Hi, sajolida (2020-02-25): > Surprisingly, it's not even clear to me what the implications of the > Language and Region settings can be on privacy. So I'm moving the > discussion to tails-dev@boum.org in order to ask our fellow developers.
First, most, if not all, exploited applications have access to locale configuration. Wrt. network fingerprinting: - We have to assume that some applications may expose the system's locale configuration as part of their network activity. - For Tor Browser and Thunderbird, our configuration tries to avoid this (best effort) but it's impossible to prove we did not miss anything. Wrt. local storage: - If an adversary can read the content of the persistent storage, I'm pretty sure that the locale configuration can be easily inferred from that. - If/once we allow persisting the locale in cleartext on the system partition, this information will be available to an adversary who seizes the Tails device. _______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://www.autistici.org/mailman/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.