

Silver Bullets and Fairy Tails - tshtf
http://blog.exodusintel.com/2014/07/23/silverbullets_and_fairytails/

======
unhammer
From this post: "The I2P vulnerability works on default, fully patched
installation of Tails. No settings or configurations need to be changed for
the exploit to work."

From
[https://tails.boum.org/security/Security_hole_in_I2P_0.9.13/...](https://tails.boum.org/security/Security_hole_in_I2P_0.9.13/index.en.html)
: "Tails does not start I2P by default. […] Still, an attacker who would also
be able to start I2P on your Tails, either by exploiting another undisclosed
security hole, or by tricking you into starting it yourself, could then use
this I2P security hole to de-anonymize you."

So either there are two security holes (one amazing one that actually starts
I2P, and one contained to I2P that finds your IP address once I2P has
started), or they're exagerrating.

