| blob | d896066361c3e56e45b416ebecea531bf623f677 |
1 # SOME DESCRIPTIVE TITLE
2 # Copyright (C) YEAR Free Software Foundation, Inc.
3 # This file is distributed under the same license as the PACKAGE package.
4 # FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
5 #
6 #, fuzzy
7 msgid ""
8 msgstr ""
9 "Project-Id-Version: PACKAGE VERSION\n"
10 "POT-Creation-Date: 2014-07-25 00:40+0300\n"
11 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
12 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
13 "Language-Team: LANGUAGE <LL@li.org>\n"
14 "Language: \n"
15 "MIME-Version: 1.0\n"
16 "Content-Type: text/plain; charset=UTF-8\n"
17 "Content-Transfer-Encoding: 8bit\n"
19 #. type: Plain text
20 #, no-wrap
21 msgid "[[!meta date=\"Thu Jul 24 21:15:00 2014\"]]\n"
22 msgstr ""
24 #. type: Plain text
25 #, no-wrap
26 msgid "[[!meta title=\"Security hole in I2P 0.9.13\"]]\n"
27 msgstr ""
29 #. type: Plain text
30 msgid ""
31 "A security hole affects I2P 0.9.13, that is part of Tails 1.1 and earlier."
32 msgstr ""
34 #. type: Title =
35 #, no-wrap
36 msgid "Scope and severity\n"
37 msgstr ""
39 #. type: Plain text
40 msgid ""
41 "If you are [[using I2P|doc/anonymous_internet/i2p]] in Tails 1.1 and "
42 "earlier, an attacker can de-anonymize you: they can learn the IP address "
43 "that identifies you on the Internet."
44 msgstr ""
46 #. type: Plain text
47 msgid "To be able to conduct this attack:"
48 msgstr ""
50 #. type: Bullet: '1. '
51 msgid ""
52 "the attacker must be able to affect the content of a website that you are "
53 "visiting using the [[Tor Browser|doc/anonymous_internet/Tor_Browser]] in "
54 "Tails — many people are able to do so;"
55 msgstr ""
57 #. type: Bullet: '2. '
58 msgid ""
59 "and, the attacker must find out how to exploit this security hole; this "
60 "information has not been published yet, but they may somehow already have "
61 "discovered it, or been made aware of it."
62 msgstr ""
64 #. type: Plain text
65 #, no-wrap
66 msgid "<div class=\"note\">\n"
67 msgstr ""
69 #. type: Plain text
70 #, no-wrap
71 msgid ""
72 "<p><strong>Tails does not start I2P by default.</strong> [[This design\n"
73 "decision|contribute/design/I2P#design]] was made precisely in order to\n"
74 "protect the Tails users who do not use I2P from security holes in this\n"
75 "piece of software.</p>\n"
76 msgstr ""
78 #. type: Plain text
79 #, no-wrap
80 msgid ""
81 "<p>Still, an attacker who would also be able to start I2P on your\n"
82 "Tails, either by exploiting another undisclosed security hole, or by\n"
83 "tricking you into starting it yourself, could then use this I2P\n"
84 "security hole to de-anonymize you.</p>\n"
85 msgstr ""
87 #. type: Plain text
88 #, no-wrap
89 msgid "</div>\n"
90 msgstr ""
92 #. type: Title =
93 #, no-wrap
94 msgid "Temporary solutions\n"
95 msgstr ""
97 #. type: Plain text
98 msgid "You can protect yourself from this security hole until it is corrected."
99 msgstr ""
101 #. type: Plain text
102 msgid ""
103 "Do not start I2P in Tails 1.1 and earlier. You can protect yourself further "
104 "by removing the `i2p` package every time you start Tails:"
105 msgstr ""
107 #. type: Bullet: '1. '
108 msgid ""
109 "[[Set an administration password|doc/first_steps/startup_options/"
110 "administration_password]]."
111 msgstr ""
113 #. type: Bullet: '1. '
114 msgid "Run this command in a <span class=\"application\">Root Terminal</span>:"
115 msgstr ""
117 #. type: Plain text
118 #, no-wrap
119 msgid " apt-get purge i2p\n"
120 msgstr ""
122 #. type: Plain text
123 msgid ""
124 "However, if you really need to use I2P in Tails 1.1: before you start I2P, "
125 "disable JavaScript globally [[with NoScript|doc/anonymous_internet/"
126 "Tor_Browser#noscript]] in the Tor Browser."
127 msgstr ""
129 #. type: Title =
130 #, no-wrap
131 msgid "Credits\n"
132 msgstr ""
134 #. type: Plain text
135 msgid "This security hole was reported to us by Exodus Intelligence."
136 msgstr ""