NexTV Africa & Middle East

Complete News World

Pending safe release: Anonymous browsing on Tails is at risk

Pending safe release: Anonymous browsing on Tails is at risk

two “critical“JavaScript vulnerabilities put users of the anonymous Linux distribution Tails at risk if they use Tor Browser to browse. Security patches are already available but not yet implemented.

Linux Live Tails starts right from a USB drive and is designed to protect anonymity and privacy. For example, websites are accessed encryptedly via the Tor network and the system forgets the settings after a restart. The built-in Tor browser is based on Firefox ESR from Mozilla, where developers recently closed two vulnerabilities (CVE-2022–1529, CVE-2022-1802).

In a warning message, Tails developers adviseDo not use Tor Browser to handle sensitive data such as passwords at this time. Tor Browser is already equipped with the latest security update in version 11.0.13but according to the Tails team, it won’t be able to build the secure version until May 31, 2022 5.1 . tails To merge. The reason for the delay is the lack of capacity in the team.

Until then you should not browse using a web browser. For example, when you visit a website controlled by an attacker, malicious JavaScript code can install itself in the browser and log passwords from the pages that are then visited.

If you still want to use the Tor browser, you must activate the highest security level in the settings to turn off JavaScript. The Mozilla Thunderbird mail client should not be affected by the Tails vulnerabilities, since JavaScript is disabled by default. According to the developers, those who do not access websites using the Tor browser can use Tails as normal.

See also  ADATA XPG features a new track record for DDR5 overclocking


to the home page