Tails (operating system)
Developer | The Tails project |
---|---|
OS family | Linux (Unix-like) |
Working state | Active |
Source model | Open source |
Initial release | 23 June 2009 |
Latest release | 4.22 / 7 September 2021 |
Repository | |
Marketing target | Personal computers |
Update method | Tails Upgrader[1] |
Package manager | dpkg |
Platforms | x86-64[2] |
Kernel type | Monolithic |
Userland | GNU |
Default user interface | GNOME 3 |
License | GNU GPLv3[3] |
Preceded by | Incognito |
Official website | tails |
Tails, or The Amnesic Incognito Live System, is a security-focused Debian-based Linux distribution aimed at preserving privacy and anonymity.[4] All its incoming and outgoing connections are forced to go through Tor,[5] and any non-anonymous connections are blocked. The system is designed to be booted as a live DVD or live USB, and will leave no digital footprint on the machine unless explicitly told to do so. The Tor Project provided financial support for its development in the beginnings of the project,[6] and continues to do so alongside numerous corporate and anonymous sponsors. Tails comes with UEFI Secure Boot.
History[]
Tails was first released on 23 June 2009. It is the next iteration of development on Incognito, a discontinued Gentoo-based Linux distribution.[7] The Tor Project provided financial support for its development in the beginnings of the project.[6] Tails also received funding from the Open Technology Fund, Mozilla, and the Freedom of the Press Foundation.[8]
Laura Poitras, Glenn Greenwald, and Barton Gellman have each said that Tails was an important tool they used in their work with National Security Agency whistleblower Edward Snowden.[9][10][11]
From release 3.0, Tails requires a 64-bit processor to run.[12]
Bundled software[]
- GNOME desktop
Networking[]
- Tor with Stream isolation, regular, obfs3 and obfs4 bridges support.[13]
- NetworkManager for easy network configuration
- Tor Browser, a web browser based on Mozilla Firefox and modified to protect anonymity with:
- Torbutton for anonymity and protection against JavaScript with all cookies treated as session cookies by default;
- HTTPS Everywhere transparently enables SSL-encrypted connections to a great number of major websites
- NoScript to have even more control over JavaScript
- uBlock Origin to remove advertisements.
- Note: Due to the fact that Tails includes uBlock Origin (compared to the normal Tor Browser Bundle), it could be subject to an attack to determine if the user is using Tails (since the userbase for Tails is less than the Tor Browser Bundle) by checking if the website is blocking advertising.[14] Although this can be avoided by disabling uBlock Origin.
- Pidgin preconfigured with OTR for end-to-end encrypted instant messaging
- OnionShare for anonymous File sharing
- Thunderbird email client with OpenPGP support
- Liferea feed aggregator
- Aircrack-ng for Wi-Fi networks auditing
- Electrum, an easy-to-use bitcoin client
Encryption and privacy software[]
- LUKS and GNOME Disks to install and use encrypted storage devices, e.g. for USB sticks
- GnuPG, the GNU implementation of OpenPGP for e-mail, data encryption and signing
- Monkeysign, a tool for OpenPGP key signing and exchange
- PWGen, a strong random password generator
- Shamir's Secret Sharing using gfshare and ssss
- GNOME virtual keyboard as a countermeasure against hardware keyloggers
- MAT2 to anonymize metadata in files
- KeePassXC password manager
- macchanger for randomizing the device MAC address
- GtkHash to calculate checksums
- Keyringer, a command line tool to encrypt secrets shared through Git
- Paperkey, a command line tool to back up OpenPGP secret keys on paper
Users can install any other software which is present in Debian GNU/Linux, either through APT (Tails provides three repositories) or dpkg.[15][16] The language and keyboard layout may be chosen when the system is booted.
