anonymous operating system

Tails, The Amnesic Incognito Live System, version 0.23, is out.

All users must upgrade as soon as possible: this release fixes numerous security issues.

Changes

Notable user-visible changes include:

• Security fixes
  • Upgrade the web browser to 24.4.0esr-0+tails1~bpo60+1 (Firefox
    24.4.0esr + Iceweasel patches + Torbrowser patches).
• Major new features
  • Spoof the network interfaces' MAC address
    by default. It can be disabled in Tails Greeter.
  • Rework the way to
    configure how Tor connects to the network
    by using bridges, proxies and restrictive firewalls. This option
    can be set from Tails Greeter, and replaces the old
    experimental "bridge mode" feature.
• Bugfixes
  • Additional software: do not crash when persistence is disabled.
  • Upgrade Pidgin to 2.10.9, that fixes some regressions introduced in the 2.10.8 security update.
  • Wait for Tor to have fully bootstrapped, plus a bit more time, before checking for upgrades and unfixed known security issues.
  • Disable the Intel Management Engine Interface driver. We don't need it in Tails, it might be dangerous, and it causes bugs on various hardware such as systems that reboot when asked to shut down.
  • Add a launcher for the Tails documentation. This makes it available in Windows Camouflage mode.
  • Remove the obsolete wikileaks.de account from Pidgin.
• Minor improvements
  • Upgrade Tor to 0.2.4.21-1~d60.squeeze+1.
  • Upgrade obfsproxy to 0.2.6-2~~squeeze+1.
  • Upgrade I2P to 0.9.11-1deb6u1.
  • Install 64-bit kernel instead of the 686-pae one. This is a necessary first step towards UEFI boot support.
  • Install Monkeysign (in a not-so-functional shape yet).
  • Disable the autologin text consoles. This was one of the blockers before a screen saver can be installed in a meaningful way.
  • Don't localize the text consoles anymore: it is broken on Wheezy, the intended users can as well use loadkeys, and we now do not have to trust setupcon to be safe for being run as root by the desktop user.
  • Make it possible to manually start IBus.
  • Reintroduce the possibility to switch identities in the Tor Browser, using a filtering proxy in front of the Tor ControlPort to avoid giving full control over Tor to the desktop user.
  • Incremental upgrades improvements:
    • Drop the Tails Upgrader launcher, to limit users' confusion.
    • Lock down sudo credentials a bit.
    • Hide debugging information.
    • Include ~/.xsession-errors in WhisperBack bug reports. This captures the Tails Upgrader errors and debugging information.
    • Report more precisely why an incremental upgrade cannot be done.
    • Various user interface and phrasing improvements.
  • Don't install the Cookie Monster browser extension.
  • Add a browser bookmark pointing to Tor's Stack Exchange.
  • Remove the preconfigured #tor channel from the Pidgin: apparently, too many Tails users go ask Tails questions there, without making it clear that they are running Tails, hence creating a user-support nightmare.
  • Use (most of) Tor Browser's mozconfig.
  • Rebase the browser on top of iceweasel 24.3.0esr-1, to get the certificate authorities added by Debian back.
  • Give access to the relevant documentation pages from Tails Greeter.
  • Hide Tails Greeter's password mismatch warning when entry is changed.
  • Persistent Volume Assistant:
    • Take into account our installer is now called Tails Installer.
    • Optimize window height.
    • Display device paths in a more user-friendly way.

See the online Changelog for technical details.

Known issues

• Longstanding known issues.

I want to try it or to upgrade!

Go to the download page.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

The next Tails release is scheduled for April 29.

Have a look to our roadmap to see where we are heading to.

Would you want to help? There are many ways you can contribute to Tails. If you want to help, come talk to us!

Support and feedback

For support and feedback, visit the Support section on the Tails website.

Tails, The Amnesic Incognito Live System, version 0.22.1, is out.

All users must upgrade as soon as possible: this release fixes numerous security issues.

