encr...-better-encryption-save-us-surveillance-state

    There's vulnerabilities in all software, there always will be. The Tails devs know this:

    https://tails.boum.org/news/On_0days_exploits_and_disclosure/index.en.html

    Basically, I agree with the mindset of "the only way to win is not to play the game (by having an internet connection, or a computer)". But I also think that all these massive groups against privacy put their pants on one leg at a time like the rest of us. They can not censor or control every one of the billions of people. We ain't North Korea, yet.
     
    Last edited: Jul 24, 2014
  11. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    That's my point. How much of a target for harassment you become by using Tor/TAILS vs doing regular searches on daily basis.
     
  12. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    https://tails.boum.org/security/Security_hole_in_I2P_0.9.13/index.en.html

    Again it can be protected against by the age old "use Noscript". The browser is always going to be the targeted thing with Tor.

    But it's far from being the end of the world.
     
    Last edited: Jul 25, 2014
  13. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
  14. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
  15. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    https://geti2p.net/en/blog/post/2014/07/26/0.9.14-Release

    So I expect that Tails should be updated soon.
     
Loading...
Thread Status:
Not open for further replies.