Author: intrigeri Date: To: KheOps CC: tails-dev Subject: Re: [Tails-dev] [liberationtech] "uVirtus Linux,
encrypted OS for Syria": a security review
Hi,
(a Tails developer here)
KheOps wrote (06 Feb 2014 22:18:07 GMT) : > The uVirtus live distribution was publicized back in September as a
> secure live OS specifically designed for Syrians. It stems from the idea
> of having a one-click easy to use VPN client that uses OpenVPN over
> Obfsproxy. > After testing it and discovering a few issues, I spent some more time in
> order to dig a bit more into its security. > I noticed numerous worrying security issues, and in overall it does not
> appear to me as really responsible to recommend it instead of, say,
> Tails. Issues include for instance holes that may help an attacker
> compromise the user's machine by gaining root access and weak protection
> against data leaking in cleartext out of the VPN. > I published a report that lists all the issues I could find and tried to
> assess their seriousness. I hope it is detailed and precise enough. > It is available here in English:
> https://press.telecomix.ceops.eu/en/posts/Review_of_security_issues_in_uVirtus_2.0/ > [...]
Any plans to do a similar review for Tails?
This would be most welcome :)