The developers of the security-focused portable Linux distro, Tails, have recently released an important advisory regarding its current release. They have warned users to avoid entering or using any personal or sensitive information while using Tor Browser on Tails 5.0 or older.
Tor Browser is the de-facto web browser used in Tails and helps protect the user’s identity online when connected to the Internet. It is mainly used by various journalists and activists to evade censorship. Everyday users can use it too.
What’s the problem?
Recently, two nasty vulnerabilities have been found that enable harmful websites to steal the user’s information from other websites.
To be specific, the vulnerabilities have been identified as CVE-2022-1802 and CVE-2022-1529 in an advisory published by Mozilla.
The Tails advisory best explains this:
“For example, after you visit a malicious website, an attacker controlling this website might access the password or other sensitive information that you send to other websites afterwards during the same Tails session.”
Should You Stop Using Tails Linux Distro?
Users will be glad to know that these vulnerabilities don’t affect Tor connections. This means you can casually browse the internet if you’re not exchanging any of your sensitive information like passwords, personal information, messages, etc.
In other words, the Tails Linux distro is still safe to use if you know what you’re doing.
A Fix is Coming Soon
Good news! Mozilla has already patched these bugs upstream and now it’s up to the Tails team when it comes to releasing the fix.
Here’s what they have stated –
This vulnerability will be fixed in Tails 5.1 (May 31), but our team doesn’t have the capacity to publish an emergency release earlier.
So, your best option is to wait for the Tails 5.1 release next week. You can read the official advisory released by Tails devs to know more.