the attacker must be able to affect the content of a website that you are visiting using the [[Tor Browser|doc/anonymous_internet/Tor_Browser]] in Tails — many people are able to do so;
and, the attacker must find out how to exploit this security hole; this information has not been published yet, but they may somehow already have discovered it, or been made aware of it.
<p><strong>Tails does not start I2P by default.</strong> This design decision was made precisely in order to protect the Tailsusers who do not use I2P from security holes in this piece of software.</p>
<p>Still, an attacker who would also be able to start I2P on your Tails, either by exploiting another undisclosed security hole, or by tricking you into starting it yourself, could then use this I2P security hole to deanonymize you.</p>