% Tails — Privacy for anyone anywhere % intrigeri % June, 2014

What what who

Who I am

  • Tails contributor
  • Debian developer

What is Tails

The Amnesic Incognito Live System


A Live operating system

  • works on (almost) any computer
  • boots off a DD, a USB stick, or a SD card

Preserving privacy and anonymity #1

  • use the Internet anonymously and circumvent censorship:
    all connections to the Internet are forced to go through the Tor network
  • leave no trace on the computer you are using unless you ask it explicitly

Preserving privacy and anonymity #2

  • cryptographic tools:
    encrypt your files, emails and instant messaging
  • media production tools:
    sound, video, office publishing, graphics...

Other features

And... it works?

  • According to the NSA, yes :
    "(S//REL) Tails: Complete Bootable OS on CD for anonymity - includes Tor
    (S//REL) Adds Severe CNE misery to equation"
    (Thanks to a famous Tails user for providing these documents.)
  • Bruce Schneier, December 2013 :
    "What do I trust? I trust, I trust Tails, I trust GPG [...]"
    "I don't use Linux. (Shhh. Don't tell anyone.)
    Although I have started using Tails""

Usability: a security feature

Our starting point

  • privacy and anonymity: collective matters
  • more secure tool, but less usable
    ⇒ collectively, less security

Our hypothesis

Often usability matters more than "pure" security.

Make a "baseline" security level (privacy, anonymity) very accessible
⇒ Tails is widely used
⇒ more contributors
⇒ energy ↗ to improve security without decreasing usability


  • GNOME desktop
  • desktop cryptographic tools (Seahorse, OpenPGP applet, GNOME Disks)
  • integrates the "Spoof MAC address, or not" decision in a user-friendly way
  • documentation
  • translations
  • warnings
  • WhisperBack

A small delta, to avoid drowning

History lesson

Often, specialized distributions die quickly.
At least in this area.
✝ Haven, Anonym.OS, ParanoidLinux, onionOS, Phantomix and many others. RIP.


  • small teams, not organized to grow
  • underestimation of the maintenance and user support work
  • no long-term commitment
  • NIH

Our hypothesis

  • focus on maintainability
  • avoid having a delta that grows too much, or too fast, wrt. our upstreams

Examples: what we did not do internally

... despite pressure:

  • grsecurity
  • compile-time hardening

Examples: what we did internally

... but should share:

  • OpenPGP applet
  • erasing memory on shutdown

Examples: what we're doing upstream

  • AppArmor
  • libvirt
  • Seahorse
  • Debian
  • Debian Live
  • fix OTR downgrade → v1

Consequences #1

  • little Tails-specific code
  • glue work
  • "social" work:
    talk to upstreams
    spread the word about our needs
    find skilled people to do the work at the best place
  • slow rhythm (waiting the next Debian release, and sometimes the one after), despite backports

Consequences #2

And, above all...

. . .

Tails is still alive!


Cadence & popularity

  • new release every 6 weeks
  • about 10k boots a day, doubles every 6-9 months

Limited resources and time

  • mostly volunteer work
  • 2000 commits, by ~10 persons, on the last 6 months



  • welcome more varied contributions
  • ... from more varied people
  • make our life easier
  • make Tails (even) more usable
  • better protect users against targeted attacks

This summer

  • Tails 1.1 — July 22: Debian Wheezy, UEFI

And then

Tails needs you, for...


Translators can allow more people around the world to use Tails.



Good writers can make Tails accessible to more people.


  • #6318: Fix key trusting instructions to work when we update our signing key
  • #6469: Document the workflow to upgrade Tails from ISO using 2 USB sticks


Early testers help improve Tails quality.


  • #5174: Test Pidgin SSL validation in Debian unstable
  • #5709: Test OnionCat unidirectional mode for VoIP


Web and graphics designers can make Tails easier to use and more appealing.



  • #7258: Make the logos on the homepage clickable
  • #6323: Improve the CSS of the boxed titles
  • #6361: Create a stylesheet for the contributor's role


User interface and user experience experts can make Tails easier to use and more appealing.


  • #7437: Design a progress indicator while establishing a connection to Tor
  • #6417: Evaluate Tails Greeter revamp proposals


Software people with very diverse skills can improve Tails.


  • #5917: tails-greeter password field : Warn when caps-lock in ON
  • #6918: Track hardening status of the binaries shipped in Tails
  • #5881: Add reboot button to persistence setup assistant


System administrators can improve the development and quality assurance processes.


  • #6295: Evaluate consequences of importing large amounts of packages into reprepro
  • #6891: Monitor broken links on our website


One can improve Tails (and other Debian derivatives, such as Freepto ;) by contributing to Debian.



Those who have too much money can speed up the development of Tails.


Where to start?

Tell us about your skills and desires,

we'll help you get started :)


Talk to us