investigate deanonymization potential by the desktop user
Arbitrary code execution as the desktop (amnesia
) user gives ways to
an attacker to deanonymize a Tails user. This is a problem we might want
to fix.
Roadmap
- research how easy it is to conduct such attacks via the Tor
controller, once given arbitrary code exec as the
amnesia
user (The desktop user is allowed to fiddle with Tor settings with Vidalia. E.g. a selection of bridges picked by the attacker is probably enough to deanonymize the user.) - research what other kinds of deanonymization attacks are available
to an attacker who can run arbitrary code as the
amnesia
user - Then, think what kind of defenses we can set up against these classes of attacks, cost/benefit analysis etc.
Related issues
- Is duplicate of #7072
Original created by @tails on 5505 (Redmine)