Exit Zen
1
English type: Plain text
[[!meta title="Security audit of automatic upgrades and recent changes"]]
0/740 · 74
6
English type: Plain text
Late 2024, [Radically Open Security](https://www.radicallyopensecurity.com/) conducted another security audit of critical parts of Tails.
0/1370 · 137
7
English type: Plain text
To better protect our users, we addressed the security vulnerabilities as soon as they were discovered and reported to us, without waiting for the audit to be complete and public.
0/1790 · 179
8
English type: Plain text
We can now share with you the [final report](https://gitlab.tails.boum.org/-/project/103/uploads/56c89755aa84636e900094ed23e0919f/report_tails-1.pdf).
0/1500 · 150
9
English type: Plain text
The auditors concluded that:
0/280 · 28
10
English type: Plain text
> The Tails operating system leaves a strong security impression, addressing
> most anonymity-related concerns. We did not find any remote code execution
> vulnerabilities, and all identified issues required a compromised
> low-privileged `amnesia` user – the default user in Tails.
>
> Looking back at the [[previous audit|audit_by_ROS]], we can see the Tails
> developers have made significant progress, demonstrating expertise and a
> serious commitment to security.
0/4760 · 476
11
English type: Title #
Findings
0/100 · 8
12
English type: Plain text
The auditors did not identify any vulnerability in:
0/510 · 51
13
English type: Bullet: '- '
The creation of the Persistent Storage with LUKS2, introduced in [[Tails 5.14|version_5.14]] (June 2023)
0/1040 · 104
14
English type: Plain text
- Our security improvements to [[*Thunderbird*|doc/anonymous_internet/thunderbird]]
0/830 · 83
15
English type: Plain text
- The random seed feature, introduced in [[Tails 6.4|version_6.4]] (June 2024)
0/780 · 78
16
English type: Plain text
The auditors found 4 issues in:
0/310 · 31
17
English type: Plain text
- The automatic upgrade mechanism
0/330 · 33
18
English type: Plain text
- Other important changes since [[Tails 5.8|version_5.8]] (November 2023)
0/730 · 73
19
English type: Plain text
<table>
<tr><th>ID</th><th>Impact</th><th>Description</th><th>Issue</th><th>Status</th><th>Release</th></tr>
<tr><td>OTF-001</td><td>High</td><td>Local privilege escalation in <i>Tails Upgrader</i></td><td>[[!tails_ticket 20701]]</td><td>Fixed</td><td>6.11</td></tr>
<tr><td>OTF-002</td><td>High</td><td>Arbitrary code execution in Python scripts</td><td>[[!tails_ticket 20702]]</td><td>Fixed</td><td>6.11</td></tr>
<tr><td> </td><td></td><td></td><td>[[!tails_ticket 20744]]</td><td>Fixed</td><td>6.12</td></tr>
<tr><td>OTF-003</td><td>Moderate</td><td>Argument injection in privileged GNOME scripts</td><td>[[!tails_ticket 20709]]</td><td>Fixed</td><td>6.11</td></tr>
<tr><td> </td><td></td><td></td><td>[[!tails_ticket 20710]]</td><td>Fixed</td><td>6.11</td></tr>
<tr><td>OTF-004</td><td>Low</td><td>Untrusted search path in Tor Browser launcher</td><td>[[!tails_ticket 20733]]</td><td>Fixed</td><td>6.12</td></tr>
</table>
0/9390 · 939
20
English type: Title #
Postmortem
0/100 · 10
21
English type: Plain text
Our team went further than simply fixing these issues. We conducted a *postmortem* to understand *how* we introduced these vulnerabilities in our releases and *what* we could do to avoid similar vulnerabilities in the future. This analysis led to technical, policy, and culture changes.
0/2870 · 287
22
English type: Plain text
This analysis was useful and we'll definitely consider doing postmortems again after future audits. It might also be useful for other projects to understand how we worked on these long-lasting improvements.
0/2060 · 206
23
English type: Title ##
Technical improvements
0/220 · 22
24
English type: Bullet: ' - '
Postmortem of OTF-001
0/210 · 21