Feature #5769

Applications audit

Added by Tails 2013-07-18 07:46:01 . Updated 2016-02-19 00:43:19 .

Status:
Confirmed
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
Due date:
% Done:

80%

Feature Branch:
Type of work:
Security Audit
Blueprint:

Starter:
0
Affected tool:
Deliverable for:

Description

Any included networked application needs to be analyzed for possible information leakages at the protocol level, e.g. if email clients leak the real IP address through the EHLO/HELO request etc.

This could be limited to applications whose protocol allows for such leakages.

General issues

The "claws with torsocks leaks hostname; bug was fixed, but the fact that torsocks behaves worse than tsocks in this respect is worrying and should be investigated further. Perhaps other applications using torify are also affected?

Per-software sub-pages:

Resources


Subtasks

Feature #6117: Audit Pidgin Confirmed

0

Feature #6118: audit iceweasel config Resolved

0

Feature #6115: Audit polipo Rejected

0

Feature #6121: Audit Liferea Rejected

0

Feature #6119: audit claws mail Rejected

0


History

#1 Updated by intrigeri 2013-10-04 06:36:50

  • Starter set to No

#2 Updated by intrigeri 2013-10-04 06:37:01

  • Type of work changed from Research to Audit

#3 Updated by BitingBird 2014-06-09 11:05:04

  • Subject changed from applications audit to Applications audit

#4 Updated by intrigeri 2016-02-19 00:43:19

  • Type of work changed from Audit to Security Audit