Persistency[]
Tails is by design amnesic. It lives in RAM and does not write to any other drive unless strictly specified. However, it is possible to set up an encrypted persistence volume (for example, within the USB Drive where Tails is installed) to save user data. It is also possible to instruct Tails to automatically install some additional software from the persistence drive, to load bookmarks for the Tor Browser, keep PGP keys or to keep configuration data for other applications. The encrypted space is not hidden and its existence could be detected by forensic analysis, unlike VeraCrypt, which is not distinguishable from random data and consequently offers plausible deniability.[17]
Security[]
During the shutdown process, Tails will overwrite most of the used RAM to avoid a cold boot attack.[18] An emergency shutdown can be triggered by physically removing the medium where Tails is installed: a watchdog monitors the status of the boot medium, and if removed the memory-erasing process begins immediately; this might break the file system of the persistence volume, if set up.[18][19]
Tails tracks Debian stable for robust security updates support and uses the latest kernel from Backports for supporting newer hardware.
On 10 June 2020, Vice Motherboard and other publications reported that Facebook in cooperation with the FBI used a 0-day vulnerability in the video player built into Tails to track and identify a sexual abuser on a social network. A spokesperson for Tails said that the exploit was never explained to them. However, it is believed that the vulnerability was removed, although it had not been identified, in a later release of Tails. The vulnerability was not easily exploited; the FBI tried unsuccessfully to identify the abuser, but he noticed and taunted his hunters. Ultimately the FBI and Facebook contracted a cybersecurity firm, at great expense, to produce a custom hacking tool used to make a booby-trapped video sent by the victim to the criminal.[20]
Release history[]
Legend: Old version Latest version Future release |
showRelease history |
---|
In mainstream media[]
On 3 July 2014, German public television channel Das Erste reported that the NSA's XKeyscore surveillance system contains definitions that match persons who search for Tails using a search engine or visit the Tails website. A comment in XKeyscore's source code calls Tails "a comsec mechanism advocated by extremists on extremist forums".[71][72]
On 28 December 2014, Der Spiegel published slides from an internal NSA presentation dating to June 2012 in which the NSA deemed Tails on its own as a "major threat" to its mission, and when used in conjunction with other privacy tools such as OTR, Cspace, RedPhone, and TrueCrypt was ranked as "catastrophic," leading to a "near-total loss/lack of insight to target communications, presence..."[73][74]
As discussed above, it was reported in June 2020 that Facebook collaborated with the FBI to exploit a vulnerability in Tails to apprehend a serious sexual predator.
See also[]
- Crypto-anarchism
- Dark web
- Deep web
- Freedom of information
- GlobaLeaks
- GNU Privacy Guard
- I2P
- Internet censorship
- Internet privacy
- Off-the-Record Messaging
- Proxy server
- Security-focused operating systems
- Tor (anonymity network)
- Tor2web
- Whonix
References[]
- ^ "Tails - Incremental upgrades". tails.boum.org.
- ^ "Tails - System requirements". tails.boum.org.
- ^ "Tails 0.11 incognito live system released". The H. April 30, 2012. Retrieved August 12, 2012.
- ^ Vervloesem, Koen (April 27, 2011). "The Amnesic Incognito Live System: A live CD for anonymity". LWN.net. Retrieved August 12, 2012.
- ^ "Anonym im Netz" [Anonymous on the Net]. TecChannel (in German). February 6, 2012. Retrieved August 12, 2012.
- ^ Jump up to: a b "Finances". Tails. April 4, 2013. Retrieved May 13, 2013.
- ^ Gray, James (September 16, 2011). "The Tails Project's The Amnesic Incognito Live System (Tails)". Linux Journal. Retrieved August 12, 2012.
- ^ "Tails report for May, 2014". Tails. June 14, 2014.
- ^ Timm, Trevor (April 2, 2014). "Help Support the Little-Known Privacy Tool That Has Been Critical to Journalists Reporting on the NSA". Freedom of the Press Foundation. Retrieved April 18, 2014.
- ^ Finley, Klint (April 14, 2014). "Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA". WIRED. Retrieved April 18, 2014.
- ^ Condliffe, Jamie (April 15, 2014). "Try the Super-Secure USB Drive OS That Edward Snowden Insists on Using". Gizmodo. Retrieved April 15, 2014.
