This release is an emergency release to fix a critical security vulnerability in Tor Browser.

You should upgrade as soon as possible.

Changes and upgrades

• Update Tor Browser to 8.5.3, which fixes a critical vulnerability in Tor Browser, a sandbox escape, that we couldn't fix in time for 3.14.1.

Fixed problems

For more details, read our changelog.

Known issues

Tails fails to start a second time on some computers (#16389)

On some computers, after installing Tails to a USB stick, Tails starts a first time but fails to start a second time. In some cases, only BIOS (Legacy) was affected and the USB stick was not listed in the Boot Menu.

We partially fix this issue in 3.14.1 but are still investigating it, so if it happens to you, please report your findings by email to tails-testers@boum.org. Mention the model of the computer and the USB stick. This mailing list is archived publicly.

To fix this issue:

1. Reinstall your USB stick using the same installation method.

2. Start Tails for the first time and set up an administration password.

3. Choose Applications ▸ System Tools ▸ Root Terminal to open a Root Terminal.

4. Execute the following command:

   sgdisk --recompute-chs /dev/bilibop

You can also test an experimental image:

1. Download the .img file from our development server.

2. Install it using the same installation methods.

   We don't provide any OpenPGP signature or other verification technique for this test image. Please only use it for testing.

See the list of long-standing issues.

Get Tails 3.14.2

To upgrade your Tails USB stick and keep your persistent storage

• Automatic upgrades are available from 3.13, 3.13.1, 3.13.2, 3.14, and 3.14.1 to 3.14.2.

• If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.

To install Tails on a new USB stick

Follow our installation instructions:

• Install from Windows
• Install from macOS
• Install from Linux

To download only

If you don't need installation or upgrade instructions, you can directly download Tails 3.14.2:

• For USB sticks (USB image)
• For DVDs and virtual machines (ISO image)

What's coming up?

Tails 3.15 is scheduled for July 9.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

This release is an emergency release to fix a critical security vulnerability in Tor Browser.

It also fixes other security vulnerabilities. You should upgrade as soon as possible.

Critical security vulnerabilities in Tor Browser

Fixed arbitrary code execution

This vulnerability is fixed in Tails 3.14.1.

A critical vulnerability was discovered in the JavaScript engine of Firefox and Tor Browser. This vulnerability allowed a malicious website to execute arbitrary code, which means possibly taking over your browser and turning it into a malicious application.

This vulnerability has already been used to target employees of the Coinbase cryptocurrency exchange.

People using the Safer or Safest security level of Tor Browser are not affected because the feature of JavaScript that is affected (the just-in-time compilation) is disabled in these security levels.

Because Tor Browser in Tails is confined using AppArmor, the impact of this vulnerability in Tails is less than in other operating systems. For example, an exploited Tor Browser in Tails could have accessed your files in the Tor Browser and Persistent/Tor Browser folders but not anywhere else.

Unfixed sandbox escape

A security vulnerability was discovered in the sandboxing mechanism of Firefox and Tor Browser. This vulnerability allows a malicious website to bypass some of the confinement built in Firefox, which means possibly spying on the content of other tabs and steal the passwords of other websites.

After Tor Browser has been compromised, the only reliable solution is to restart Tails.

Because Tor Browser in Tails is confined using AppArmor, only the data accessible to Tor Browser might be compromised but not the other applications or your other files. For example, a compromised Tor Browser might access your files in the Tor Browser and Persistent/Tor Browser folders but not anywhere else.

For example, without restarting Tails:

• It is unsafe to:

  • Log in to a website and also visit an untrusted website. Your password on the first website might be stolen by the untrusted website.

  • Visit an untrusted website if you have sensitive information stored in your Persistent/Tor Browser folder. The untrusted website might access these files.

• It is safe to:

  • Visit untrusted websites, without logging in, if you have no sensitive information stored in your Tor Browser and Persistent/Tor Browser folders.

  • Log in to several trusted websites without visiting any untrusted websites.

We might update our analysis or announce an emergency release soon in our security advisory.

Upgrades and changes

• Update Tor Browser to 8.5.2.

• Update Tor to 0.4.0.5.

• Upgrade Thunderbird to 60.7.0.

For more details, read our changelog.

Known issues

Tails fails to start a second time on some computers (#16389)

On some computers, after installing Tails to a USB stick, Tails starts a first time but fails to start a second time. In some cases, only BIOS (Legacy) was affected and the USB stick was not listed in the Boot Menu.

We partially fix this issue in 3.14.1 but are still investigating it, so if it happens to you, please report your findings by email to tails-testers@boum.org. Mention the model of the computer and the USB stick. This mailing list is archived publicly.

