and, the attacker must find out how to exploit this security hole; this information has not been published yet, but they may somehow already have discovered it, or been made aware of it.
<p><strong>Tails does not start I2P by default.</strong> This design decision was made precisely in order to protect the Tailsusers who do not use I2P from security holes in this piece of software.</p>
<p>Still, an attacker who would also be able to start I2P on your Tails, either by exploiting another undisclosed security hole, or by tricking you into starting it yourself, could then use this I2P security hole to deanonymize you.</p>
However, if you really need to use I2P in Tails 1.1: before you start I2P, disable JavaScript globally [[with NoScript|doc/anonymous_internet/Tor_Browser#noscript]] in the Tor Browser.