Changes

Notable user-visible changes include:

• Security fixes
  • Upgrade the web browser to 24.3.0esr, that fixes a few serious security issues.
  • Upgrade the system NSS to 3.14.5, that fixes a few serious security issues.
  • Workaround a browser size fingerprinting issue by using small icons in the web browser's navigation toolbar.
  • Upgrade Pidgin to 2.10.8, that fixes a number of serious security issues.
• Major improvements
  • Check for upgrades availability using Tails Upgrader, and propose to apply an incremental upgrade whenever possible.
  • Install Linux 3.12 (3.12.6-2).
• Bugfixes
  • Fix the keybindings problem introduced in 0.22.
  • Fix the Unsafe Browser problem introduced in 0.22.
  • Use IE's icon in Windows camouflage mode.
  • Handle some corner cases better in Tails Installer.
  • Use the correct browser homepage in Spanish locales.
• Minor improvements
  • Update Torbutton to 1.6.5.3.
  • Do not start Tor Browser automatically, but notify when Tor
    is ready.
  • Import latest Tor Browser prefs.
  • Many user interface improvements in Tails Upgrader.

See the online Changelog for technical details.

Known issues

• The memory erasure on shutdown does not work on some hardware.
• Longstanding known issues.

I want to try it or to upgrade!

Go to the download page.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

The next Tails release is scheduled for March 18.

Have a look to our roadmap to see where we are heading to.

Would you want to help? There are many ways you can contribute to Tails. If you want to help, come talk to us!

Support and feedback

For support and feedback, visit the Support section on the Tails website.

Tails, The Amnesic Incognito Live System, version 0.22, is out.

All users must upgrade as soon as possible: this release fixes numerous security issues.

Download it now but first, please consider testing the incremental upgrade.

Changes

• Security fixes
  • Upgrade to Iceweasel 24.2.0esr that fixes a few serious security issues.
  • Stop migrating persistence configuration and access rights. Instead, disable all persistence configuration files if the mountpoint has wrong access rights.
  • Upgrade to NSS 3.15.3 that fixes a few serious security issues affecting the browser.
• Major improvements
  • Switch to Iceweasel 24.2.0esr and Torbutton 1.6.5.
  • Incremental upgrades are ready for beta-testing.
• Bugfixes
  • Fix Vidalia startup.
  • Disable DPMS screen blanking.
  • Fix checking of the persistent volume"s ACL.
  • Sanitize more IP and MAC addresses in bug reports.
  • Do not fail USB upgrade when the "tmp" directory exists on the destination device.
• Minor improvements
  • Clearer warning when deleting the persistent volume.
  • Use IBus instead of SCIM.
  • Always list optimal keyboard layout in the greeter.
  • Fix on-the-fly translation of the greeter in various languages.
  • Update I2P to 0.9.8.1 and rework its configuration.

See the online Changelog for technical details.

Known issues

• The Unsafe Browser cannot connect to the Internet (ticket #6479). This can be workaround"ed by setting network.proxy.socks_remote_dns to false on the about:config web page.
• Keyboard shortcuts use QWERTY mapping instead of AZERTY on French keyboard (ticket #6478). This may impact other keyboard layouts as well.
• TorBrowser takes too long to shutdown (ticket #6480).
• TorBrowser proposes to share the microphone with websites (ticket #6481).
• htpdate uses a different User-Agent than the Tor Browser (ticket #6477).
• The included Linux 3.10-3 (version 3.10.11-1) kernel has a few known security issues.
• Longstanding known issues.

I want to try it or to upgrade!

Go to the download page but first, please consider testing the incremental upgrade.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

The next Tails release is scheduled for January 21.

Have a look to our roadmap to see where we are heading to.

Would you want to help? There are many ways you can contribute to Tails. If you want to help, come talk to us!

Tails, The Amnesic Incognito Live System, version 0.21, is out.

All users must upgrade as soon as possible: this release fixes numerous security issues.

Download it now.