To fix this issue:

1. Reinstall your USB stick using the same installation method.

2. Start Tails for the first time and set up an administration password.

3. Choose Applications ▸ System Tools ▸ Root Terminal to open a Root Terminal.

4. Execute the following command:

   sgdisk --recompute-chs /dev/bilibop

You can also test an experimental image:

1. Download the .img file from our development server.

2. Install it using the same installation methods.

   We don't provide any OpenPGP signature or other verification technique for this test image. Please only use it for testing.

See the list of long-standing issues.

Get Tails 3.14.1

To upgrade your Tails USB stick and keep your persistent storage

• Automatic upgrades are available from 3.13, 3.13.1, 3.13.2, and 3.14 to 3.14.1.

• If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.

To install Tails on a new USB stick

Follow our installation instructions:

• Install from Windows
• Install from macOS
• Install from Linux

To download only

If you don't need installation or upgrade instructions, you can directly download Tails 3.14.1:

• For USB sticks (USB image)
• For DVDs and virtual machines (ISO image)

What's coming up?

Tails 3.15 is scheduled for July 9.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Releases

• Tails 3.14 was released on May 21 (bugfix release).

• Tails 3.15 is scheduled for July 9.

The following changes were introduced in Tails 3.14:

• Enable all available mitigations for the MDS (Microarchitectural Data Sampling) attacks and disable SMT (simultaneous multithreading) on all vulnerable processors to fix the RIDL, Fallout and ZombieLoad security vulnerabilities.

• Remove the following applications:

  • Desktop applications

    • Gobby
    • Pitivi
    • Traverso

  • Command-line tools

    • hopenpgp-tools
    • keyringer
    • monkeysign
    • monkeysphere
    • msva-perl
    • paperkey
    • pwgen
    • ssss
    • pdf-redact-tools

  You can install these applications again using the Additional Software feature.

  Thanks to the removal of these less popular applications in 3.14 and the removal of some language packs in 3.13.2, Tails 3.14 is 39 MB smaller than 3.13.

• Add back the OpenPGP Applet and Pidgin notification icons to the top navigation bar.

• Fix NoScript being deactivated when restarting Tor Browser.

  NoScript is removed from the set of icons displayed by default in Tor Browser. This is how Tor Browers looks in Tails 3.14.

  To see the list of add-ons that are enabled, choose  ▸ Add-ons.

Code

• We spent lots of time dealing with the Firefox add-ons fiasco, also known as "armagadd-on 2.0". #16694

• Finally, most of our patches improving the security of Thunderbird's email configuration wizard were merged and will be part of Thunderbird 68, that is: they'll be shipped not just in Tails, but to all Thunderbird users on any operating system! #6156

• We sent out a new call to test a fix for the issue in which 16389: Some USB sticks become unbootable in legacy BIOS mode after first boot. We received a few conclusive test results.

• We tested Onionshare 2.0 in Tails and decided to ship it in 4.0. #14649

Documentation and website

• We explained better what are captive portals.

• We documented how to install additional language packs and dictionaries.

• We replaced the PNG of the pie chart that we have on "How we spend our money" with pure SVG code, directly in the HTML. It makes it lighter to download, more accessible and much easier to update and translate.

Hot topics on our help desk

The first two weeks, before the release of Tails 3.14, we had users reporting

1. #16608: Disable the topIcons GNOME Shell extension
2. #16447: Regression on some Intel GPU (Braswell, Kaby Lake)

Then, after the release, the changes on Tor Browser made many users report to us

1. #16746: document the disappearence of NoScript and HTTPSEverywhere icons from Tor Browser's toolbar
2. #16762: Document why NoScript last update is january 2000
3. #16727: Update doc to Tor Browser 8.5

Infrastructure

• We finished benchmarking the prototype node for our next-generation CI hardware. (#15501)

Funding

• We completed our work to ship Tails as a USB image which simplifies the installation on macOS and Windows. This work was supported through a grant from The ISC Project.

• We published an analysis of our 2018 donation campaign.

• We wrote a thank you email to everybody who donated in 2018.

• We added a permanent incentive to donate on the homepage of Tor Browser in Tails. It's only displayed 10% of the time.

• We got sponsored by The Best VPN. Thank you for your generous donation!

• We published our income statement for 2018.

Outreach

Past events

• Jesús Marín García presented 2 workshops about Tails in May in the Comunidad Valenciana, Spain:

  • On May 4 at Hack and Beers in Castellón de la Plana
  • On May 11 at VLCTechFest in Valencia

Upcoming events

• Ulrike and sajolida will be at the Tor meeting on July 11-14 in Stockholm, Sweden.

