1. 11 Jul, 2019 2 commits
  2. 08 Apr, 2019 1 commit
  3. 26 Jan, 2018 2 commits
  4. 08 Dec, 2017 1 commit
    • intrigeri's avatar
      Drop (broken) Thunderbird dedicated SocksPort (refs: #12460) · 23932128
      intrigeri authored
      We use a dedicated SocksPort for the MUA as a trade-off: it gives poorer circuit
      isolation than if we used the default SocksPort, but we were ready to compromise
      on this in order to make POP-before-SMTP work. We've released Tails 3.0 with
      this change 4 months ago and I've not heard about anyone being harmed by the
      lack of POP-before-SMTP support, so let's give up on this one and get stronger
      stream isolation in exchange.
  5. 31 Mar, 2017 1 commit
  6. 20 Mar, 2017 1 commit
    • intrigeri's avatar
      Firewall: forbid the _apt user to talk to DNS ports. · 458a3b5b
      intrigeri authored
      I've seen it trying to talk to UDP port 5353 (and being blocked), which makes
      the logs noisy. APT works very well without DNS access since we only have Onion
      APT sources, so let's silence the logs.
  7. 28 Feb, 2017 1 commit
    • anonym's avatar
      Completely remove I2P. · e9d02049
      anonym authored
      We have decided to remove I2P (Refs: #11276) due to our failure of
      finding someone interested in maintaining it in Tails.
      Will-fix: #12263
  8. 24 Feb, 2017 1 commit
  9. 02 Jan, 2017 1 commit
    • intrigeri's avatar
      Firewall: reject packets sent on the LAN to the NetBIOS name service. · b1099c14
      intrigeri authored
      This is about https://en.wikipedia.org/wiki/NetBIOS#Name_service, that allows
      registering and looking up names on a LAN. Best case, it gives a very nice UX
      for service discovery on the LAN (in this case: connecting to a local Gobby
      server), which can be super cool for teams working from a single location.
      Worst case, it leaks things like the hostname on the LAN.
      We've never made any serious attempt at supporting zeroconf and
      friends (although Tails Server might be a game changer), so for now let's
      explicitly drop these packets. The only practical problem I can think of is that
      it might cause is making discovery of some network printers harder. That's not
      worth the risk of announcing our hostname, or worse, though.
      Closes: #11944
  10. 16 Nov, 2016 1 commit
  11. 15 Nov, 2016 1 commit
    • anonym's avatar
      Allow the _apt user to use Tor. · 5b3ba97e
      anonym authored
      Now in Stretch, apt network operations are performed with the _apt user
      and not root. In fact, let's try to not allow root to connect to Tor at
  12. 06 Oct, 2016 2 commits
  13. 26 Sep, 2016 1 commit
    • anonym's avatar
      Run onioncircuits directly as the live user. · 2b76c549
      anonym authored
      onioncircuits now uses tor-controlport-filter, which is exposed to the
      live user. Also the per-process filtering should make the attack surface
      even smaller.
  14. 24 Sep, 2016 1 commit
  15. 28 Aug, 2016 1 commit
  16. 27 Aug, 2016 1 commit
  17. 23 Aug, 2016 1 commit
    • intrigeri's avatar
      Stop shipping ttdnsd. · 1512c2ba
      intrigeri authored
      It was only useful for developers and power-users who can install it themselves
      as needed. It's been unmaintained upstream for many years. It's very buggy so we
      had to remove it from the DNS resolution loop years ago. It's not in Debian.
      And it's one of the only two bits of Tails that still rely on tsocks, that is
      RC-buggy, unmaintained in Debian, and not in Stretch at the moment.
      So it has become clear that the cost of keeping ttdnsd now outweighs the
      benefits it brings.
      refs: #10959
  18. 17 Aug, 2016 1 commit
  19. 30 Apr, 2016 1 commit
    • intrigeri's avatar
      Access outgoing related ICMP packets to the loopback interface. · 0f36175a
      intrigeri authored
      1. the "I cannot configure the Unsafe Browser to use any local proxies"
         automated test fails: the browser waits for the "The proxy server is
         refusing connections" message that is never displayed, because of:
         Dropped outbound packet: IN= OUT=lo SRC= DST=
         LEN=80 TOS=0x00 PREC=0xC0 TTL=64 ID=8145 PROTO=ICMP TYPE=3 CODE=3
         [SRC= DST= LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=9959
         DF PROTO=TCP SPT=40813 DPT=9050 WINDOW=43690 RES=0x00 SYN URGP=0 ]
      2. Electrum, when started with an existing persistent wallet, takes more
         than two minutes to start, also because of blocked IMCP packets to
         the loopback interface.
  20. 01 Mar, 2016 1 commit
  21. 11 Feb, 2016 2 commits
  22. 08 Mar, 2015 1 commit
  23. 03 Nov, 2014 1 commit
  24. 21 Sep, 2014 1 commit
    • Kill Your TV's avatar
      I2P Browser · bf714344
      Kill Your TV authored
      Browser specifically for I2P based on the scripts that
      configure the "unsafe-browser".
      * Adds a new i2pbrowser user
      * change the I2P menu entry and related sudoers file to start
        this new browser. I2P will be started via NetworkManager (added in a later
        commit) when a user adds 'i2p' to the boot prompt.
      Update I2P firewall rules
      Since the anmesia user won't be browsing eepsites with the Torbrowser
      anymore, and the i2pbrowser user *will* be browsing them, the firewall
      rules needed another update.
      disable cups
      fixes the same problem as ticket #7771 addresses for the
      Remove I2P settings from FoxyProxy
      Since I2P Browser is now used for visiting eepsites (.i2p tld) the I2P
      configs are no longer appropriate for FoxyProxy.
  25. 19 Sep, 2014 1 commit
    • Tails developers's avatar
      Install TBB in a custom way instead of installing Iceweasel. · 3f1a351d
      Tails developers authored
      Instead of installing the iceweasel package (and friends) we now fetch
      the TBB tarballs at build-time and extract the Tor Browser, browser
      add-ons and langpacks, and browser user data into sensible places. We
      try to keep something like the old organization as much as possible.
      Unfortunately this drops language support to whatever subset that the
      TBB supports.
  26. 06 Aug, 2014 1 commit
    • Kill Your TV's avatar
      I2P: disable BOB port · 1b1d0afe
      Kill Your TV authored
      There's one known application that uses BOB:
       - it's no longer maintained; and
       - it would need more ports opened in ferm. It would be hard to justify
         this for a non-essential application which users are not likely to
         install themselves.
      That being the case, let's close the port for BOB.
  27. 05 Aug, 2014 1 commit
  28. 31 Jul, 2014 1 commit
    • Kill Your TV's avatar
      stricter I2P fw rules · 387dec74
      Kill Your TV authored
      This commit will:
      - deny I2P from accessing the LAN
      - deny I2P from accessing the loopback device, except for select
        whitelisted services
      - allow I2P access to the Internet
      The ACCEPT rules will only be enabled when the string 'i2p' is passed at
      the boot prompt.
      The rules which DENY or REJECT access for the 'i2psvc' user will always
      be applied.
  29. 26 Jul, 2014 1 commit
  30. 22 Mar, 2014 2 commits
  31. 04 Mar, 2014 3 commits
  32. 16 Feb, 2014 1 commit
  33. 14 Feb, 2014 1 commit