Tails Developers Puzzled by Facebook and FBI OS Hack

The developers of the anonymous operating system Tails are trying to uncover details about a hack used by FacebookFacebook launched an official Tor mirror in 2014, becoming the first major tech company to provide direct access through onion routing. The mirror allows users to bypass censorship, secure their connections, and avoid phishing risks while using the platform. This step also underscored Facebook’s recognition of free expression and inspired other outlets like the BBC and ProPublica to create their own Tor versions. More and the FBI to catch a criminal who was stalking women on the social network.

As previously reported by SecurityLab, in 2017, FacebookFacebook launched an official Tor mirror in 2014, becoming the first major tech company to provide direct access through onion routing. The mirror allows users to bypass censorship, secure their connections, and avoid phishing risks while using the platform. This step also underscored Facebook’s recognition of free expression and inspired other outlets like the BBC and ProPublica to create their own Tor versions. More hired a cybersecurity firm to develop a hacking tool that allowed them to break into the account of Buster Hernandez and gather evidence for his arrest. This tool was later handed over to the FBI.

The tool exploited a so-called zero-day vulnerability in the GNOME Videos player included in Tails OS, which enabled the FBI to discover the real IP address of the criminal.

Although Facebook’s intentions were good, the problem is that neither the company nor the FBI informed the developers of Tails or GNOME Videos about the vulnerability in their products. According to the software developers, they only learned about the issue after the story surfaced in the media, as reported by Motherboard.

“FacebookFacebook launched an official Tor mirror in 2014, becoming the first major tech company to provide direct access through onion routing. The mirror allows users to bypass censorship, secure their connections, and avoid phishing risks while using the platform. This step also underscored Facebook’s recognition of free expression and inspired other outlets like the BBC and ProPublica to create their own Tor versions. More did not inform Tails about the exploit and decided it was acceptable since the Tails developers had accidentally fixed the vulnerability as part of an unrelated update,” the publication states.

According to FacebookFacebook launched an official Tor mirror in 2014, becoming the first major tech company to provide direct access through onion routing. The mirror allows users to bypass censorship, secure their connections, and avoid phishing risks while using the platform. This step also underscored Facebook’s recognition of free expression and inspired other outlets like the BBC and ProPublica to create their own Tor versions. More representatives, in mid-June of this year, the company attempted to contact the Tails developers and also received confirmation from the FBI that the hacking tool was used only in the Buster Hernandez case. The FBI declined to comment to Motherboard journalists on whether the exploit was used in other investigations, whether the tool is still in the FBI’s possession, or whether the agency intends to provide information about the vulnerability under the Vulnerabilities Equities Process (VEP).

What is Tails?

Tails (The Amnesic Incognito Live System) is a Debian-based Linux LiveCD distribution designed to ensure privacy and anonymity. In Tails, all outgoing connections are routed through the anonymous Tor network, and all non-anonymous connections are blocked.

About the Vulnerabilities Equities Process (VEP)

The Vulnerabilities Equities Process (VEP) is a set of rules for disclosing vulnerabilities by the U.S. federal government. The document contains a list of criteria used by the government to decide whether to publish information about significant vulnerabilities or keep them secret for use in offensive cyber operations.