Changes

• Security fixes
  • Don't grant access to the Tor control port for the desktop user. Else, an attacker able to run arbitrary code as this user could obtain the public IP.
  • Don't allow the desktop user to directly change persistence settings. Else, an attacker able to run arbitrary code as this user could leverage this feature to gain persistent root access, as long as persistence is enabled.
  • Install Iceweasel 17.0.10esr with Torbrowser patches.
  • Patch Torbutton to make window resizing closer to what the design says.
• New features
  • Add a persistence preset for printing settings.
  • Support running Tails off more types of SD cards.
• Minor improvements
  • Add a KeePassX launcher to the top panel.
  • Improve the bug reporting workflow.
  • Prefer stronger ciphers when encrypting data with GnuPG.
  • Exclude the version string in GnuPG's ASCII armored output.
  • Use the same custom Startpage search URL than the TBB. This apparently disables the new broken "family" filter.
  • Provide a consistent path to the persistent volume mountpoint.
• Localization
  • Many translation updates all over the place.

See the online Changelog for technical details.

Known issues

• On some hardware, Vidalia does not start.
• Longstanding known issues.

What's coming up?

The next Tails release is scheduled for around December 11.

Have a look to our roadmap to see where we are heading to.

Would you want to help? There are many ways you can contribute to Tails. If you want to help, come talk to us!

Tails, The Amnesic Incognito Live System, version 0.20, is out.

All users must upgrade as soon as possible: this release fixes numerous security issues.

Download it now.

Changes

Notable user-visible changes include:

• New features
  • Install Linux kernel 3.10.3-1 from Debian unstable.
  • Iceweasel 17.0.8esr + Torbrowser patches.
• Bugfixes
  • Prevent Iceweasel from displaying a warning when leaving HTTPS web sites.
  • Make Iceweasel use the correct, localized search engine.
  • Fix Git access to https:// repositories.
• Minor improvements
  • Install Dasher, a predictive text entry tool.
  • Add a wrapper around TrueCrypt which displays a warning about it soon being deprecated in Tails.
  • Remove Pidgin libraries for all protocols but IRC and Jabber/XMPP. Many of the other protocols Pidgin support are broken in Tails and haven't got any security auditting.
  • Disable the pre-defined Pidgin accounts so they do not auto-connect on Pidgin start.
  • Include information about Alsa in WhisperBack reports.
  • Explicitly restrict access to ptrace. While this setting was enabled by default in Debian's Linux 3.9.6-1, it will later disabled in 3.9.7-1. It's unclear what will happen next, so let's explicitly enable it ourselves.
  • Do not display dialog when a message is sent in Claws Mail.
  • Sync iceweasel preferences with the Torbrowser's.
• Localization
  • Many translation updates all over the place.
  • Merge all Tails-related POT files into one, and make use of intltoolize for better integration with Transifex.

See the online Changelog for technical details.

Known issue

No new known issue but longstanding known issues.

I want to try it / to upgrade!

See the Getting started page.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

The next Tails release is scheduled for around September 19.

Have a look to our roadmap to see where we are heading to.

Would you want to help? There are many ways you can contribute. If you want to help, come talk to us!

Tails, The Amnesic Incognito Live System, version 0.19, is out.

All users must upgrade as soon as possible.

Download it now.

Changes

Notable user-visible changes include:

• New features
  • Linux 3.9.5-1.
  • Iceweasel 17.0.7esr + Torbrowser patches.
  • Unblock Bluetooth, Wi-Fi, WWAN and WiMAX; block every other type of wireless device.
• Bugfixes
  • Fix write access to boot medium at the block device level.
  • tails-greeter l10n-related fixes.
  • gpgApplet: partial fix for clipboard emptying after a wrong passphrase was entered.
• Minor improvements
  • Drop GNOME proxy settings.
  • Format newly created persistent volumes as ext4.
  • GnuPG: don't connect to the keyserver specified by the key owner.
  • GnuPG: locate keys only from local keyrings.
  • Upgrade live-boot and live-config to the 3.0.x final version from Wheezy.
• Localization: many translation updates all over the place.
• Test suite
  • Re-enable previously disabled boot device permissions test.

See the online Changelog for technical details.

Known issues

No new known issue but longstanding known issues.

I want to try it / to upgrade!

See the Getting started page.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

The next Tails release is scheduled for early August.

Have a look to our roadmap to see where we are heading to.

Would you want to help? As explained in our "how to contribute" documentation, there are many ways you can contribute to Tails. If you want to help, come talk to us!