• intrigeri, lamby and nodens will attend DebConf19

On-going discussions

• We followed up on the conversation regarding the future of Electrum in Tails.

Translations

All the website

• de: 44% (2533) strings translated, 9% strings fuzzy, 42% words translated
• es: 50% (2867) strings translated, 6% strings fuzzy, 43% words translated
• fa: 31% (1778) strings translated, 11% strings fuzzy, 33% words translated
• fr: 91% (5228) strings translated, 2% strings fuzzy, 92% words translated
• it: 32% (1872) strings translated, 7% strings fuzzy, 29% words translated
• pt: 25% (1435) strings translated, 9% strings fuzzy, 21% words translated

Total original words: 60511

Core pages of the website

• de: 68% (1225) strings translated, 13% strings fuzzy, 71% words translated
• es: 78% (1387) strings translated, 11% strings fuzzy, 79% words translated
• fa: 33% (605) strings translated, 13% strings fuzzy, 32% words translated
• fr: 97% (1735) strings translated, 2% strings fuzzy, 97% words translated
• it: 61% (1093) strings translated, 17% strings fuzzy, 63% words translated
• pt: 44% (789) strings translated, 14% strings fuzzy, 47% words translated

Metrics

• Tails has been started more than 791 323 times this month. This makes 25 527 boots a day on average.
• 9 697 downloads of the OpenPGP signature of a Tails USB image or ISO from our website.

How do we know this?

This release fixes many security vulnerabilities. You should upgrade as soon as possible.

Changes

Upgrades and changes

• Update Linux to 4.19.37 and most firmware packages. This should improve the support for newer hardware (graphics, Wi-Fi, etc.).

• Enable all available mitigations for the MDS (Microarchitectural Data Sampling) attacks and disable SMT (simultaneous multithreading) on all vulnerable processors to fix the RIDL, Fallout and ZombieLoad security vulnerabilities.

• Update Tor Browser to 8.5.

• Remove the following applications:

  • Desktop applications

    • Gobby
    • Pitivi
    • Traverso

  • Command-line tools

    • hopenpgp-tools
    • keyringer
    • monkeysign
    • monkeysphere
    • msva-perl
    • paperkey
    • pwgen
    • ssss
    • pdf-redact-tools

  You can install these applications again using the Additional Software feature.

  Thanks to the removal of these less popular applications in 3.14 and the removal of some language packs in 3.13.2, Tails 3.14 is 39 MB smaller than 3.13.

Fixed problems

• Add back the OpenPGP Applet and Pidgin notification icons to the top navigation bar.

  

• Fix NoScript being deactivated when restarting Tor Browser.

  NoScript is removed from the set of icons displayed by default in Tor Browser. This is how Tor Browers looks in Tails 3.14.

  

  To see the list of add-ons that are enabled, choose  ▸ Add-ons.

For more details, read our changelog.

Known issues

Tails fails to start a second time on some computers (#16389)

On some computers, after installing Tails to a USB stick, Tails starts a first time but fails to start a second time. In some cases, only BIOS (Legacy) was affected and the USB stick was not listed in the Boot Menu.

We are still investigating the issue, so if it happens to you, please report your findings by email to tails-testers@boum.org. Mention the model of the computer and the USB stick. This mailing list is archived publicly.

To fix this issue:

1. Reinstall your USB stick using the same installation method.

2. Start Tails for the first time and set up an administration password.

3. Choose Applications ▸ System Tools ▸ Root Terminal to open a Root Terminal.

4. Execute the following command:

   sgdisk --recompute-chs /dev/bilibop

You can also test an experimental image:

1. Download the .img file from our development server.

2. Install it using the same installation methods.

   We don't provide any OpenPGP signature or other verification technique for this test image. Please only use it for testing.

See the list of long-standing issues.

Get Tails 3.14

To upgrade your Tails USB stick and keep your persistent storage

• Automatic upgrades are available from 3.12, 3.12.1, 3.13, 3.13.1, and 3.13.2 to 3.14.

• If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.

To install Tails on a new USB stick

Follow our installation instructions:

• Install from Windows
• Install from macOS
• Install from Linux

To download only

If you don't need installation or upgrade instructions, you can directly download Tails 3.14:

• For USB sticks (USB image)
• For DVDs and virtual machines (ISO image)

What's coming up?

Tails 3.15 is scheduled for July 9.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Releases

• Tails 3.14 is scheduled for May 21.

