Feeds

Tails-hacking Exodus: Here's video proof of our code-injection attack

It's not a Tor exploit, but it will hit fully patched systems with default settings, we're told

Protecting against web application threats using SSL

Exodus Intelligence has revealed what it claims is video evidence of researchers unmasking an anonymous user of the Tails operating system.

The security bods claim they can upload malicious code to a system running Tails, execute the payload remotely, and ultimately discover the victim's public IP address.

Tails is a fork of Debian Linux that tries to protect your privacy online, and is recommended by NSA leaker Edward Snowden and his pals. Exodus, meanwhile, flogs details of software vulnerabilities for which no patches exist, typically selling the info to the feds.

Footage of what's described as an attack on a Tails system by Exodus can be found here.

The problem lies in the I2P network layer that Tails uses to hide the user's public IP address from websites and other servers in an attempt to keep him or her anonymous on the web. The Exodus team has found a zero-day flaw in the way I2P handles network traffic, a flaw that's exploited using a specially configured server.

This hole could allow someone to be tracked down and ultimately identified, unless the user has taken all steps necessary to disassociate their public network address from their real-world identity.

That in itself is a headache enough, but the problem is worse than that, it seems: the unmasking, we're told, is achieved by transferring a payload of code to an I2P user, and then executing it to cause merry hell.

"I2P currently boasts about 30,000 active peers. Since I2P has been bundled with Tails since version 0.7, Tails is by far the most widely adopted I2P usage," Exodus explained in a blog post revealing the vid.

"The I2P vulnerability works on default, fully patched installation of Tails. No settings or configurations need to be changed for the exploit to work."

The security biz has promised more technical details on the hack once it has finished working with the Tails and I2P coders to get the bug fixed – and won't be charging any fees for disclosing the flaw. The vulnerability exploited in the video is present in the latest Tails 1.1 build, dated July 22, we're told. More bugs will also be disclosed at a later date.

"We hope to break the mold of unconditional trust in a platform. Users should question the tools they use, they should go even further to understand the underlying mechanisms that interlock to grant them security," Exodus added on its website.

"It’s not enough to have faith upon security, rather to have an understanding of it. If the public thinks Exodus is one of a few entities finding bugs in software, they are grossly misinformed."

The news will be of concern to the ‪invisible.im project, which is trying to build a secure and anonymous messaging system. Invisible.im, which is still in early stages of development and not yet available for download, is set to use I2P.

And today's video comes just days after a Black Hat presentation on how to de-anonymize Tor users with just $3,000 of kit was pulled by lawyers. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.