dangerzone
dangerzone copied to clipboard
Possible Attack Vector via OCR Engine
The OCR engine does increase the attack surface of Dangerzone, this has been a longstanding hypothesis I've had. We just don't know how much. And recently in the Dangerzone security audit, the auditors had an informational finding of this exact potential issue. Though mutual agreement we decided to include it in the report.
We do not have a proof of concept of this attack scenario, but it is something to consider and explore.