- ^ "Tails - Tails 3.0 is out". tails.boum.org. Retrieved June 14, 2017.
- ^ "Features and included software". Tails.
- ^ "Tails - Can I hide the fact that I am using Tails?". tails.boum.org.
- ^ "APT repository". tails.boum.org. October 7, 2019. Archived from the original on September 25, 2019. Retrieved October 7, 2019.
- ^ "Features and included software". tails.boum.org. October 7, 2019. Archived from the original on August 23, 2019. Retrieved October 7, 2019.
- ^ "Tails - Creating and configuring the Persistent Storage". tails.boum.org.
- ^ Jump up to: a b "Tails - Memory erasure". tails.boum.org.
- ^ "Tails - Shutting down Tails". tails.boum.org.
- ^ Franceschi-Bicchierai, Lorenzo (June 10, 2020). "Facebook Helped the FBI Hack a Child Predator". Vice.
- ^ Jump up to: a b c d Tails Developers (n.d.). "changelog". Tails. Retrieved January 5, 2017.
- ^ Jump up to: a b c d Murphy, David (May 1, 2014). "Secure OS Tails Emerges From Beta". PC Magazine. Ziff Davis. Retrieved June 10, 2016.
- ^ "Announce: amnesia Live system (initial release)". tor-talk mailing list (Mailing list). 16 August 2009. Retrieved 24 August 2019.
- ^ "version 0.5". Tails. n.d. Archived from the original on June 25, 2013. Retrieved June 10, 2016.
- ^ Jump up to: a b c d e f g h i j Hoffman, Chris (June 9, 2016). "Tails, the anonymity-focused Linux distribution with deep Tor integration, reaches version 2.4". PCWorld. IDG. Retrieved June 10, 2016.
- ^ Jump up to: a b Paul, Ian (January 27, 2016). "The ultra-secure Tails OS beloved by Edward Snowden gets a major upgrade". PCWorld. IDG. Retrieved June 10, 2016.
- ^ "Tails 2.4 is out". Tails. June 7, 2016. Retrieved June 6, 2020.
- ^ "Tails 2.5 is out". August 2, 2016. Retrieved August 3, 2016.
- ^ "Tails 2.6 is out". September 21, 2016. Retrieved September 22, 2016.
- ^ "Tails 2.7 is out". November 15, 2016. Retrieved January 5, 2017.
- ^ "Tails 2.7.1 is out". November 30, 2016. Retrieved January 5, 2017.
- ^ "Tails 2.9.1 is out". December 14, 2016. Retrieved December 16, 2016.
- ^ Jump up to: a b "Tails 2.10 is out". January 24, 2017. Retrieved January 24, 2017.
- ^ Jump up to: a b "Tails 2.11 is out". January 6, 2017. Retrieved March 13, 2017.
- ^ Jump up to: a b "Tails 2.12 is out". April 19, 2017. Retrieved April 23, 2017.
- ^ Jump up to: a b "Tails 3.0 is out". June 13, 2017. Retrieved June 14, 2017.
- ^ Jump up to: a b "Tails 3.1 is out". August 8, 2017. Retrieved August 12, 2017.
- ^ Jump up to: a b "Tails 3.2 is out". October 3, 2017. Retrieved January 6, 2017.
- ^ Jump up to: a b "Tails 3.3 is out". November 14, 2017. Retrieved November 14, 2017.
- ^ Jump up to: a b "Tails 3.4 is out". January 9, 2018. Retrieved January 9, 2018.
- ^ Jump up to: a b "Tails 3.5 is out". January 23, 2018. Retrieved January 23, 2018.
- ^ Jump up to: a b "Tails 3.6 is out". March 13, 2018. Retrieved February 18, 2018.
- ^ Jump up to: a b "Tails 3.7 is out". May 9, 2018. Retrieved May 9, 2018.
- ^ Jump up to: a b "Tails 3.8 is out". June 26, 2018. Retrieved July 17, 2018.
- ^ "DistroWatch.com: Put the fun back into computing. Use Linux, BSD". distrowatch.com.
