kpaste.net RSS- Tails Linux 0.16 - two curious security issues
- WTF Tails 0.16 uses an ancient version of OpenSSL! And has it been crippled somehow?
- Look at this (from my Tor client logs):
- [notice] No AES engine found; using AES_* functions.
- [notice] This version of OpenSSL has a slow implementation of counter mode; not using it.
- [notice] OpenSSL OpenSSL 0.9.8o 01 Jun 2010 looks like version 0.9.8m or later; I will try SSL_OP to enable renegotiation
- [notice] We weren't able to find support for all of the TLS ciphersuites that we wanted to advertise. This won't hurt security, but it might make your Tor (if run as a client) more easy for censors to block.
- [notice] To correct this, use a more recent OpenSSL, built without disabling any secure ciphers or features.
- Someone explain this please. This coming from the distro which still uses:
- network-manager 0.8.1-6+squeeze2
- network-manager-gnome 0.8.1-2
- LOL!
- ===============================
- Tails 0.16: DEBsig-verify disabled by default! EXCELLENT so I can get pwned and never know it, thanks guys.
- cat /etc/dpkg/dpkg.cfg
- # dpkg configuration file
- #
- # This file can contain default options for dpkg. All command-line
- # options are allowed. Values can be specified by putting them after
- # the option, separated by whitespace and/or an `=' sign.
- #
- # Do not enable debsig-verify by default; since the distribution is not using
- # embedded signatures, debsig-verify would reject all packages.
- no-debsig
- # Log status changes and actions to a file.
- log /var/log/dpkg.log
Tails Linux 0.16 - two curious security issues
Posted by Anonymous on Sat 9th Feb 2013 11:50
raw | new post
Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.