Developer | The Tails project |
---|---|
OS family | Linux (Unix-like) |
Working state | Active |
Source model | Open source |
Initial release | June 23, 2009 |
Latest release | 5.21[1] / 22 December 2023 |
Repository | |
Marketing target | Personal computers |
Update method | Tails Upgrader[2] |
Package manager | APT (front-end), dpkg |
Platforms | x86-64[3] |
Kernel type | Monolithic |
Userland | GNU |
Default user interface | GNOME 3 |
License | GNU GPLv3[4] |
Preceded by | Incognito |
Official website | tails |
Tails, or "The Amnesic Incognito Live System", is a security-focused Debian-based Linux distribution aimed at preserving Internet privacy and anonymity.[5] It connects to the Internet exclusively through the anonymity network Tor.[6] The system is designed to be booted as a live DVD or live USB and never writes to the hard drive or SSD, leaving no digital footprint on the machine unless explicitly told to do so. It can also be run as a virtual machine, with some additional security risks.[7]
The Tor Project provided financial support for Tails' development in the beginnings of the project,[8] and continues to do so alongside numerous corporate and anonymous sponsors.
History
Tails was first released on June 23, 2009. It is the next iteration of development on Incognito, a discontinued Gentoo-based Linux distribution.[9] The original project was called Amnesia. The operational system was born when Amnesia was merged with Incognito.[10] The Tor Project provided financial support for its development in the beginnings of the project.[8] Tails also received funding from the Open Technology Fund, Mozilla, and the Freedom of the Press Foundation.[11]
Laura Poitras, Glenn Greenwald, Bruce Schneier and Barton Gellman have each said that Tails was an important tool they used in their work with National Security Agency whistleblower Edward Snowden.[10][12][13][14]
From release 3.0, in 2017, Tails requires a 64-bit processor to run.[15]
Features
Tails's pre-installed desktop environment is GNOME 3. The system includes essential software for functions such as reading and editing documents, image editing, video watching and printing. Other software from Debian can be installed at the user's behest.[16][17] Despite being open-source, Tails contains non-free firmware blobs.[18]
Tails includes a unique variety of software that handles the encryption of files and internet transmissions, cryptographic signing and hashing, and other functions important to security. It is pre-configured to use Tor with multiple connection options. It tries to force all connections to use Tor and blocks connection attempts outside Tor. For networking, it features a modified version of Tor Browser with the inclusion of uBlock Origin,[19] instant messaging, email, file transmission and monitoring local network connections for security.[17]
By design, Tails is "amnesic". It runs in the computer's random access memory (RAM) and does not write to a hard drive or other storage medium. The user may choose to keep files, applications or some settings on their Tails drive in "Persistent Storage". Though the Persistent Storage is encrypted by default, it is not hidden and detectable by forensic analysis.[20] While shutting down, Tails overwrites most of the used RAM to avoid a cold boot attack.[21]
Security incidents
In 2014 Das Erste reported that the NSA's XKeyscore surveillance system sets threat definitions for people who search for Tails using a search engine or visit the Tails website. A comment in XKeyscore's source code calls Tails "a comsec mechanism advocated by extremists on extremist forums".[22][23]
In the same year, Der Spiegel published slides from an internal National Security Agency presentation dating to June 2012, in which the NSA deemed Tails on its own as a "major threat" to its mission and in conjunction with other privacy tools as "catastrophic".[24][25]
In 2017, the FBI used malicious code developed by Facebook, identifying sexual extortionist and Tails user Buster Hernandez through a zero-day vulnerability in the default video player. The exploit was never explained to or discovered by the Tails developers, but it is believed that the vulnerability was patched in a later release of Tails. Hernandez had eluded authorities for a long time; the FBI and Facebook had searched for him with no success, and resorted to developing the custom hacking tool.[26]
See also
References
- ↑ "Tails 5.21". December 22, 2023. Retrieved December 25, 2023.
- ↑ "Tails - Incremental upgrades". tails.boum.org. Archived from the original on December 1, 2017. Retrieved June 15, 2017.
- ↑ "Tails - System requirements". tails.boum.org.
- ↑ "Tails 0.11 incognito live system released". The H. April 30, 2012. Retrieved August 12, 2012.
- ↑ Vervloesem, Koen (April 27, 2011). "The Amnesic Incognito Live System: A live CD for anonymity". LWN.net. Retrieved August 12, 2012.
- ↑ "Anonym im Netz" [Anonymous on the Net]. TecChannel (in German). February 6, 2012. Retrieved August 12, 2012.
- ↑ "Running Tails in a virtual machine". tails.boum.org. Retrieved September 20, 2021.
- 1 2 "Finances". Tails. April 4, 2013. Retrieved May 13, 2013.
- ↑ Gray, James (September 16, 2011). "The Tails Project's The Amnesic Incognito Live System (Tails)". Linux Journal. Retrieved August 12, 2012.
- 1 2 Finley, Klint (April 14, 2014). "Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA". WIRED. Retrieved April 18, 2014.
- ↑ "Tails report for May, 2014". Tails. June 14, 2014. Archived from the original on July 1, 2014. Retrieved July 6, 2014.
- ↑ Timm, Trevor (April 2, 2014). "Help Support the Little-Known Privacy Tool That Has Been Critical to Journalists Reporting on the NSA". Freedom of the Press Foundation. Retrieved April 18, 2014.
- ↑ Condliffe, Jamie (April 15, 2014). "Try the Super-Secure USB Drive OS That Edward Snowden Insists on Using". Gizmodo. Retrieved April 15, 2014.
- ↑ "Air Gaps - Schneier on Security". www.schneier.com. Retrieved August 3, 2023.
- ↑ "Tails - Tails 3.0 is out". tails.boum.org. Archived from the original on May 22, 2019. Retrieved June 14, 2017.
- ↑ "APT repository". tails.boum.org. October 7, 2019. Archived from the original on September 25, 2019. Retrieved October 7, 2019.
- 1 2 "Features and included software". tails.boum.org. October 7, 2019. Archived from the original on August 23, 2019. Retrieved October 7, 2019.
- ↑ "Explaining Why We Don't Endorse Other Systems". www.gnu.org. Archived from the original on June 22, 2023. Retrieved June 23, 2023.
- ↑ "Browsing the web with Tor Browser". tails.boum.org. Archived from the original on February 8, 2022. Retrieved March 16, 2022.
- ↑ "Tails - Creating and configuring the Persistent Storage". tails.boum.org. Archived from the original on October 7, 2019. Retrieved October 7, 2019.
- ↑ "Tails - Memory erasure". tails.boum.org.
- ↑ Appelbaum, J.; Gibson, A.; Goetz, J.; Kabisch, V.; Kampf, L.; Ryge, L. (July 3, 2014). "NSA targets the privacy-conscious". DasErste.de.
- ↑ Bruce Schneier (July 3, 2014). "NSA Targets Privacy Conscious for Surveillance". Schneier on Security.
- ↑ SPIEGEL Staff (December 28, 2014). "Prying Eyes: Inside the NSA's War on Internet Security". Der Spiegel. Retrieved January 23, 2015.
- ↑ "Presentation from the SIGDEV Conference 2012 explaining which encryption protocols and techniques can be attacked and which not" (PDF). Der Spiegel. December 28, 2014. Archived from the original (PDF) on December 30, 2014. Retrieved January 23, 2015.
- ↑ Franceschi-Bicchierai, Lorenzo (June 10, 2020). "Facebook Helped the FBI Hack a Child Predator". Vice.