- ^ "Tails - Tails 3.9 is out". tails.boum.org. Retrieved September 6, 2018.
- ^ Jump up to: a b c "Tails - Calendar". July 17, 2018. Retrieved July 17, 2018.
- ^ Jump up to: a b "Tails - Release notes". tails.boum.org. Retrieved November 19, 2019.
- ^ "Tails - Tails 3.9.1 is out". tails.boum.org. Retrieved October 6, 2018.
- ^ "Tails 3.10.1 is out". tails.boum.org. Retrieved October 28, 2018.
- ^ Jump up to: a b c "Tails 4.0 is out". tails.boum.org. Retrieved November 19, 2019.
- ^ Jump up to: a b "Tails 4.1 is out". tails.boum.org. Retrieved November 30, 2019.
- ^ Jump up to: a b "Tails 4.1.1 is out". tails.boum.org. Retrieved November 30, 2019.
- ^ Jump up to: a b c "Tails 4.2 is out". tails.boum.org. Retrieved June 6, 2020.
- ^ Jump up to: a b "Tails - Calendar". tails.boum.org. Retrieved June 6, 2020.
- ^ Jump up to: a b "Tails 4.6 is out". tails.boum.org. Retrieved June 6, 2020.
- ^ Jump up to: a b "Tails 4.7 is out". June 2, 2020. Retrieved June 3, 2020.
- ^ Jump up to: a b "Tails 4.8 is out". June 30, 2020. Retrieved July 1, 2020.
- ^ Jump up to: a b "Tails 4.11 is out". September 22, 2020. Retrieved September 23, 2020.
- ^ Jump up to: a b "Tails 4.13 is out". November 17, 2020. Retrieved November 17, 2020.
- ^ Jump up to: a b "Tails - Tails 4.14 is out". tails.boum.org. Retrieved February 2, 2021.
- ^ Jump up to: a b "Tails - Tails 4.15 is out". tails.boum.org. Retrieved February 2, 2021.
- ^ Jump up to: a b "Tails - Tails 4.15.1 is out". tails.boum.org. Retrieved February 2, 2021.
- ^ Jump up to: a b "Tails - Tails 4.16 is out". tails.boum.org. Retrieved February 24, 2021.
- ^ Jump up to: a b "Tails - Tails 4.17 is out". tails.boum.org. Retrieved April 27, 2021.
- ^ Jump up to: a b "Tails - Tails 4.18 is out". tails.boum.org. Retrieved April 27, 2021.
- ^ Jump up to: a b "Tails - Tails 4.19 is out". tails.boum.org. Retrieved June 2, 2021.
- ^ Jump up to: a b "Tails - Tails 4.20 is out". tails.boum.org. Retrieved September 5, 2021.
- ^ Jump up to: a b "Tails - Tails 4.21 is out". tails.boum.org. Retrieved September 5, 2021.
- ^ Jump up to: a b "Tails - Tails 4.22 is out". tails.boum.org. Retrieved September 11, 2021.
- ^ Jacob Appelbaum, A. Gibson, J. Goetz, V. Kabisch, L. Kampf, L. Ryge (July 3, 2014). "NSA targets the privacy-conscious". DasErste.de.CS1 maint: multiple names: authors list (link)
- ^ Bruce Schneier (July 3, 2014). "NSA Targets Privacy Conscious for Surveillance". Schneier on Security.
- ^ SPIEGEL Staff (December 28, 2014). "Prying Eyes: Inside the NSA's War on Internet Security". Der Spiegel. Retrieved January 23, 2015.
- ^ "Presentation from the SIGDEV Conference 2012 explaining which encryption protocols and techniques can be attacked and which not" (PDF). Der Spiegel. December 28, 2014. Retrieved January 23, 2015.
External links[]
Wikimedia Commons has media related to The Amnesic Incognito Live System. |
- Anonymity networks
- Debian-based distributions
- Free security software
- I2P
- Operating system distributions bootable from read-only media
- Privacy software
- Tor (anonymity network)
- 2009 software
- Linux distributions