Code

• The Foundations Team met for a sprint focused on porting Tails to Debian 10 (Buster): report, next steps.
• We finalized our criteria for including dictionaries, fonts and language packs, which will be reflected in Tails 3.14.
• We prototyped a USB image with Secure Boot support and GRUB, in order to better understand what implementation difficulties we should expect.
• We submitted to ikiwiki upstream a branch that makes it keep PO files up-to-date for a set of languages that are not ready to be enabled and visible on the live website yet. This will allow us to merge into our main Git repository changes made via our upcoming Weblate-based translation platform, which supports languages whose work-in-progress translation is not ready for prime-time yet.
• We uploaded to Debian a few fixes for regressions in the GNOME on-screen keyboard.

Hot topics on our help desk

1. Some users reported loosing the access to their persistent volume (#10976)
2. A few reported the "USB stick becomes unbootable boot after first boot" issue
   (#16389)
3. Some issues caused by partially applied incremental upgrades (#14754)

Infrastructure

• The Foundations Team started experimenting with GitLab for merge requests.
• We started looking into how GitLab could work for our issues tracking and drafted a rough plan.

Funding

• We started working on a proposal for Mozilla Open Source Support Awards.

Outreach

Past events

• sajolida, moire, and emmapeel were at the Internet Freedom Festival on April 1–5 in Valencia, Spain.

  There, sajolida presented a workshop on Creating usable tools from day one with paper prototyping.

• carlosm2 held 2 workshops about Tails in Mexico:

  • On April 13 at the Colima Hacklab
  • On April 25 at UNAM, Ciudad de Mexico

• There was a Tails workshop on April 27 in Vienna as part of the Anarchist Black Cross festival

Upcoming events

• Jesús Marín García will present 2 workshops about Tails in May in the Comunidad Valenciana, Spain:

  • On May 4 at Hack and Beers in Castellón de la Plana
  • On May 11 at VLCTechFest in Valencia

On-going discussions

• We studied and narrowed down our options regarding the future of Electrum in Tails. It seems there will be a way forward, although it's unclear at this point how much effort it will require from us.

Translations

All the website

• de: 46% (2619) strings translated, 8% strings fuzzy, 43% words translated
• es: 53% (3010) strings translated, 4% strings fuzzy, 44% words translated
• fa: 33% (1875) strings translated, 10% strings fuzzy, 34% words translated
• fr: 93% (5259) strings translated, 1% strings fuzzy, 93% words translated
• it: 34% (1939) strings translated, 6% strings fuzzy, 30% words translated
• pt: 27% (1513) strings translated, 8% strings fuzzy, 22% words translated

Total original words: 60175

Core pages of the website

• de: 70% (1248) strings translated, 12% strings fuzzy, 73% words translated
• es: 80% (1412) strings translated, 10% strings fuzzy, 81% words translated
• fa: 34% (615) strings translated, 13% strings fuzzy, 33% words translated
• fr: 98% (1753) strings translated, 1% strings fuzzy, 99% words translated
• it: 62% (1107) strings translated, 17% strings fuzzy, 65% words translated
• pt: 44% (794) strings translated, 14% strings fuzzy, 48% words translated

Total original words: 1650

Metrics

• Tails has been started more than 733 234 times this month. This makes 24 441 boots a day on average.
• 7 336 downloads of the OpenPGP signature of a Tails USB image or ISO from our website.

How do we know this?

This release is an emergency release to fix a critical security vulnerability in Tor Browser.

It also fixes other security vulnerabilities. You should upgrade as soon as possible.

Changes

Fixed NoScript activation in Tor Browser

Starting from Friday May 3, a problem in Firefox and Tor Browser disabled all add-ons. This release reactivates all add-ons in Tor Browser, especially NoScript which is used to:

• Strengthen Tor Browser against some JavaScript attacks that can lead to compromised accounts and credentials on websites.

• Enable or disable JavaScript on some websites using the NoScript interface, if you use it.

Reactivate NoScript without restarting Tails

If NoScript is activated, the NoScript icon appears in the top-right corner and Tor Browser is safe:

If NoScript is deactivated, the NoScript icon is absent from the top-right corner and Tor Browser is unsafe:

To reactivate NoScript without restarting Tails, do the following:

1. Open the address about:config in Tor Browser.

   

2. Click the I accept the risk! button.

3. At the top of the page, search for xpinstall.signatures.required.

4. Double-click on the xpinstall.signatures.required line in the results to set its value to false.

5. Verify that NoScript is activated again.

   

Other upgrades and changes

• Remove the OpenPGP Applet and Pidgin notification icons from the top navigation bar.

  

  You can still access the OpenPGP Applet and Pidgin notification icons from the system tray in the bottom-left corner of the screen.

  To display the system tray, move your mouse to the thin gray line in the bottom-left of the screen, above the window list:

  

  To move these icons back to the top navigation bar, execute the following command in a Terminal:

  gnome-shell-extension-tool --enable-extension=TopIcons@phocean.net

  Until now, these icons were displayed in the top navigation bar by the TopIcons GNOME extension. This extension is unmaintained, causes GNOME to crash (#11188), and will not work in Tails 5.0 based on Debian 11 (Bullseye).

• Install localization packages only for the following languages:

  • Arabic
  • English
  • Farsi
  • French
  • German
  • Hindi
  • Indonesian
  • Italian
  • Portuguese
  • Russian
  • Simplified Chinese
  • Spanish
  • Turkish

  You can install localization packages for other languages using the Additional Software feature.

  Localization packages include:

  • Thunderbird localization: packages thunderbird-l10n-lang
  • LibreOffice localization: packages libreoffice-l10n-lang
  • Spell-checking dictionaries: packages hunspell-lang

  Where lang is the code for your language. For example, es for Spanish.

• Add a suspend button to the system menu.

  

• Add suspend, restart, and shutdown buttons to the system menu when the screen is locked.

  

• Replace all non-Latin fonts with the Noto fonts family.

• Update Debian to 9.9.

• Update Thunderbird to 60.6.1.

Fixed problems

• Fix the automatic configuration of new email accounts in Thunderbird. (#16573)

• Prevent Tails from shutting down when waking up from suspend on some computers. (#11729)

• Fix the import of the Tails signing key in the Passwords and Keys utility. (##15213)

• Don't show notifications about TailsData when configuring a persistent volume. (#16632)

  

For more details, read our changelog.

Known issues

NoScript is deactivated when restarting Tor Browser

See how to reactivate NoScript without restarting Tails above.

Tails fails to start a second time on some computers (#16389)

On some computers, after installing Tails to a USB stick, Tails starts a first time but fails to start a second time. In some cases, only BIOS (Legacy) was affected and the USB stick was not listed in the Boot Menu.

We are still investigating the issue, so if it happens to you, please report your findings by email to tails-testers@boum.org. Mention the model of the computer and the USB stick. This mailing list is archived publicly.

To fix this issue:

1. Reinstall your USB stick using the same installation method.

2. Start Tails for the first time and set up an administration password.

3. Choose Applications ▸ System Tools ▸ Root Terminal to open a Root Terminal.

4. Execute the following command:

   sgdisk --recompute-chs /dev/bilibop

You can also test an experimental image:

1. Download the .img file from our development server.

2. Install it using the same installation methods.

   We don't provide any OpenPGP signature or other verification technique for this test image. Please only use it for testing.

See the list of long-standing issues.

Get Tails 3.13.2

To upgrade your Tails USB stick and keep your persistent storage

• Automatic upgrades are available from 3.12, 3.12.1, 3.13, and 3.13.1 to 3.13.2.

• If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.

To install Tails on a new USB stick

Follow our installation instructions:

• Install from Windows
• Install from macOS
• Install from Linux

To download only

If you don't need installation or upgrade instructions, you can directly download Tails 3.13.2:

• For USB sticks (USB image)
• For DVDs and virtual machines (ISO image)

What's coming up?

Tails 3.14 is scheduled for May 14.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Releases

• Tails 3.13 was released on March 19.

• Tails 3.14 is scheduled for May 14.

The following changes were introduced in Tails 3.13:

• Add support for the Bopomofo input method for Chinese using the Chewing library and improve support for the Pinyin input method. (#11292)

• Save a backup of the configuration of the persistent storage every time it is modified. (#16461)

  This will help us understand and solve why sometimes all the settings of the persistent storage disappear. (#10976)

• Prevent Additional Software from downloading packages that are already saved in the persistent storage. (#15957)

• Fix the localization of Tor Launcher, the application to configure a Tor bridge or a local proxy. (#16338)

• Fix accessibility when opening Tor Browser from a desktop notification. (#16475)

• Fix WhisperBack crashing when additional APT repositories is configured. (#16563)

Code

• We agreed on a list of languages that we want to support out-of-the-box in Tails and started implementing it. The Additional Software feature will make it possible for other users to add their favorite dictionaries and language packs while making our USB image a bit smaller for everybody. (#15807, #16095, #9956)

• We identified another possible cause for partially applied automatic upgrades. (#16603)

• We coordinated with the Tor Browser team regarding their upcoming 8.5 major release and its implications for Tails.

• We continued deprecating Tails Installer from Debian and Ubuntu.

Documentation and website

• We improved how installation and upgrade instructions are linked from our release notes and download pages. (#16470)

• We documented how to run Tails from a USB image in virt-manager, which is the only virtualization solution that allows to use a persistent volume in a virtual machine.

User experience

• We drafted how to explain Tails in a new homepage and about page and tested it with 5 people with the help from Simply Secure. (#16536)

• We analyzed the success metrics of Additional Software and the integration of VeraCrypt:

  • Both features probably participated in getting our boot stats to increase again (20% more since September 2019).
  • Both features didn't change much the tech-savviness of our user base.
  • The number of people who use VeraCrypt in Tails almost doubled.

  Results are good but we expected more. We need to improve how we let the world know about new features.

• We analyzed the success metrics for USB images:

  • The percentage of people using Tails from macOS at least doubled since 3.12.
  • USB images account for 76% of our downloads and our download buttons are hit 3970 times a day on average.

• We created a new version of our logo that can be used with or without tagline. (#14835)

  

• We documented Kazam instead of recordMyDesktop to record screencasts when doing usability testing because it is more reliable.

Hot topics on our help desk

1. Partially applied incremental upgrades cause all kinds of trouble (#14754)

2. persistence.conf lost, recoverable by reconfiguring (#10976)

Infrastructure

• We started making plans to migrate to GitLab.

• We interviewed 2 candidates for our open sysadmin position.

• We made good progress on switching to better maintained Puppet modules. (#15510)

• We worked on the software configuration of the prototype node for our next-generation CI hardware. (#15501)

• We fixed our LimeSurvey security updates monitoring system. (#15466)

• We stopped having public monthly meetings in favor of internal stand-up meetings.

Funding

• We documented how to donate in cash.

• We explained on our donation page why we don't accept donations in more cryptocurrencies.

• We updated the statistics on how we spend our money.

Outreach

Past events

• 2 of us attended a Debian Bug Squashing Party in Paris on March 30–31.

On-going discussions

• We started a discussion about possible security implications that would arise from shipping the code of the Verification Extension in our website instead.

Translations

All the website

• de: 45% (2832) strings translated, 7% strings fuzzy, 41% words translated
• es: 50% (3138) strings translated, 4% strings fuzzy, 42% words translated
• fa: 32% (1982) strings translated, 10% strings fuzzy, 33% words translated
• fr: 88% (5478) strings translated, 1% strings fuzzy, 87% words translated
• it: 31% (1970) strings translated, 5% strings fuzzy, 28% words translated
• pt: 25% (1553) strings translated, 7% strings fuzzy, 21% words translated

Total original words: 65408

Core pages of the website

• de: 71% (1252) strings translated, 12% strings fuzzy, 74% words translated
• es: 80% (1417) strings translated, 9% strings fuzzy, 82% words translated
• fa: 34% (615) strings translated, 13% strings fuzzy, 33% words translated
• fr: 96% (1712) strings translated, 1% strings fuzzy, 97% words translated
• it: 63% (1112) strings translated, 17% strings fuzzy, 65% words translated
• pt: 45% (798) strings translated, 13% strings fuzzy, 48% words translated

Total original words: 16439

Metrics

• Tails has been started more than 809 770 times in March. This makes 26 121 boots a day on average.
• 9 970 downloads of the OpenPGP signature of a Tails USB image or ISO from our website.
• 73 bug reports were received through WhisperBack.

How do we know this?

This release is an emergency release to fix a critical security vulnerability in Tor Browser.

It also fixes other security vulnerabilities. You should upgrade as soon as possible.

Changes

New features

Upgrades and changes

• Update Tor Browser to 8.0.8.

For more details, read our changelog.

Known issues

Electrum is outdated and cannot connect to servers

Electrum in Tails cannot connect anymore to Electrum servers.

The version of Electrum in Tails is vulnerable to a phishing attack that tricks people in updating to a malicious version of Electrum which is not distributed from the official Electrum website.

You are safe unless you try to do the malicious update manually.

To prevent this phishing attack, all trustworthy Electrum servers now prevent older versions from connecting to them.

Unfortunately, newer versions of Electrum are not available in Debian and cannot be integrated easily in Tails. Given the lack of maintenance of Electrum in Debian, we are still assessing what is best to do in Tails.

Until then, your wallet is not lost and you can restore it from its seed using an up-to-date version of Electrum outside of Tails.

Tails fails to start a second time on some computers (#16389)

On some computers, after installing Tails to a USB stick, Tails starts a first time but fails to start a second time. In some cases, only BIOS (Legacy) was affected and the USB stick was not listed in the Boot Menu.

We are still investigating the issue, so if it happens to you, please report your findings by email to tails-testers@boum.org. Mention the model of the computer and the USB stick. This mailing list is archived publicly.

To fix this issue:

1. Reinstall your USB stick using the same installation method.

2. Start Tails for the first time and set up an administration password.

3. Choose Applications ▸ System Tools ▸ Root Terminal to open a Root Terminal.

4. Execute the following command:

   sgdisk --recompute-chs /dev/bilibop

You can also test an experimental image:

1. Download the .img file from our development server.

2. Install it using the same installation methods.

   We don't provide any OpenPGP signature or other verification technique for this test image. Please only use it for testing.

See the list of long-standing issues.

Get Tails 3.13.1

To upgrade your Tails USB stick and keep your persistent storage

• Automatic upgrades are available from 3.12, 3.12.1, and 3.13 to 3.13.1.

• If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.

To install Tails on a new USB stick

Follow our installation instructions:

• Install from Windows
• Install from macOS
• Install from Linux

To download only

If you don't need installation or upgrade instructions, you can directly download Tails 3.13.1:

• For USB sticks (USB image)
• For DVDs and virtual machines (ISO image)

What's coming up?

Tails 3.14 is scheduled for May 14.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

This release fixes many security vulnerabilities. You should upgrade as soon as possible.

Changes

Upgrades and changes

• Add support for the Bopomofo input method for Chinese using the Chewing library and improve support for the Pinyin input method. (#11292)

  

  If you still have problems typing in Bopomofo or Pinyin, please let us know on tails-testers@boum.org (public mailing list) or tails-bugs@boum.org (private email).

• Save a backup of the configuration of the persistent storage every time it is modified. (#16461)

  This will help us understand and solve why sometimes all the settings of the persistent storage disappear. (#10976)

• Update Tor Browser to 8.0.7.

• Update Tor to 0.3.5.8.

• Update Thunderbird to 65.1.0.

• Update Linux to 4.19.28.

• Update the Intel microcode to 3.20180807a.2, which fixes more variants of the Spectre, Meltdown, and Level 1 Terminal Fault (L1TF) vulnerabilities.

Fixed problems

• Prevent Additional Software from downloading packages that are already saved in the persistent storage. (#15957)

• Fix the localization of Tor Launcher, the application to configure a Tor bridge or a local proxy. (#16338)

• Fix accessibility when opening Tor Browser from a desktop notification. (#16475)

• Fix WhisperBack crashing when additional APT repositories is configured. (#16563)

For more details, read our changelog.

Known issues

Electrum is outdated and cannot connect to servers

Electrum in Tails cannot connect anymore to Electrum servers.

The version of Electrum in Tails is vulnerable to a phishing attack that tricks people in updating to a malicious version of Electrum which is not distributed from the official Electrum website.

You are safe unless you try to do the malicious update manually.

To prevent this phishing attack, all trustworthy Electrum servers now prevent older versions from connecting to them.

Unfortunately, newer versions of Electrum are not available in Debian and cannot be integrated easily in Tails. Given the lack of maintenance of Electrum in Debian, we are still assessing what is best to do in Tails.

Until then, your wallet is not lost and you can restore it from its seed using an up-to-date version of Electrum outside of Tails.

Tails fails to start a second time on some computers (#16389)

On some computers, after installing Tails to a USB stick, Tails starts a first time but fails to start a second time. In some cases, only BIOS (Legacy) was affected and the USB stick was not listed in the Boot Menu.

We are still investigating the issue, so if it happens to you, please report your findings by email to tails-testers@boum.org. Mention the model of the computer and the USB stick. This mailing list is archived publicly.

To fix this issue:

1. Reinstall your USB stick using the same installation method.

2. Start Tails for the first time and set up an administration password.

3. Choose Applications ▸ System Tools ▸ Root Terminal to open a Root Terminal.

4. Execute the following command:

   sgdisk --recompute-chs /dev/bilibop

You can also test an experimental image:

1. Download the .img file from our development server.

2. Install it using the same installation methods.

   We don't provide any OpenPGP signature or other verification technique for this test image. Please only use it for testing.

See the list of long-standing issues.

Get Tails 3.13

To upgrade your Tails USB stick and keep your persistent storage

• Automatic upgrades are available from 3.11, 3.12~rc1, 3.12, and 3.12.1 to 3.13.

• If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.

To install Tails on a new USB stick

Follow our installation instructions:

• Install from Windows
• Install from macOS
• Install from Linux

To download only

If you don't need installation or upgrade instructions, you can directly download Tails 3.13:

• For USB sticks (USB image)
• For DVDs and virtual machines (ISO image)

What's coming up?

Tails 3.14 is scheduled for May 14.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Here is a summary of what happened in Tails land in February, 2019.

This month has seen the highest number of Tails boots per day ever: 27% more than a year ago! This is motivating: it confirms that Tails is useful and relevant.

Releases

• Tails 3.12.1 was released on February 13. A critical vulnerability in the Skia library, used by Firefox and Chrome to render graphics, prompted this emergency release.

• Tails 3.13 is scheduled for March 19.

Code

• We have coordinated with the Tor Browser team wrt. the scope and timeline of upcoming big changes that will impact our work.

• We have implemented a potential fix and a mitigation measure for a longstanding bug: persistence.conf sometimes becomes empty. #10976, #16461

• We have prepared a number of updates for Tails 3.13:

  • Debian Stretch 9.8 (#16462), merged
  • Linux 4.19.20 (#16458), merged
  • Tor 0.3.5 (#16348), in progress

• We released new versions of the verification extension to fix usability and security issues:

  • Download page is not refreshed when verification extension is installed (##16078)
  • Verification extension should not be detectable as per Sjösten, and al. (#14787)
  • Updated to Forge 0.8.0.

Documentation and website

• We improved the known issue about clock going backwards (#15599).

User experience

• We published 3 personas that describe the target audience of Tails. Discover:

  • 

    Riou, The Censorship Evader

  • 

    Cris, The Information Gatherer

  • 

    Kim, The Surveilled at Home

• We contracted visual artists to work on a video to explain how to start Tails (and use the boot menu key). (#10649)

• We analyzed why some people are wiping their persistence while upgrading with USB images. (#16470)

• We investigated outgoing network connections initiated by Etcher and researched how to solve the privacy concerns we have with them. #16381

Hot topics on our help desk

1. Electrum users are complaining about the fact that it may need to be upgraded. (#16421)

2. Some people are affected by a regression with some Intel graphics cards (Braswell, Kaby Lake). #16447

3. Partially applied automatic upgrades still cause trouble to some users. #14754

Infrastructure

• We took one more step towards making our CI feedback loop shorter: we've ordered sample candidate hardware. Next step is to benchmark it. #15501
• The sysadmin team met a few times to update our plans for next year.
• We've helped upstream a solution to the dreaded ikiwiki PO vs. inlines bug. #6907
• As part of our effort to migrate to better maintained Puppet modules, we've switched to the puppetlabs/mysql module. #15513
• We fixed the remaining known regressions that were introduced where we migrated our website from Apache to nginx: #16220, #16259.
• We started discussing our strategy and timeline towards migrating to GitLab. #15878

Funding

• The 2 applications that we submitted to the NLnet NGI Zero PET project got rejected.

Outreach

Past events

• emmapeel and sajolida attended FOSDEM in Brussels.

Upcoming events

• Estrella Soria will organize a Tails workshop at the Cyborgrrrls technofeminist gathering on Thursday March 14 in MedialabMX, Ciudad de México.

• sajolida and emmapeel will be at the Internet Freedom Festival on April 1–5 in Valencia, Spain.

  sajolida will hold there a workshop on Creating usable tools from day one with paper prototyping.

Press and testimonials

• schabenstolz explains how to hide a Tails USB stick inside a ThinkPad X230 and connect it to an invisible switch to start on either the hard disk or the internal Tails USB stick.

Translations

All the website

• de: 47% (2634) strings translated, 8% strings fuzzy, 43% words translated
• es: 54% (3015) strings translated, 4% strings fuzzy, 45% words translated
• fa: 34% (1876) strings translated, 11% strings fuzzy, 35% words translated
• fr: 93% (5176) strings translated, 1% strings fuzzy, 93% words translated
• it: 35% (1939) strings translated, 6% strings fuzzy, 30% words translated
• pt: 27% (1516) strings translated, 8% strings fuzzy, 23% words translated

Total original words: 59517

Core pages of the website

• de: 71% (1248) strings translated, 12% strings fuzzy, 73% words translated
• es: 80% (1412) strings translated, 9% strings fuzzy, 81% words translated
• fa: 34% (615) strings translated, 13% strings fuzzy, 33% words translated
• fr: 98% (1745) strings translated, 1% strings fuzzy, 99% words translated
• it: 63% (1107) strings translated, 17% strings fuzzy, 65% words translated
• pt: 45% (794) strings translated, 14% strings fuzzy, 48% words translated

Total original words: 16467

Metrics

• Tails has been started more than 725 034 times this month. This makes 25 894 boots a day on average, which is an all time record :)
• 10 065 downloads of the OpenPGP signature of a Tails USB image or ISO from our website.
• 71 bug reports were received through WhisperBack.

How do we know this?