Re: [Tails-dev] Hacking Team looking at Tails

2016-02-18 Thread Austin English
On Thu, Feb 18, 2016 at 11:37 AM, intrigeri wrote: > Austin English wrote (18 Feb 2016 16:56:29 GMT) : >> I'm not sure what action we should suggest. > > Re-installing from scratch is perhaps the only safe option we can > provide in the current state of our tools. +1 I filed

Re: [Tails-dev] Hacking Team looking at Tails

2016-02-18 Thread intrigeri
Austin English wrote (18 Feb 2016 16:56:29 GMT) : > I'm not sure what action we should suggest. Re-installing from scratch is perhaps the only safe option we can provide in the current state of our tools. ___ Tails-dev mailing list Tails-dev@boum.org

Re: [Tails-dev] Hacking Team looking at Tails

2016-02-18 Thread segfault
> I'm not sure how the user could detect / verify that > (realistically, you probably can't..). Running a rootkit checker from > another *nix OS may be helpful, but of unknown effectiveness. That's work in progress: https://labs.riseup.net/code/issues/7496 I implemented a prototype that's

Re: [Tails-dev] Hacking Team looking at Tails

2016-02-18 Thread Austin English
On Thu, Feb 18, 2016 at 10:51 AM, intrigeri wrote: >> I was thinking about this last night, it likely wouldn't be too hard >> to write a wrapper for the greeter to detect if those files (or other >> similar files/directories, like __MACOSX) are present. It should then >> be

Re: [Tails-dev] [liveusb-creator] [PATCH] Add additional syslinux gptmbr.bin path

2016-02-18 Thread intrigeri
Hi, Yuval Adam wrote (16 Feb 2016 09:26:54 GMT) : > Please ignore last patch and use this updated one > From 65a2b31fa89ff27251ae30ad3bb3a22d4ef6dff0 Mon Sep 17 00:00:00 2001 > From: Yuval Adam > Date: Mon, 15 Feb 2016 23:08:00 +0200 > Subject: [PATCH] Add additional syslinux

Re: [Tails-dev] Hacking Team looking at Tails

2016-02-18 Thread intrigeri
> I was thinking about this last night, it likely wouldn't be too hard > to write a wrapper for the greeter to detect if those files (or other > similar files/directories, like __MACOSX) are present. It should then > be possible to pop up a very big warning in the greeter, ideally > before the

Re: [Tails-dev] Is Tails affected by the CVE-2015-7547 glibc getaddrinfo() vulnerability?

2016-02-18 Thread Jurre van Bergen
Hi, This is an on-going investigation. Indeed, applications using the Tor socks port for name resolution are not vulnerable for this attack. An automated test was ran trying to determine (using the public proof of concept) whether any application was vulnerable, so far, we're on the safe side

Re: [Tails-dev] Is Tails affected by the CVE-2015-7547 glibc getaddrinfo() vulnerability?

2016-02-18 Thread intrigeri
Hi, my understanding is that clients that use Tor SOCKS port for name resolution are fine. For clients who use the DNSPort, it's not clear to me if an attacker-controlled payload can make it's way from the exit node being used for the name resolution to the client. Has anyone looked into this?