Solve : Some questions about Tails?

1.	Solve : Some questions about Tails?
Answer» Hi, I would like to ask some security-focused questions on Tails, the Linux privacy OS. 1. We know that Javascript and plugins are removed from the Firefox Tor browser, because these are 2 of the most common ways to hack a browser. But, is there any way to hack Firefox that doesn't depend on these 2 things..? The NSA has documents where they were confident to exploit so-called "native" Firefox exploits. I would like to see someone link me proof of any such exploits. The only thing I could think of would be things like, using GIF images or something like that. I've heard of exploits that Involve nothing other than GIF images. 2. Let's just say that the answer to (1) is "yes, they can hack Firefox EVEN with JS and plugins disabled"... So, the question is.... what happens next...? We know that Tails runs in non-administrator/non-root mode, and we know that Tails blocks access to the user's local hard drive.... So the question is..... how would any hacker achieve persistence...? Surely when the browser window closes, the virus is now gone for good.... Or is it...? That's what I'm asking.... How would they achieve persistence...? Can programs be run SIMPLY out of the computer's RAM alone...? Or, could they install the virus to any USB hard drive that was plugged in..? Does Tails allow executable files to be run off of an external USB device..? 3. Question 3 is another question about persistence.... Would it be possible for a hacker to hack Firefox, and then install the drivers required to read off of the user's local hard drive...? Or not...? Does it require a computer restart in order for such drivers to take effect..? If so, then obviously it's useless for the hacker, because once Tails is restarted, it's back to its original non-modified state all over again. That's it... As you can see, the questions are mainly about persistence... Thanks Quote As you can see, the questions are mainly about persistence... Thanks When a program closes, either in Linux or Windows, the memory is not cleared. It is merely set to FREE space. A clever hacker can do some trick to prevent the memory from being used by the next program. The the bogus MALWARE in memory can do its wicked objectives. How it is done is not the issue. It is done. That is what matters. I do not want to tell you how it is done. Just believe it. With the advent of 64 bit software and hardware, there are now some new ideas about how to protect your PC for malware. Bat that is a new topic. But you can Google it. One thing is the NX bit. Start here: https://en.wikipedia.org/wiki/NX_bit Quote Intel markets the feature as the XD bit, for eXecute Disable. AMD uses the marketing term ENHANCED Virus Protection. The ARM architecture refers to the feature as XN for eXecute Never; it was introduced in ARM v6.[1] So future PCs might have more built-in protection.

Answer»

Hi, I would like to ask some security-focused questions on Tails, the Linux privacy OS.

1. We know that Javascript and plugins are removed from the Firefox Tor browser, because these are 2 of the most common ways to hack a browser. But, is there any way to hack Firefox that doesn't depend on these 2 things..? The NSA has documents where they were confident to exploit so-called "native" Firefox exploits. I would like to see someone link me proof of any such exploits. The only thing I could think of would be things like, using GIF images or something like that. I've heard of exploits that Involve nothing other than GIF images.

2. Let's just say that the answer to (1) is "yes, they can hack Firefox EVEN with JS and plugins disabled"... So, the question is.... what happens next...? We know that Tails runs in non-administrator/non-root mode, and we know that Tails blocks access to the user's local hard drive.... So the question is..... how would any hacker achieve persistence...? Surely when the browser window closes, the virus is now gone for good.... Or is it...? That's what I'm asking.... How would they achieve persistence...? Can programs be run SIMPLY out of the computer's RAM alone...? Or, could they install the virus to any USB hard drive that was plugged in..? Does Tails allow executable files to be run off of an external USB device..?

3. Question 3 is another question about persistence.... Would it be possible for a hacker to hack Firefox, and then install the drivers required to read off of the user's local hard drive...? Or not...? Does it require a computer restart in order for such drivers to take effect..? If so, then obviously it's useless for the hacker, because once Tails is restarted, it's back to its original non-modified state all over again.

That's it...

As you can see, the questions are mainly about persistence...
Thanks Quote

As you can see, the questions are mainly about persistence...
Thanks

When a program closes, either in Linux or Windows, the memory is not cleared. It is merely set to FREE space. A clever hacker can do some trick to prevent the memory from being used by the next program. The the bogus MALWARE in memory can do its wicked objectives.

How it is done is not the issue. It is done. That is what matters. I do not want to tell you how it is done. Just believe it.

With the advent of 64 bit software and hardware, there are now some new ideas about how to protect your PC for malware. Bat that is a new topic. But you can Google it.
One thing is the NX bit.
Start here:
https://en.wikipedia.org/wiki/NX_bit
Quote

Intel markets the feature as the XD bit, for eXecute Disable. AMD uses the marketing term ENHANCED Virus Protection. The ARM architecture refers to the feature as XN for eXecute Never; it was introduced in ARM v6.[1]

So future PCs might have more built-in protection.

Solve : Some questions about Tails?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment