Tails (operating system)

From Wikipedia, the free encyclopedia

Tails
Tails logo
TAILS 4.14 ENG 05 01 2021 15 39 25.png
Tails 4.14 Desktop
DeveloperThe Tails project
OS familyLinux (Unix-like)
Working stateActive
Source modelOpen source
Initial release23 June 2009; 12 years ago (2009-06-23)
Latest release4.22 / 7 September 2021; 9 days ago (2021-09-07)
Repository
Marketing targetPersonal computers
Update methodTails Upgrader[1]
Package managerdpkg
Platformsx86-64[2]
Kernel typeMonolithic
UserlandGNU
Default
user interface		GNOME 3
LicenseGNU GPLv3[3]
Preceded byIncognito
Official websitetails.boum.org

Tails, or The Amnesic Incognito Live System, is a security-focused Debian-based Linux distribution aimed at preserving privacy and anonymity.[4] All its incoming and outgoing connections are forced to go through Tor,[5] and any non-anonymous connections are blocked. The system is designed to be booted as a live DVD or live USB, and will leave no digital footprint on the machine unless explicitly told to do so. The Tor Project provided financial support for its development in the beginnings of the project,[6] and continues to do so alongside numerous corporate and anonymous sponsors. Tails comes with UEFI Secure Boot.

History[]

Tails was first released on 23 June 2009. It is the next iteration of development on Incognito, a discontinued Gentoo-based Linux distribution.[7] The Tor Project provided financial support for its development in the beginnings of the project.[6] Tails also received funding from the Open Technology Fund, Mozilla, and the Freedom of the Press Foundation.[8]

Laura Poitras, Glenn Greenwald, and Barton Gellman have each said that Tails was an important tool they used in their work with National Security Agency whistleblower Edward Snowden.[9][10][11]

From release 3.0, Tails requires a 64-bit processor to run.[12]

Bundled software[]

  • GNOME desktop

Networking[]

  • Tor with Stream isolation, regular, obfs3 and obfs4 bridges support.[13]
  • NetworkManager for easy network configuration
  • Tor Browser, a web browser based on Mozilla Firefox and modified to protect anonymity with:
    • Torbutton for anonymity and protection against JavaScript with all cookies treated as session cookies by default;
    • HTTPS Everywhere transparently enables SSL-encrypted connections to a great number of major websites
    • NoScript to have even more control over JavaScript
    • uBlock Origin to remove advertisements.
Note: Due to the fact that Tails includes uBlock Origin (compared to the normal Tor Browser Bundle), it could be subject to an attack to determine if the user is using Tails (since the userbase for Tails is less than the Tor Browser Bundle) by checking if the website is blocking advertising.[14] Although this can be avoided by disabling uBlock Origin.

Encryption and privacy software[]

Users can install any other software which is present in Debian GNU/Linux, either through APT (Tails provides three repositories) or dpkg.[15][16] The language and keyboard layout may be chosen when the system is booted.

Persistency[]

Tails is by design amnesic. It lives in RAM and does not write to any other drive unless strictly specified. However, it is possible to set up an encrypted persistence volume (for example, within the USB Drive where Tails is installed) to save user data. It is also possible to instruct Tails to automatically install some additional software from the persistence drive, to load bookmarks for the Tor Browser, keep PGP keys or to keep configuration data for other applications. The encrypted space is not hidden and its existence could be detected by forensic analysis, unlike VeraCrypt, which is not distinguishable from random data and consequently offers plausible deniability.[17]

Security[]

During the shutdown process, Tails will overwrite most of the used RAM to avoid a cold boot attack.[18] An emergency shutdown can be triggered by physically removing the medium where Tails is installed: a watchdog monitors the status of the boot medium, and if removed the memory-erasing process begins immediately; this might break the file system of the persistence volume, if set up.[18][19]

Tails tracks Debian stable for robust security updates support and uses the latest kernel from Backports for supporting newer hardware.

On 10 June 2020, Vice Motherboard and other publications reported that Facebook in cooperation with the FBI used a 0-day vulnerability in the video player built into Tails to track and identify a sexual abuser on a social network. A spokesperson for Tails said that the exploit was never explained to them. However, it is believed that the vulnerability was removed, although it had not been identified, in a later release of Tails. The vulnerability was not easily exploited; the FBI tried unsuccessfully to identify the abuser, but he noticed and taunted his hunters. Ultimately the FBI and Facebook contracted a cybersecurity firm, at great expense, to produce a custom hacking tool used to make a booby-trapped video sent by the victim to the criminal.[20]

Release history[]

Legend:
Old version
Older version, still maintained
Latest version
Latest preview version
Future release
Release history
Version[21] Release date[21] Notes
Old version, no longer maintained: 0.1 June 20, 2009
  • Unreleased, but listed in official changelog
Old version, no longer maintained: 0.2 June 23, 2009
  • First public release.[22]
  • The project was called Amnesia.[22][23]
Old version, no longer maintained: 0.3 November 26, 2009
Old version, no longer maintained: 0.4 February 5, 2010
Old version, no longer maintained: 0.4.1 February 6, 2010
Old version, no longer maintained: 0.4.2 February 7, 2010
  • Last release as "amnesia"[21]
Old version, no longer maintained: 0.5 April 30, 2010
  • First release since the project was renamed to The Amnesic Incognito Live System.[21][24]
Old version, no longer maintained: 0.6 October 20, 2010
  • Unreleased versions: 0.6~1.gbpef2878 (Sep 26), 0.6~rc2 (Sep 29), 0.6~rc3 (Oct 2)
Old version, no longer maintained: 0.6.1 December 24, 2010
Old version, no longer maintained: 0.6.2 January 19, 2011
Old version, no longer maintained: 0.7 April 6, 2011
  • Unreleased versions: 0.7~rc1 (Mar 11), 0.7~rc2 (Mar 25)
0.8, 0.8.1, 0.9, 0.10, 0.10.1, 0.10.2, 0.11, 0.12, 0.12.1, 0.13, 0.14, 0.15, 0.16, 0.17, 0.17.1, 0.17.2, 0.18, 0.19, 0.20, 0.20.1, 0.21, 0.22, 0.22.1, 0.23
Old version, no longer maintained: 1.0[22] April 27, 2014
  • 36th stable release.[22]
1.0.1, 1.1, 1.1.1, 1.1.2, 1.2, 1.2.1, 1.2.2, 1.2.3, 1.3, 1.3.1, 1.3.2, 1.4, 1.4.1
Old version, no longer maintained: 1.5[25] August 10, 2015
  • Disabled access to the local network via the Tor Browser.[25]
1.5.1, 1.6
Old version, no longer maintained: 1.7[25] November 3, 2015
  • Replaced the Claws Mail email client with Icedove, which is based on Mozilla Thunderbird.[25]
  • Enabled booting Tails in offline mode, with networking disabled.[25]
1.8, 1.8.1, 1.8.2 (last version to fit 2GB flash drive)
Old version, no longer maintained: 2.0[26] January 25, 2016
  • It used Debian 8 as its base and included a new Gnome shell desktop environment, systemd, and a new installation process.[26]
2.0.1
Old version, no longer maintained: 2.2[25] March 7, 2016
  • Enabled viewing DRM-protected DVDs.[25]
  • Added a new “Onion Circuits” interface for viewing Tor routing information.[25]
2.2.1, 2.3
Old version, no longer maintained: 2.4[25] June 6, 2016
  • Automatic account configuration of Icedove, harden kernel and firewall, update the DRM and Mesa graphical libraries.[27]
  • New version of Tor Browser.[25]
Old version, no longer maintained: 2.5[28] July 31, 2016
Old version, no longer maintained: 2.6[29] September 20, 2016
Old version, no longer maintained: 2.7[30] November 13, 2016
Old version, no longer maintained: 2.7.1[31] November 30, 2016
Old version, no longer maintained: 2.9.1[32] December 14, 2016
Old version, no longer maintained: 2.10[33] January 24, 2017[33]
Old version, no longer maintained: 2.11[34] March 7, 2017[34]
  • The last version to include I2P
Old version, no longer maintained: 2.12[35] April 19, 2017[35]
Last version to support 32-bit processors
Old version, no longer maintained: 3.0[36] June 13, 2017[36]
Old version, no longer maintained: 3.1[37] August 8, 2017[37]
Old version, no longer maintained: 3.2[38] October 3, 2017[38]
Old version, no longer maintained: 3.3[39] November 14, 2017[39]
Old version, no longer maintained: 3.4[40] January 9, 2018[40]
  • 3.4 fixes the widely reported Meltdown attack, and includes the partial mitigation for Spectre
Old version, no longer maintained: 3.5[41] January 23, 2018[41]
Old version, no longer maintained: 3.6[42] March 13, 2018[42]
  • 3.6 adds a new lock screen feature that, when enabled, can be unlocked with the administrator password that was set when tails booted up. Otherwise, you can set up a password to unlock your screen when locking your screen for the first time.
  • Install drivers for the Video Acceleration API to improve the display of videos on many graphics cards.
Old version, no longer maintained: 3.7[43] May 9, 2018[43]
Old version, no longer maintained: 3.8[44][45] June 26, 2018[44]
Old version, no longer maintained: 3.9[46][47] September 5, 2018[47]
  • Firefox 60.2, major release; will include VeraCrypt support and major Additional Software Packages improvements.[47]
Old version, no longer maintained: 3.9.1[48] October 3, 2018[48]
  • Update Tor Browser to 8.0.2. This fixes 2 critical security vulnerabilities in JavaScript in Firefox.
  • Update Thunderbird to fix these same vulnerabilities.[49]
Old version, no longer maintained: 3.10.1[50] October 23, 2018
  • Hide the PIM option when unlocking VeraCrypt volumes because PIM won't be supported until Tails 4.0. (#16031)
  • Rename the buttons in the confirmation dialog of Tails Installer to Install (or Upgrade) and Cancel to be less confusing. (#11501)
  • Update Linux to 4.8.
  • Update Tor Browser to 8.0.3.
  • Update Thunderbird to 60.2.1.
Old version, no longer maintained: 4.0[51] October 22, 2019[51]
  • Replace KeePassX with KeePassXC
  • Update Linux to 5.3.2
  • Update OnionShare to 1.3.2
  • Update Tor Browser to 9.0[51]
Old version, no longer maintained: 4.1[52] December 3, 2019[52]
Old version, no longer maintained: 4.1.1[53] December 17, 2019[53]
Old version, no longer maintained: 4.2[54] January 7, 2020[54]
  • Update Tor Browser to 9.0.3
  • Update Thunderbird to 68.3.0
  • Update Linux to 5.3.15[54]
Old version, no longer maintained: 4.3[55] February 11, 2020[55]
  • Updated Tor Browser to 9.0.5
  • Updated Thunderbird to 68.4.1
  • Updated Linux Kernel to 5.4.13
  • Updated Tor to 0.4.2.6
  • Updated Virtualbox Guest Additions to 6.1.2
Old version, no longer maintained: 4.6[56] May 5, 2020[56]
Old version, no longer maintained: 4.7[57] June 2, 2020[57]
Old version, no longer maintained: 4.8[58] June 30, 2020[58]
Old version, no longer maintained: 4.11[59] September 22, 2020[59]
Old version, no longer maintained: 4.13[60] November 17, 2020[60]
  • Updated Tor Browser to 10.0.5
  • Updated Thunderbird from 68.12 to 78.4.2
  • Enabled TCP timestamps
Old version, no longer maintained: 4.14[61] December 15, 2020[61]
Old version, no longer maintained: 4.15[62] January 26, 2021[62]
  • Updated Tor Browser to 10.0.9
  • Updated Thunderbird to 78.6.0
  • Updated Linux kernel to 5.9.15
Old version, no longer maintained: 4.15.1[63] January 28, 2021[63]
Old version, no longer maintained: 4.16[64] February 23, 2021[64]
  • Update Tor Browser to 10.0.12
  • Update Thunderbird to 78.7.0
  • Update Linux to 5.10.13. This should improve the support for newer hardware (graphics, Wi-Fi, and so on)
  • Update Tor to 0.4.5.5
Old version, no longer maintained: 4.17[65] March 23, 2021[65]
Old version, no longer maintained: 4.18[66] April 27, 2021[66]
Old version, no longer maintained: 4.19[67] June 1, 2021[67]
Old version, no longer maintained: 4.20[68] July 13, 2021[68]
  • Tor Connection wizard introduced to streamline connection to the Tor network
Old version, no longer maintained: 4.21[69] August 8, 2021[69]
Current stable version: 4.22[70] September 7, 2021[70]
  • Improved interface for configuring Tor bridges
  • Enabled keeping custom Tor bridge in Persistent Storage
  • Option for manual clock adjustment when connecting to Tor fails
  • Adjusted Tor connection timeouts
Version Release date Notes

In mainstream media[]

On 3 July 2014, German public television channel Das Erste reported that the NSA's XKeyscore surveillance system contains definitions that match persons who search for Tails using a search engine or visit the Tails website. A comment in XKeyscore's source code calls Tails "a comsec mechanism advocated by extremists on extremist forums".[71][72]

On 28 December 2014, Der Spiegel published slides from an internal NSA presentation dating to June 2012 in which the NSA deemed Tails on its own as a "major threat" to its mission, and when used in conjunction with other privacy tools such as OTR, Cspace, RedPhone, and TrueCrypt was ranked as "catastrophic," leading to a "near-total loss/lack of insight to target communications, presence..."[73][74]

As discussed above, it was reported in June 2020 that Facebook collaborated with the FBI to exploit a vulnerability in Tails to apprehend a serious sexual predator.

See also[]

References[]

  1. ^ "Tails - Incremental upgrades". tails.boum.org.
  2. ^ "Tails - System requirements". tails.boum.org.
  3. ^ "Tails 0.11 incognito live system released". The H. April 30, 2012. Retrieved August 12, 2012.
  4. ^ Vervloesem, Koen (April 27, 2011). "The Amnesic Incognito Live System: A live CD for anonymity". LWN.net. Retrieved August 12, 2012.
  5. ^ "Anonym im Netz" [Anonymous on the Net]. TecChannel (in German). February 6, 2012. Retrieved August 12, 2012.
  6. ^ Jump up to: a b "Finances". Tails. April 4, 2013. Retrieved May 13, 2013.
  7. ^ Gray, James (September 16, 2011). "The Tails Project's The Amnesic Incognito Live System (Tails)". Linux Journal. Retrieved August 12, 2012.
  8. ^ "Tails report for May, 2014". Tails. June 14, 2014.
  9. ^ Timm, Trevor (April 2, 2014). "Help Support the Little-Known Privacy Tool That Has Been Critical to Journalists Reporting on the NSA". Freedom of the Press Foundation. Retrieved April 18, 2014.
  10. ^ Finley, Klint (April 14, 2014). "Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA". WIRED. Retrieved April 18, 2014.
  11. ^ Condliffe, Jamie (April 15, 2014). "Try the Super-Secure USB Drive OS That Edward Snowden Insists on Using". Gizmodo. Retrieved April 15, 2014.
  12. ^ "Tails - Tails 3.0 is out". tails.boum.org. Retrieved June 14, 2017.
  13. ^ "Features and included software". Tails.
  14. ^ "Tails - Can I hide the fact that I am using Tails?". tails.boum.org.
  15. ^ "APT repository". tails.boum.org. October 7, 2019. Archived from the original on September 25, 2019. Retrieved October 7, 2019.
  16. ^ "Features and included software". tails.boum.org. October 7, 2019. Archived from the original on August 23, 2019. Retrieved October 7, 2019.
  17. ^ "Tails - Creating and configuring the Persistent Storage". tails.boum.org.
  18. ^ Jump up to: a b "Tails - Memory erasure". tails.boum.org.
  19. ^ "Tails - Shutting down Tails". tails.boum.org.
  20. ^ Franceschi-Bicchierai, Lorenzo (June 10, 2020). "Facebook Helped the FBI Hack a Child Predator". Vice.
  21. ^ Jump up to: a b c d Tails Developers (n.d.). "changelog". Tails. Retrieved January 5, 2017.
  22. ^ Jump up to: a b c d Murphy, David (May 1, 2014). "Secure OS Tails Emerges From Beta". PC Magazine. Ziff Davis. Retrieved June 10, 2016.
  23. ^ "Announce: amnesia Live system (initial release)". tor-talk mailing list (Mailing list). 16 August 2009. Retrieved 24 August 2019.
  24. ^ "version 0.5". Tails. n.d. Archived from the original on June 25, 2013. Retrieved June 10, 2016.
  25. ^ Jump up to: a b c d e f g h i j Hoffman, Chris (June 9, 2016). "Tails, the anonymity-focused Linux distribution with deep Tor integration, reaches version 2.4". PCWorld. IDG. Retrieved June 10, 2016.
  26. ^ Jump up to: a b Paul, Ian (January 27, 2016). "The ultra-secure Tails OS beloved by Edward Snowden gets a major upgrade". PCWorld. IDG. Retrieved June 10, 2016.
  27. ^ "Tails 2.4 is out". Tails. June 7, 2016. Retrieved June 6, 2020.
  28. ^ "Tails 2.5 is out". August 2, 2016. Retrieved August 3, 2016.
  29. ^ "Tails 2.6 is out". September 21, 2016. Retrieved September 22, 2016.
  30. ^ "Tails 2.7 is out". November 15, 2016. Retrieved January 5, 2017.
  31. ^ "Tails 2.7.1 is out". November 30, 2016. Retrieved January 5, 2017.
  32. ^ "Tails 2.9.1 is out". December 14, 2016. Retrieved December 16, 2016.
  33. ^ Jump up to: a b "Tails 2.10 is out". January 24, 2017. Retrieved January 24, 2017.
  34. ^ Jump up to: a b "Tails 2.11 is out". January 6, 2017. Retrieved March 13, 2017.
  35. ^ Jump up to: a b "Tails 2.12 is out". April 19, 2017. Retrieved April 23, 2017.
  36. ^ Jump up to: a b "Tails 3.0 is out". June 13, 2017. Retrieved June 14, 2017.
  37. ^ Jump up to: a b "Tails 3.1 is out". August 8, 2017. Retrieved August 12, 2017.
  38. ^ Jump up to: a b "Tails 3.2 is out". October 3, 2017. Retrieved January 6, 2017.
  39. ^ Jump up to: a b "Tails 3.3 is out". November 14, 2017. Retrieved November 14, 2017.
  40. ^ Jump up to: a b "Tails 3.4 is out". January 9, 2018. Retrieved January 9, 2018.
  41. ^ Jump up to: a b "Tails 3.5 is out". January 23, 2018. Retrieved January 23, 2018.
  42. ^ Jump up to: a b "Tails 3.6 is out". March 13, 2018. Retrieved February 18, 2018.
  43. ^ Jump up to: a b "Tails 3.7 is out". May 9, 2018. Retrieved May 9, 2018.
  44. ^ Jump up to: a b "Tails 3.8 is out". June 26, 2018. Retrieved July 17, 2018.
  45. ^ "DistroWatch.com: Put the fun back into computing. Use Linux, BSD". distrowatch.com.
  46. ^ "Tails - Tails 3.9 is out". tails.boum.org. Retrieved September 6, 2018.
  47. ^ Jump up to: a b c "Tails - Calendar". July 17, 2018. Retrieved July 17, 2018.
  48. ^ Jump up to: a b "Tails - Release notes". tails.boum.org. Retrieved November 19, 2019.
  49. ^ "Tails - Tails 3.9.1 is out". tails.boum.org. Retrieved October 6, 2018.
  50. ^ "Tails 3.10.1 is out". tails.boum.org. Retrieved October 28, 2018.
  51. ^ Jump up to: a b c "Tails 4.0 is out". tails.boum.org. Retrieved November 19, 2019.
  52. ^ Jump up to: a b "Tails 4.1 is out". tails.boum.org. Retrieved November 30, 2019.
  53. ^ Jump up to: a b "Tails 4.1.1 is out". tails.boum.org. Retrieved November 30, 2019.
  54. ^ Jump up to: a b c "Tails 4.2 is out". tails.boum.org. Retrieved June 6, 2020.
  55. ^ Jump up to: a b "Tails - Calendar". tails.boum.org. Retrieved June 6, 2020.
  56. ^ Jump up to: a b "Tails 4.6 is out". tails.boum.org. Retrieved June 6, 2020.
  57. ^ Jump up to: a b "Tails 4.7 is out". June 2, 2020. Retrieved June 3, 2020.
  58. ^ Jump up to: a b "Tails 4.8 is out". June 30, 2020. Retrieved July 1, 2020.
  59. ^ Jump up to: a b "Tails 4.11 is out". September 22, 2020. Retrieved September 23, 2020.
  60. ^ Jump up to: a b "Tails 4.13 is out". November 17, 2020. Retrieved November 17, 2020.
  61. ^ Jump up to: a b "Tails - Tails 4.14 is out". tails.boum.org. Retrieved February 2, 2021.
  62. ^ Jump up to: a b "Tails - Tails 4.15 is out". tails.boum.org. Retrieved February 2, 2021.
  63. ^ Jump up to: a b "Tails - Tails 4.15.1 is out". tails.boum.org. Retrieved February 2, 2021.
  64. ^ Jump up to: a b "Tails - Tails 4.16 is out". tails.boum.org. Retrieved February 24, 2021.
  65. ^ Jump up to: a b "Tails - Tails 4.17 is out". tails.boum.org. Retrieved April 27, 2021.
  66. ^ Jump up to: a b "Tails - Tails 4.18 is out". tails.boum.org. Retrieved April 27, 2021.
  67. ^ Jump up to: a b "Tails - Tails 4.19 is out". tails.boum.org. Retrieved June 2, 2021.
  68. ^ Jump up to: a b "Tails - Tails 4.20 is out". tails.boum.org. Retrieved September 5, 2021.
  69. ^ Jump up to: a b "Tails - Tails 4.21 is out". tails.boum.org. Retrieved September 5, 2021.
  70. ^ Jump up to: a b "Tails - Tails 4.22 is out". tails.boum.org. Retrieved September 11, 2021.
  71. ^ Jacob Appelbaum, A. Gibson, J. Goetz, V. Kabisch, L. Kampf, L. Ryge (July 3, 2014). "NSA targets the privacy-conscious". DasErste.de.CS1 maint: multiple names: authors list (link)
  72. ^ Bruce Schneier (July 3, 2014). "NSA Targets Privacy Conscious for Surveillance". Schneier on Security.
  73. ^ SPIEGEL Staff (December 28, 2014). "Prying Eyes: Inside the NSA's War on Internet Security". Der Spiegel. Retrieved January 23, 2015.
  74. ^ "Presentation from the SIGDEV Conference 2012 explaining which encryption protocols and techniques can be attacked and which not" (PDF). Der Spiegel. December 28, 2014. Retrieved January 23, 2015.

External links[]

Retrieved from ""