著者: intrigeri 日付: To: The Tails public development discussion list 題目: Re: [Tails-dev] Fwd: Re: Reducing attack surface of kernel and
tightening firewall/sysctls
Jacob Appelbaum wrote (14 Feb 2016 13:04:58 GMT) : > I feel a bit sad to see this rehashed. Please just drop all packets on
> the floor? > People who use Tails and expect it to keep them safely torified are
> likely still vulnerable to things we wrote in our paper (vpwned).
> Allowing users by default to make non-tor connections, except for
> specific pluggable transports or dhcp, will probably ensure that
> variations on the disclosed issues stay relevant. > If a user wants to use a printer or touch the local subnet, why not
> make them jump through a (`sudo unsafe-network-unlock`) hoop? Why
> leave every other user vulnerable by default?
I think you're confusing this thread with another one,
that is totally orthogonal as I see it.