Feature #5769

Applications audit

Added by Tails about 4 years ago. Updated over 1 year ago.

Status:ConfirmedStart date:
Priority:NormalDue date:
Assignee:-% Done:

80%

Category:-
Target version:-
QA Check: Blueprint:
Feature Branch: Easy:No
Type of work:Security Audit Affected tool:

Description

Any included networked application needs to be analyzed for possible information leakages at the protocol level, e.g. if email clients leak the real IP address through the EHLO/HELO request etc.

This could be limited to applications whose protocol allows for such leakages.

General issues

The "claws with torsocks leaks hostname bug was fixed, but the fact that torsocks behaves worse than tsocks in this respect is worrying and should be investigated further. Perhaps other applications using torify are also affected?

Per-software sub-pages:

Resources


Subtasks

Feature #6117: Audit PidginConfirmed

Feature #6118: audit iceweasel configResolved

Feature #6115: Audit polipoRejected

Feature #6121: Audit LifereaRejected

Feature #6119: audit claws mailRejected

History

#1 Updated by intrigeri almost 4 years ago

  • Easy set to No

#2 Updated by intrigeri almost 4 years ago

  • Type of work changed from Research to Audit

#3 Updated by BitingBird about 3 years ago

  • Subject changed from applications audit to Applications audit

#4 Updated by intrigeri over 1 year ago

  • Type of work changed from Audit to Security Audit

Also available in: Atom PDF