Re: [Tails-dev] [Tails-news] Tails 3.13.2 is out

Supprimer ce message

Répondre à ce message
Auteur: Georg Koppen
Date:  
À: tails-dev
Sujet: Re: [Tails-dev] [Tails-news] Tails 3.13.2 is out
Tails - News:
> This release is an emergency release to fix a critical security vulnerability
> in _Tor Browser_.
>
> It also fixes [other security
> vulnerabilities](https://tails.boum.org/security/Numerous_security_holes_in_3.13.1/).
> You should upgrade as soon as possible.
>
> # Changes
>
> ## Fixed _NoScript_ activation in _Tor Browser_
>
> Starting from Friday May 3, a problem in _Firefox_ and _Tor Browser_ disabled
> all add-ons. This release reactivates all add-ons in _Tor Browser_, especially
> _NoScript_ which is used to:
>
> * Most importantly, protect against a very strong fingerprinting technique called _HTML5 canvas fingerprinting_ which can break your anonymity.


Hm. How does it do that? In particular, what does it do in addition to
the defense we baked into Tor Browser and which is not NoScript
dependent? (see the: "Specific Fingerprinting Defenses in the Tor
Browser", subsection 2. HTML5 Canvas Extraction at
https://2019.www.torproject.org/projects/torbrowser/design/)

Georg