Tails needs Debian
(and the other way around?)


August, 2014

What Tails is

What's in a name

The amnesic incognito live system


A Live operating system

  • works on (almost) any x86 computer
  • boots off a DVD, a USB stick, or a SD card
  • based on Debian ♥

Preserving privacy and anonymity #1

  • use the Internet anonymously, circumvent censorship:
    all connections to the Internet are forced to go through the Tor network
  • leave no trace on the computer you are using unless you ask it explicitly

Preserving privacy and anonymity #2

  • desktop cryptographic tools:
    encrypt files, email and instant messaging
    metadata anonymization (https://packages.d.o/mat)
  • media production tools:
    sound, video, office publishing, graphics...

Usability = a security feature

  • yes, you may be able to protect yourself
  • but privacy and security = collective matters
  • if only tech-savvy users can use our stuff,
    then the others will use something worse,
    and collectively we've lost.

Other features

  • first release in 2009
  • translated into many languages
  • Free Software, public and open development:
    Git, Redmine, meetings and roadmap
  • specs and design documentation: https://tails.boum.org/contribute/design/

And... it works?

  • According to the NSA, yes:
    (S//REL) Tails: Complete Bootable OS on CD for anonymity - includes Tor
    (S//REL) Adds Severe CNE misery to equation

    (Thanks to a famous Tails user for providing these documents.)
  • Bruce Schneier, December 2013:
    What do I trust? I trust, I trust Tails, I trust GPG [...]
    I don't use Linux. (Shhh. Don't tell anyone.)
    Although I have started using Tails


  • broad and diverse



  • preparing a release takes 6-10 solid days of work
  • new release every 6 weeks + a RC 1-2 weeks before


in July:

  • 11.5k boots a day
    (doubles every 6-12 months, since years)
  • 35k downloads of the OpenPGP signature of Tails ISO
  • ⇒ increasing expectations

Limited resources and time

  • mostly volunteer work
  • 2000 commits, by ~10 persons, on the last 6 months


Tails and its upstreams

History lesson

  • most distributions in this area have died quickly
  • ⇒ focus on maintainability
  • ⇒ avoid having a delta that grows too much, or too fast,
    wrt. our upstreams

Examples: what we did not do internally

... despite pressure:

  • grsecurity
  • compile-time hardening

Examples: what we did internally

... and are in the process of sharing:

  • OpenPGP applet
  • erasing memory on shutdown

Examples: what we're doing upstream

  • AppArmor
  • libvirt
  • Seahorse
  • various Debian things
  • fix OTR downgrade → v1

Consequences #1

  • little Tails-specific code: mostly glue work
  • social work:
    talk to upstreams
    spread the word about our needs
    find skilled people to do the work at the best place
  • slow rhythm, despite backports

Consequences #2

And, above all...

Tails is still alive!

Tails needs Debian

Keep up the good work!

Debian is an awesome basis for derivatives.

Thank you ☺

Many one-shot small tasks

  • backports
  • usertagged bugs ()

Help us help Debian

  • in August: 5 Tails contributors have had stuff uploaded
  • more to come!
  • already a few mentors and sponsors (thank you), need more

Distro-wide improvements



  • derivatives patches tracking tools
  • continuous integration

Where to start?

Debian needs Tails?

How can Tails be better for Debian?

You tell me.


Talk to us

  • I'm here.
  • Development:
  • Translation:
  • User experience:
  • Early testing:
  • Project:
  • Website: https://tails.boum.org/