Re: [Tails-dev] vpwns:

Delete this message

Reply to this message
Author: Jacob Appelbaum
Date:  
To: Ague Mill
CC: The Tails public development discussion list, Marsh Ray
Subject: Re: [Tails-dev] vpwns:
Ague Mill:
>> In our (I'm cc'ing Marsh here, please keep him in the cc list unless he
>> objects) recent FOCI12 paper, we discuss some novel attacks on VPNs and
>> we focus on anonymity related issues. Largely, I think that this paper
>> is not news to Tails developers, I even sent in a per-release copy
>> months in advance to a few Tails hackers.
>>
>> Here are the urls for the paper:
>> https://www.usenix.org/conference/foci12/vpwns-virtual-pwned-networks
>> https://www.usenix.org/system/files/conference/foci12/foci12-final8.pdf
>
> We have already put on our plate to do a proper review of it:
> <https://tails.boum.org/todo/analyze_Jake_FOCI12_paper/>


Ah, cool! Great!

>
>> So my main concern was that we found the lack of transparent routing to
>> be an actual hole in Tails. There is not a compelling reason for
>> allowing all RFC1918 space given our findings.
>
> This might need to be discussed some more, but probably what needs to be
> done is filtering RFC1918 by default. But Tails is also meant to be able
> to produce documents. Some users might need to get sources on a NAS or
> use a printer in their local network.


I agree. At least, make the gap smaller, right? Why the entire RFC 1918
space? Why not the local network only?

>
> So implementation is not only about about changing three lines in the
> firewall, but also about having a way for users to allow access to the
> local network is also needed. This is not hard, but makes it less
> trivial.
>


Sure, I think that's fine - so parse the dhcp lease, allow traffic to
the local /24 (or whatever) and deny the router - now at least you can't
by default send any data to the internet.

All the best,
Jake