Lähettäjä: Jacob Appelbaum Päiväys: Vastaanottaja: The Tails public development discussion list Kopio: Mike Perry Aihe: Re: [Tails-dev] MFSA 2015-78 (aka. CVE-2015-4495) vs. Tails
On 8/7/15, jvoisin <julien.voisin@???> wrote: > Hello,
>
> I disagree with your analysis;
> while the Apparmor profile (♥) will prevent tragic things like gpg key
> stealing, please keep in mind that an attacker can access every Firefox
> files, like cookies (stealing sessions), stored passwords, changing
> preferences (remember http://net.ipcalf.com/ ?), executing code inside
> the browser, …
I believe that the newest Tor Browser alpha will provide a fix. I hope
Mike will chime in here...
>
> This seems pretty serious to me, since people expect the web-browser to
> be reasonably trustworthy.