Tails, The Amnesic Incognito Live System, version 0.18, is out.

All users must upgrade as soon as possible.

Download it now.

Changes

Notable user-visible changes include:

• New features
  • Support obfs3 bridges.
  • Automatically install a custom list of additional packages chosen by the user at the beginning of every working session, and upgrade them once a network connection is established (technology preview).
• Iceweasel
  • Upgrade to Iceweasel 17.0.5esr-0+tails2~bpo60+1.
  • Update Torbrowser patches to current maint-2.4 branch (567682b).
  • Torbutton 1.5.2, and various prefs hacks to fix breakage.
  • HTTPS Everywhere 3.2
  • NoScript 2.6.6.1-1
  • Isolate DOM storage to first party URI, and enable DOM storage.
  • Isolate the image cache per url bar domain.
  • Update prefs to match the TBB's, fix bugs, and take advantage of the latest Torbrowser patches.
  • Make prefs organization closer to the TBB's, and generally clean them up.
• Bugfixes
  • Linux 3.2.41-2+deb7u2.
  • All Iceweasel prefs we set are now applied.
  • Bring back support for proxies of type other than obfsproxy.
• Minor improvements
  • Set kernel.dmesg_restrict=1, and make /proc/<pid>/ invisible and restricted for other users. It makes it slightly harder for an attacker to gather information that may allow them to escalate privileges.
  • Install gnome-screenshot.
  • Add a About Tails launcher in the System menu.
  • Install GNOME accessibility themes.
  • Use Getting started... as the homepage for the Tails documentation button.
  • Disable audio preview in Nautilus.
• Localization: many translation updates all over the place.

See the online Changelog for technical details.

Known issue

The web browser default search engine is Google, instead of the intended localized Startpage. You may select Startpage HTTPS in the search engine menu next to the Google icon.

I want to try it / to upgrade!

See the Getting started page.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

The next Tails release is scheduled for June 27.

Have a look to our roadmap to see where we are heading to.

Would you want to help? As explained in our "how to contribute" documentation, there are many ways you can contribute to Tails. If you want to help, come talk to us!

Tails, The Amnesic Incognito Live System, version 0.17, is out.

All users must upgrade as soon as possible.

Download it now.

Changes

Notable user-visible changes include:

• New features
  • Install the KeePassX password manager, with a configuration and documentation that makes it easy to persist the password database.
• Iceweasel
  • Upgrade to Iceweasel 17.0.3esr-1+tails1~bpo60+1.
  • Do not allow listing all available fonts.
  • Improve default spellchecker dictionary selection.
  • Disable the add-ons automatic update feature.
  • Remove NoScript click-to-play confirmation.
  • Sync some prefs set by Torbutton, to be ready when it stops setting these.
  • Disable navigation timing.
  • Disable SPDY.
  • More aggressive iceweasel HTTP pipelining settings.
  • Enable WebGL (as click-to-play only).
  • Disable network.http.connection-retry-timeout.
  • Disable full path information for plugins.
  • Remove NoScript blocks of WebFonts.
• Minor improvements
  • Upgrade to live-boot 3.0~b11-1 and live-config 3.0.12-1.
  • Don't add "quiet" to the kernel command-line ourselves.
  • Upgrade I2P to 0.9.4.
• Bugfixes
  • Many bugfixes brought by the Debian Squeeze 6.0.7 point-release.
  • Use the regular GnuPG agent + pinentry-gtk2 instead of Seahorse as a GnuPG agent. This fixes usage of OpenPGP in Claws Mail, and brings support for OpenPGP smartcards.
  • Enable I2P hidden mode. Else, killing I2P ungracefully is bad for the I2P network.
  • Add shutdown and reboot launchers to the menu. This workarounds the lack of a shutdown helper applet in camouflage mode.
  • Remove Pidgin's MXit and Sametime support to workaround security flaws.
• Hardware support
  • Install recent Intel and AMD microcode.
  • Install firmware loader for Qualcomm Gobi USB chipsets.
  • Upgrade barry to 0.18.3-5~bpo60+1.
• Localization
  • Tails USB Installer: update translations for Arabic, Czech, German, Hebrew, Polish and Spanish.
  • tails-greeter: update Spanish and French translations, new Polish translation.
  • tails-persistence-setup: update translations for Arabic, Bulgarian, Spanish, French, Dutch, Polish and Chinese.
  • WhisperBack: update Spanish and Korean translations, import new Polish translation.

