Skip to content

investigate deanonymization potential by the desktop user

Arbitrary code execution as the desktop (amnesia) user gives ways to an attacker to deanonymize a Tails user. This is a problem we might want to fix.

Roadmap

  1. research how easy it is to conduct such attacks via the Tor controller, once given arbitrary code exec as the amnesia user (The desktop user is allowed to fiddle with Tor settings with Vidalia. E.g. a selection of bridges picked by the attacker is probably enough to deanonymize the user.)
  2. research what other kinds of deanonymization attacks are available to an attacker who can run arbitrary code as the amnesia user
  3. Then, think what kind of defenses we can set up against these classes of attacks, cost/benefit analysis etc.

Related issues

Original created by @tails on 5505 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information