document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-10 22:21:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #25864 from lkxed/20220527-Tails-Linux-Users-Warned-Against-Using-the-Tor-Browser--Here-s-why!

Browse Source 
[提交译文][news]: 20220527 Tails Linux Users Warned Against Using the Tor Browser- Here-s why!.md
This commit is contained in:
六开箱 2022-05-30 15:55:42 +08:00 committed by GitHub
commit 384b8da4ca
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 65 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
sources/news/20220527 Tails Linux Users Warned Against Using the Tor Browser- Here-s why!.md
View File

@ -1,65 +0,0 @@
[#]: subject: "Tails Linux Users Warned Against Using the Tor Browser: Heres why!"
[#]: via: "https://news.itsfoss.com/tails-tor-browser/"
[#]: author: "Rishabh Moharir https://news.itsfoss.com/author/rishabh/"
[#]: collector: "lkxed"
[#]: translator: "lkxed"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Tails Linux Users Warned Against Using the Tor Browser: Heres why!
======
A crucial fix for a dangerous vulnerability that bypasses security in Tor browser is due to arrive in Tails 5.1. Heres what it is all about.
![tails][1]
The developers of the security-focused portable Linux distro, **Tails**, have recently released an important advisory regarding its current release. They have warned users to avoid entering or using any personal or sensitive information while using Tor Browser on **Tails 5.0 or older**.
Tor Browser is the de-facto web browser used in Tails and helps protect the users identity online when connected to the Internet. It is mainly used by various journalists and activists to evade censorship. Everyday users can use it too.
### Whats the problem?
Recently, two nasty vulnerabilities have been found that enable harmful websites to steal the users information from other websites.
To be specific, the vulnerabilities have been identified as CVE-2022-1802 and CVE-2022-1529 in an [advisory published by Mozilla.][2]
The Tails advisory best explains this:
> “For example, after you visit a malicious website, an attacker controlling this website might access the password or other sensitive information that you send to other websites afterwards during the same Tails session.”
### Should You Stop Using Tails Linux Distro?
Not necessarily.
Other apps in Tails, especially Thunderbird, are safe to use since the JavaScript is disabled if in use.
Furthermore, you can even enable the safest security level in the Tor browser. This is preferred because the JavaScript engine gets disabled. Do note that this will make websites function improperly.
In other words, the Tails Linux distro is still safe to use if you know what youre doing.
### A Fix is Coming Soon
Good news! Mozilla has already patched these bugs upstream and now its up to the Tails team when it comes to releasing the fix.
Heres what they have stated
> This vulnerability will be fixed in Tails 5.1 (**May 31**), but our team doesnt have the capacity to publish an emergency release earlier.
So, your best option is to wait for the Tails 5.1 release next week. You can read the [official advisory][3] released by Tails devs to know more.
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/tails-tor-browser/
作者:[Rishabh Moharir][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/rishabh/
[b]: https://github.com/lkxed
[1]: https://news.itsfoss.com/wp-content/uploads/2022/05/tails-5-0-privacy-issue.jpg
[2]: https://www.mozilla.org/en-US/security/advisories/mfsa2022-19/
[3]: https://tails.boum.org/security/prototype_pollution/index.en.html

65
translated/news/20220527 Tails Linux Users Warned Against Using the Tor Browser- Here-s why!.md Normal file
View File

@ -0,0 +1,65 @@
[#]: subject: "Tails Linux Users Warned Against Using the Tor Browser: Heres why!"
[#]: via: "https://news.itsfoss.com/tails-tor-browser/"
[#]: author: "Rishabh Moharir https://news.itsfoss.com/author/rishabh/"
[#]: collector: "lkxed"
[#]: translator: "lkxed"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Tails 警告用户不要使用 Tor 浏览器:原因如下!
======
Tails 5.1 将针对“可绕过 Tor 浏览器安全措施的危险漏洞”提供关键修复。以下是它的全部内容。
![Tails][1]
**Tails** 是一个专注于安全的便携式 Linux 发行版,最近,它的开发团队发布了有关其当前版本的重要公告。他们警告用户在 **Tails 5.0 或更早版本** 上使用 Tor 浏览器时,避免输入或使用任何个人或敏感信息。
Tor 浏览器是 Tails 事实上的(默认)网络浏览器,它有助于在用户连接到 Internet 时,保护他们的在线身份。它主要被各种记者和活动家用来逃避审查。不过,普通用户也可以使用它。
### 问题说明
最近,有人发现了两个令人讨厌的漏洞,它们允许有害网站能够从其他网站窃取用户的信息。
具体来说,在 [Mozilla 发布的公告][2] 中,这些漏洞已被确定为 CVE-2022-1802 和 CVE-2022-1529。
Tails 公告中也对此进行了说明:
> “例如,在你访问恶意网站后,控制该网站的攻击者可能会在同一个 Tails 会话期间,访问你随后发送到其他网站的密码或其他敏感信息。”
### 你应该停止使用 Tail 发行版吗?
没有这个必要。
Tails 中的其他应用程序,尤其是 Thunderbird仍然可以安全使用因为 JavaScript 在使用时会被禁用。
此外,你也可以在 Tor 浏览器中启用最高的安全级别。这是推荐的因为该级别下JavaScript 引擎会被禁用。不过,请注意,这会使网站无法正常运行。
换句话说如果你知道自己在做什么的话Tails 发行版仍然可以安全使用。
### 漏洞修复即将发布
好消息Mozilla 已经在上游修补了这些错误,现在就等 Tails 团队发布修复程序了。
至于何时发布,他们是这样说的:
> 此漏洞将在 Tails 5.1**5 月 31 日**)中修复,但我们的团队没有能力提前发布紧急版本。
因此,你最好的选择是等待下周的 Tails 5.1 发布。你可以阅读 Tails 开发团队的 [官方公告][3] 以了解更多信息。
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/tails-tor-browser/
作者:[Rishabh Moharir][a]
选题:[lkxed][b]
译者:[lkxed](https://github.com/lkxed)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/rishabh/
[b]: https://github.com/lkxed
[1]: https://news.itsfoss.com/wp-content/uploads/2022/05/tails-5-0-privacy-issue.jpg
[2]: https://www.mozilla.org/en-US/security/advisories/mfsa2022-19/
[3]: https://tails.boum.org/security/prototype_pollution/index.en.html