Plus the usual bunch of bug reports and minor improvements.

See the online Changelog for technical details.

I want to try it / to upgrade!

See the Getting started page.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

The next Tails release is scheduled for April 9. It will probably be a minor, bugfix only one.

Have a look to our roadmap to see where we are heading to.

Would you want to help? As explained in our "how to contribute" documentation, there are many ways you can contribute to Tails. If you want to help, come talk to us!

Tails, The Amnesic Incognito Live System, version 0.16, is out.

All users must upgrade as soon as possible.

Download it now.

Changes

Notable user-visible changes include:

• Minor improvements
  • Replace the too-easy-to-misclick shutdown button with a better "Shutdown Helper" applet.
  • Display ~/Persistent in GNOME Places and Gtk file chooser.
  • Install dictionaries for a few languages.
  • Set Unsafe Browser's window title to "Unsafe Browser".
  • Install ekeyd to support the EntropyKey.
  • Install font for Sinhala script.
  • Update Poedit to 1.5.4.
  • Expose Vidalia's "broken onion" icon less.
  • Hide the persistence setup launchers in kiosk mode.
• Bugfixes
  • Disable IPv6 on all network interfaces. This is a workaround for the IPv6 link-local multicast leak that was recently discovered.
  • Tails may previously have been able to list GPT partitions labelled "TailsData" on hard drives (!) as valid persistence volumes... this is now fixed.
  • Fix SCIM in the autostarted web browser.
  • Talk of DVD, not of CD, in the shutdown messages.
  • Make tordate work in bridge mode with an incorrect clock.
• Iceweasel
  • Update iceweasel to 10.0.12esr-1+tails1.
  • Set the homepage to the news section on the Tails website.
  • Hide the iceweasel add-on bar by default.
  • Don't hide the AdBlock-Plus button in the add-on bar anymore.
  • Don't install xul-ext-monkeysphere anymore.
• Localization
  • tails-greeter: add German translation, update Portuguese (Brasil) and Russian ones.
  • tails-persistence-setup: update French, German and Italian translations.

Plus the usual bunch of bug reports and minor improvements.

See the online changelog for technical details.

Want to try it or upgrade?

See the Getting started page.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

See the release schedule for Tails 0.17.

Have a look to our roadmap to see where we are heading to.

Would you want to help? As explained in our "how to contribute" documentation, there are many ways you can contribute to Tails. If you want to help, come talk to us!

Tails, The Amnesic Incognito Live System, version 0.15, is out.

All users must upgrade as soon as possible.

Download it now

Thank you, and congrats, to everyone who helped make this happen!

Changes

Notable user-visible changes include:

• Tor 0.2.3.25
• Major new features
  • Persistence for browser bookmarks.
  • Support for obfsproxy bridges.
• Minor improvements
  • Add the Hangul (Korean) Input Method Engine for SCIM.
  • Preliminary support for some OpenPGP SmartCard readers.
  • Support printers that need HPIJS PPD and/or the IJS driver.
  • Optimize fonts display for LCD.
  • Update TrueCrypt to version 7.1a.
• Bugfixes
  • Fix gpgApplet menu display in Windows camouflage mode.
  • Fix Tor reaching an inactive state if it is restarted in "bridge mode",
    e.g. during the time synchronization process.
• Iceweasel
  • Update iceweasel to 10.0.11esr-1+tails1.
  • Update HTTPS Everywhere to version 3.0.4.
  • Update NoScript to version 2.6.
  • Fix bookmark to I2P router console.
• Localization
  • The Tails USB installer, tails-persistence-setup and tails-greeter
    are now translated into Bulgarian.
  • Update Chinese translation for tails-greeter.
  • Update Euskadi translation for WhisperBack.

Plus the usual bunch of bug reports and minor improvements.

See the online Changelog for technical details.

Don't hesitate to get in touch with us.