[Tails-dev] Deanonymization potential by the desktop user

Delete this message

Reply to this message
Author: intrigeri
Date:  
To: tails-dev, julien.voisin
Subject: [Tails-dev] Deanonymization potential by the desktop user
Hi,

while discussing the usefulness of delaying Tails 0.18 due to a local
root privilege escalation bug, Julien Voisin pointed me at potential
deanonymization attacks one may conduct against Tails users, once
given the right to run arbitrary code as the desktop (`amnesia') user.

I've quickly summed up our (very preliminary) thoughts on a ticket so
that this does not get lost:
https://tails.boum.org/todo/investigate_deanonymization_potential_by_the_desktop_user/

Julien says he might have time to go on investigating this in a week,
but I'm sure he won't mind if someone else starts working on this.

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc