1.0

3.10.1

Download Tails 3.10.1

Direct download

1.2Verify your download using your browser

For your security,
always verify your download!

X

With an unverified download, you might:

How does the extension work?

Our browser extension makes it quick and easy.

Install Tails Verification extension Install Tails Verification extension

You seem to have JavaScript disabled. To use our browser extension, please allow all this page:

Your extension is an older version.

Update extension Update extension

Tails Verification extension installed!

Verifying $FILENAME

Verification successful!

Verification failed!

X

Most likely, the verification failed because of an error or interruption during the download.

The verification also fails if you try to verify a different download than the latest version ( 3.10.1 ).

Less likely, the verification might have failed because of a malicious download from our download mirrors or due to a network attack in your country or local network.

Downloading again is usually enough to fix this problem.

How does the extension work?

Please try to download again…

Verification failed again!

X

The verification might have failed again because of:

  • A software problem in our verification extension
  • A malicious download from our download mirrors
  • A network attack in your country or local network

Trying from a different place or a different computer might solve any of these issues.

Please try to download again from a different place or a different computer…

1.3Continue installing upgrading installing or upgrading

You are using $DETECTED-BROWSER.

Direct download is only available for:

  • Firefox $MINVER-FIREFOX and later (Download)
  • Chrome$MINVER-CHROME and later (Download)
  • Tor Browser $MINVER-TOR-BROWSER and later (Download)

Please update your browser to the latest version.

For your security,
always verify your download!

X

With an unverified download, you might:

How does the extension work?

Our browser extension for Firefox, Chrome, and Tor Browser makes this quick and easy.

Copy and paste this link in Firefox, Chrome, or Tor Browser:

https://tails.boum.org/install/debian/usb-download/

https://tails.boum.org/install/win/usb-download/

https://tails.boum.org/install/linux/usb-download/

https://tails.boum.org/install/mac/usb-download/

https://tails.boum.org/install/mac/dvd-download/

https://tails.boum.org/upgrade/tails-download/

https://tails.boum.org/install/dvd-download/

https://tails.boum.org/install/vm-download/

https://tails.boum.org/install/download/

BitTorrent download

X

BitTorrent is a peer-to-peer technology for file sharing that makes your download faster and easier to resume.

You need to install BitTorrent software on your computer, like Transmission (for Windows, macOS, and Linux).

BitTorrent doesn't work over Tor or in Tails.

1.1Download Tails (Torrent file)

Download Tails 3.10.1 Torrent file

1.2Verify your download using BitTorrent

Your BitTorrent client will automatically verify your download when it is complete.

1.3Continue installing upgrading installing or upgrading

Open and download the Torrent file with your BitTorrent client. It contains the Tails 3.10.1 ISO image that you will use in the next step.

Verify using OpenPGP (optional)

If you know OpenPGP, you can also verify your download using an OpenPGP signature instead of, or in addition to, our browser extension or BitTorrent.

  1. Download the Tails signing key.

  2. Laden Sie die Tails 3.10.1 OpenPGP-Signatur des aktuellsten ISO-Images von Tails herunter und speichern Sie sie in dem gleichen Ordner, in dem Sie das ISO-Image gespeichert haben.

Basic OpenPGP verification

See instructions for basic OpenPGP verification.

Dieser Abschnitt bietet vereinfachte Anweisungen:

Unter Windows mit Gpg4win

Lesen Sie die entsprechende Gpg4win-Dokumentation zum Prüfen von Signaturen.

Verify that the date of the signature is at most five days earlier than the latest version: 2018-10-23.

Wenn die folgende Warnung erscheint:

Es sind nicht genügend Informationen zur Überprüfung der Signatur vorhanden.
Signiert am ... von tails@boum.org (Schlüssel-ID: 0x58ACD84F
Die Gültigkeit der Signatur kann nicht überprüft werden.

Dann ist das ISO-Image dennoch im Bezug auf den von Ihnen heruntergeladenen Signaturschlüssel korrekt. Um diese Warnung zu entfernen, müssen Sie den Signaturschlüssel durch das OpenPGP Web of Trust authentifizieren.

Unter macOS mit GPGTools

  1. Öffnen Sie den Finder und navigieren Sie zu dem Ordner, in dem Sie das ISO-Image und die Signatur gespeichert haben.
  2. Rechtsklicken Sie auf das ISO-Image und wählen Sie DiensteOpenPGP: Verify Signature of File.

In Tails

  1. Öffnen Sie den Dateibrowser und navigieren Sie zu dem Ordner, in dem Sie das ISO-Image und die Signatur gespeichert haben.
  2. Rechtsklicken Sie auf die Signatur und wählen Sie Mit Signatur-Datei überprüfen öffnen.
  3. Die Verifizierung des ISO-Image startet automatisch:

  4. After the verification finishes, you should see a notification that the signature is good:

    Verify that the date of the signature is at most five days earlier than the latest version: 2018-10-23.

Mithilfe der Kommandozeile

  1. Öffnen Sie ein Terminal und navigieren Sie zu dem Ordner, in dem Sie das ISO-Image und die Signatur gespeichert haben.
  2. Führen Sie aus:

    gpg --no-options --keyid-format 0xlong --verify tails-amd64-3.10.1.iso.sig tails-amd64-3.10.1.iso

    Die Ausgabe des Befehls sollte folgende sein:

    gpg: Signature made Tue Oct 23 22:43:45 2018 UTC
    gpg:                using RSA key FE029CB4AAD4788E1D7828E8A8B0F4E45B1B50E2
    gpg: Good signature from "Tails developers (offline long-term identity key) <tails@boum.org>" [unknown]
    gpg:                 aka "Tails developers <tails@boum.org>" [unknown]

    Verify that the date of the signature is at most five days earlier than the latest version: 2018-10-23.

    Wenn die Ausgabe auch folgendes enthält:

    gpg: WARNUNG: Dieser Schlüssel trägt keine vertrauenswürdige Signatur!
    gpg: Es gibt keinen Hinweis, daß die Signatur wirklich dem vorgeblichen Besitzer gehört.

    Dann ist das ISO-Image dennoch im Bezug auf den von Ihnen heruntergeladenen Signaturschlüssel korrekt. Um diese Warnung zu entfernen, müssen Sie den Signaturschlüssel durch das OpenPGP Web of Trust authentifizieren.

Authentifizieren Sie den Signaturschlüssel durch das OpenPGP Web of Trust

Authenticating our signing key through the OpenPGP Web of Trust is the only way that you can be protected in case our website is compromised or if you are a victim of a man-in-the-middle attack. However, it is complicated to do and it might not be possible for everyone because it relies on trust relationships between individuals.

Read more about authenticating the Tails signing key through the OpenPGP Web of Trust.

The verification techniques that we present (browser extension, BitTorrent, or OpenPGP verification) all rely on some information being securely downloaded using HTTPS from our website:

  • Die Prüfsumme für die Firefoxerweiterung
  • Die Torrentdatei für BitTorrent
  • The Tails signing key for OpenPGP verification

It is possible that you could download malicious information if our website is compromised or if you are a victim of a man-in-the-middle attack.

OpenPGP verification is the only technique that protects you if our website is compromised or if you are a victim of a man-in-the-middle attack. But, for that you need to authenticate the Tails signing key through the OpenPGP Web of Trust.

If you are verifying an ISO image from inside Tails, for example, to do a manual upgrade, then you already have the Tails signing key. You can trust this signing key as much as you already trust your Tails installation since this signing key is included in your Tails installation.

One of the inherent problems of standard HTTPS is that the trust put in a website is defined by certificate authorities: a hierarchical and closed set of companies and governmental institutions approved by your web browser vendor. This model of trust has long been criticized and proved several times to be vulnerable to attacks as explained on our warning page.

Stattdessen glauben wir, dass den Nutzenden bezüglich dem Vertrauen zu einer Webseite die letztendliche Entscheidung überlassen werden sollte und dass das Herstellen von Vertrauen auf der Basis von menschlicher Interaktion geschehen sollte.

The OpenPGP Web of Trust is a decentralized trust model based on OpenPGP keys that can help with solving this problem. Let's see this with an example:

  1. You are friends with Alice and you really trust her way of making sure that OpenPGP keys actually belong to their owners.
  2. Alice met Bob, a Tails developer, in a conference and certified Bob's key as actually belonging to Bob.
  3. Bob is a Tails developer who directly owns the Tails signing key. So, Bob has certified the Tails signing key as actually belonging to Tails.

In this scenario, you found, through Alice and Bob, a path to trust the Tails signing key without the need to rely on certificate authorities.

If you are on Debian, Ubuntu, or Linux Mint, you can install the debian-keyring package which contains the OpenPGP keys of all Debian developers. Some Debian developers have certified the Tails signing key and you can use these certifications to build a trust path. This technique is explained in detail in our instructions on installing Tails from Debian, Ubuntu, or Linux Mint using the command line.

Dieses Vertrauensmodell ist auch nicht perfekt und benötigt sowohl Vorsicht als auch intelligente Kontrolle durch Nutzende. Die technischen Details übersteigen den Umfang dieses Dokuments.

Since the Web of Trust is based on actual human relationships and real-life interactions, it is best to get in touch with people knowledgeable about OpenPGP and build trust relationships in order to find your own trust path to the Tails signing key.

Sie könnten damit beginnen, indem Sie mit einer lokalen Linux User Group oder anderen Enthusiasten von Tails in Ihrer Umgebung in Kontakt treten und sich über deren Methoden bezüglich OpenPGP austauschen.

After you build a trust path, you can certify the Tails signing key by signing it with your own key to get rid of some warnings during the verification process.