Scaricate Tails 4.6

While you are downloading, we recommend you read the release notes for Tails 4.6 . They document all the changes in this new version: new features, problems that were solved, and known issues that have already been identified.

Direct download

1.1Download Tails

Download Tails 4.6 USB image ( 1.2 GB ) Download Tails 4.6 USB image ( 1.2 GB )

Scarica Tails 4.6 ISO image ( 1.2 GB ) Scarica Tails 4.6 ISO image ( 1.2 GB )

I already downloaded Tails 4.6 .

If the download fails, try to download from another mirror. download from another mirror.

1.2Verify your download using your browser

For your security,
always verify your download!

Perché?

With an unverified download, you might:

Lose time if your download is incomplete or broken due to an error during the download. This is quite frequent.
Get hacked while using Tails if our download mirrors have been compromised and are serving malicious downloads.
This already happened to other operating systems.
Get hacked while using Tails if your download is modified on the fly by an attacker on the network.
This is possible for strong adversaries.

How does the extension work?

Our browser extension makes it quick and easy.

Install Tails Verification extension Install Tails Verification extension

You seem to have JavaScript disabled. To use our browser extension, please allow all this page:

Your extension is an older version.

Update extension Update extension

Tails Verification extension installed!

Verificare Tails 4.6 …

Verifying $FILENAME…

Verification successful!

Verification failed!

Perché?

Most likely, the verification failed because of an error or interruption during the download.

The verification also fails if you try to verify a different download than the latest version ( 4.6 ).

Less likely, the verification might have failed because of a malicious download from our download mirrors or due to a network attack in your country or local network.

Downloading again is usually enough to fix this problem.

How does the extension work?

Please try to download again…

Verification failed again!

Perché?

The verification might have failed again because of:

A software problem in our verification extension
A malicious download from our download mirrors
A network attack in your country or local network

Trying from a different place or a different computer might solve any of these issues.

Please try to download again from a different place or a different computer…

1.3Continue installing upgrading installing or upgrading

Skip download Skip download Skip download Skip download Skip download Skip download Skip download Skip download Skip download Skip download

Skip verification!

Skip verification

Next: Install Tails ()

Next: Install an intermediary Tails ()

Next: Burning Tails on a DVD

Next: Virtualization

Upgrade your Tails USB stick and keep your Persistent Storage:

Install a new USB stick:

You are using $DETECTED-BROWSER.

Direct download is only available for:

Firefox $MINVER-FIREFOX and later (Download)
Chrome$MINVER-CHROME and later (Download)
Tor Browser $MINVER-TOR-BROWSER and later (Download)

Please update your browser to the latest version.

For your security,
always verify your download!

Why?

With an unverified download, you might:

Lose time if your download is incomplete or broken due to an error during the download. This is quite frequent.
Get hacked while using Tails if our download mirrors have been compromised and are serving malicious downloads.
This already happened to other operating systems.
Get hacked while using Tails if your download is modified on the fly by an attacker on the network.
This is possible for strong adversaries.

How does the extension work?

Our browser extension for Firefox, Chrome, and Tor Browser makes this quick and easy.

Copy and paste this link in Firefox, Chrome, or Tor Browser:

https://tails.boum.org/install/win/usb-download/

https://tails.boum.org/install/linux/usb-download/

https://tails.boum.org/install/mac/usb-download/

https://tails.boum.org/upgrade/tails-download/

https://tails.boum.org/upgrade/win-download/

https://tails.boum.org/upgrade/mac-download/index.it.html

https://tails.boum.org/upgrade/linux-download/index.it.html

https://tails.boum.org/install/dvd-download/index.it.html

https://tails.boum.org/install/vm-download/index.it.html

https://tails.boum.org/install/download/index.it.html

https://tails.boum.org/install/download-iso/index.it.html

BitTorrent download

Cos'è BitTorrent?

BitTorrent is a peer-to-peer technology for file sharing that makes your download faster and easier to resume.

You need to install BitTorrent software on your computer, like Transmission (for Windows, macOS, and Linux).

BitTorrent doesn't work over Tor or in Tails.

1.1Download Tails (Torrent file)

Download Tails 4.6 Torrent file for USB image

Download Tails 4.6 Torrent file for ISO image

1.2Verify your download using BitTorrent

Your BitTorrent client will automatically verify your download when it is complete.

1.3Continue installing upgrading installing or upgrading

Open and download the Torrent file with your BitTorrent client. It contains the Tails 4.6 USB ISO image that you will use in the next step. image.

Skip download Skip download Skip download Skip download Skip download Skip download Skip download Skip download Skip download Skip download

Next: Install Tails ()

Next: Install an intermediary Tails ()

Next: Burning Tails on a DVD

Next: Virtualization

Upgrade your Tails USB stick and keep your Persistent Storage:

Install a new USB stick:

Verify using OpenPGP (optional)

If you know OpenPGP, you can also verify your download using an OpenPGP signature instead of, or in addition to, our browser extension or BitTorrent.

Download the OpenPGP signature for the Tails 4.6 USB image OpenPGP signature for the Tails 4.6 ISO image and save it to the same folder where you saved the image.

Basic OpenPGP verification

See instructions for basic OpenPGP verification.

Questa sezione fornisce istruzioni semplificate:

In Windows con Gpg4win
In macOS con GPGTools
In Tails
Usando la riga di comando

In Windows con Gpg4win

Download the OpenPGP signature for the Tails 4.6 USB image OpenPGP signature for the Tails 4.6 ISO image and save it to the same folder where you saved the image.
Download the Tails signing key and import it into Gpg4win.

See the Gpg4win documentation on importing keys.
Verify the signature of the image that you downloaded.

Guarda la documentazione Gpg4win su come verificare le firme.

Verify that the date of the signature is at most five days earlier than the latest version: 2020-05-05.

Se compare il seguente avviso:
```
    Not enough information to check the signature validity.
    Signed on ... by tails@boum.org (Key ID: 0x58ACD84F
    The validity of the signature cannot be verified.
    
```
Then the image is still correct according to the signing key that you downloaded. To remove this warning you need to authenticate the signing key through the OpenPGP Web of Trust.

In macOS usando GPGTools

Download the OpenPGP signature for the Tails 4.6 USB image OpenPGP signature for the Tails 4.6 ISO image and save it to the same folder where you saved the image.
Download the Tails signing key and import it into GPGTools.

See the GPGTools documentation on importing keys.
Open Finder and navigate to the folder where you saved the image and the signature.
Control-click on the image and choose Services ▸ OpenPGP: Verify Signature of File.

Su Tails

Tails comes with the Tails signing key already imported.

Download the OpenPGP signature for the Tails 4.6 USB image OpenPGP signature for the Tails 4.6 ISO image and save it to the same folder where you saved the image.
Open the file browser and navigate to the folder where you saved the image and the signature.
Right-click (on Mac, click with two fingers) on the signature and choose Open With Verify Signature.
The verification of the image starts automatically:
After the verification finishes, you should see a notification that the signature is good:

Verify that the date of the signature is at most five days earlier than the latest version: 2020-05-05.

If instead, you see a notification that the signature is valid but untrusted:

Then the image is still correct according to the signing key that you downloaded. To remove this warning you need to authenticate the signing key through the OpenPGP Web of Trust.

Usare la riga di comando

Download the OpenPGP signature for the Tails 4.6 USB image OpenPGP signature for the Tails 4.6 ISO image and save it to the same folder where you saved the image.
Download the Tails signing key and import it into GnuPGP.

To import the Tails signing key into GnuPGP, open a terminal and navigate to the folder where you saved the Tails signing key.

Esegui:

gpg --import tails-signing.key
In a terminal, navigate to the folder where you saved the image and the signature.
Esegui:

TZ=UTC gpg --no-options --keyid-format long --verify tails-amd64-4.6.img.sig tails-amd64-4.6.img

TZ=UTC gpg --no-options --keyid-format long --verify tails-amd64-4.6.iso.sig tails-amd64-4.6.iso

L'output di questo comando dovrebbe essere il seguente:

gpg: Signature made Mon May  4 20:45:43 2020 UTC
gpg:                using RSA key FE029CB4AAD4788E1D7828E8A8B0F4E45B1B50E2
gpg: Good signature from "Tails developers <tails@boum.org>" [full]
gpg:                 aka "Tails developers (offline long-term identity key) <tails@boum.org>" [full]

gpg: Signature made Mon May  4 20:45:29 2020 UTC
gpg:                using RSA key FE029CB4AAD4788E1D7828E8A8B0F4E45B1B50E2
gpg: Good signature from "Tails developers <tails@boum.org>" [full]
gpg:                 aka "Tails developers (offline long-term identity key) <tails@boum.org>" [full]

Verify that the date of the signature is at most five days earlier than the latest version: 2020-05-05.

Se l'output include anche:

gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.

Then the image is still correct according to the signing key that you downloaded. To remove this warning you need to authenticate the signing key through the OpenPGP Web of Trust.

Autenticare la chiave di firma attraverso la Web of Trust OpenPGP

Authenticating our signing key through the OpenPGP Web of Trust is the only way that you can be protected in case our website is compromised or if you are a victim of a man-in-the-middle attack. However, it is complicated to do and it might not be possible for everyone because it relies on trust relationships between individuals.

The verification techniques that we present (browser extension, BitTorrent, or OpenPGP verification) all rely on some information being securely downloaded using HTTPS from our website:

La checksum per l'estensione Firefox
Il file Torrent per BitTorrent
The Tails signing key for OpenPGP verification

It is possible that you could download malicious information if our website is compromised or if you are a victim of a man-in-the-middle attack.

OpenPGP verification is the only technique that protects you if our website is compromised or if you are a victim of a man-in-the-middle attack. But, for that you need to authenticate the Tails signing key through the OpenPGP Web of Trust.

If you are verifying an image from inside Tails, for example, to do a manual upgrade, then you already have the Tails signing key. You can trust this signing key as much as you already trust your Tails installation since this signing key is included in your Tails installation.

One of the inherent problems of standard HTTPS is that the trust put in a website is defined by certificate authorities: a hierarchical and closed set of companies and governmental institutions approved by your web browser vendor. This model of trust has long been criticized and proved several times to be vulnerable to attacks as explained on our warning page.

Noi pensiamo che, invece, gli utilizzatori dovrebbero avere la parola finale sulla fiducia verso un sito internet, e che la fiducia vada riposta sulla base di interazioni umane.

The OpenPGP Web of Trust is a decentralized trust model based on OpenPGP keys that can help with solving this problem. Let's see this with an example:

You are friends with Alice and you really trust her way of making sure that OpenPGP keys actually belong to their owners.
Alice met Bob, a Tails developer, in a conference and certified Bob's key as actually belonging to Bob.
Bob is a Tails developer who directly owns the Tails signing key. So, Bob has certified the Tails signing key as actually belonging to Tails.

In this scenario, you found, through Alice and Bob, a path to trust the Tails signing key without the need to rely on certificate authorities.

Se sei su Debian o Ubuntu, puoi installare il pacchetto debian-keyring che contiene le chiavi OpenPGP di tutti gli sviluppatori Debian. Alcuni sviluppatori Debian hanno certificato la chiave di firma di Tails e puoi usare queste certificazioni per costruire un sentiero di fiducia This technique is explained in detail in our instructions on Questa tecnica è spiegata in dettaglio nelle nostre istruzioni su installare Tails from Debian or Ubuntu usando la riga di comando.

Affidarsi alla Web of Trust richiede sia cautela che supervisione intelligente da parte degli utilizzatori. I dettagli tecnici sono al di fuori degli scopi di questo documento.

Since the Web of Trust is based on actual human relationships and real-life interactions, it is best to get in touch with people knowledgeable about OpenPGP and build trust relationships in order to find your own trust path to the Tails signing key.

Per esempio, puoi iniziare contattando un Linux User Group, un'organizzazione che offra training su Tails, o altri entusiasti di Tails vicino a te e scambiare informazioni sulle loro pratiche OpenPGP.

After you build a trust path, you can certify the Tails signing key by signing it with your own key to get rid of some warnings during the verification process.