If you want to help Tails, UEFI support is ready for testing!

Even if you don't have access to UEFI hardware, and Tails already works fine for you, it is useful that you make sure that these changes do not break anything you care about.

UEFI support allows you to start Tails using a USB stick on recent hardware, and especially on Mac. It enables you to use great features such as persistence and automatic upgrades.

Please see if it works for you:

• If you have previously had problems starting Tails on your hardware, using a USB stick created with Tails Installer: a new Tails with UEFI support may fix these problems.

• If you are used to starting Tails using a USB stick created with Tails Installer: make sure that UEFI support does not break things for you.

How to try UEFI support?

These instructions allow you to try an experimental version of Tails with UEFI support. Use it only for testing.

To follow these instructions, you will need two boot devices compatible with Tails: either a DVD and a USB stick, or two USB sticks.

Follow these steps exactly. Do not try to upgrade an existing Tails USB stick.

1. Download the latest test ISO.

2. Use any officially supported way to install the experimental ISO image to first device, that we will call Alpha, that can be a DVD or a USB stick. At this point, device Alpha does not support UEFI.

3. Start Tails from device Alpha, on a computer that starts fine with the latest official version of Tails.

4. Take detailed notes about how this boot goes.

5. Clone & Install device Alpha onto another USB stick with Tails Installer. We will call this second device Beta, and it supports UEFI.

6. Get the computer you are really interested in using with Tails. It may start fine with the latest official version of Tails, or not.

7. Make sure this computer is configured to start with legacy BIOS and not only UEFI. Try any of the following options if available:

   • Enable Legacy mode
   • Disable Secure boot
   • Enable CSM boot
   • Disable UEFI

8. Start Tails from the USB stick Beta on this computer.

9. Take detailed notes about how this boot goes. If it fails, proceed to the next test:

10. Start Tails from the USB stick Beta in UEFI mode, again on the same computer:

    • On a Mac: plug the USB stick, press the power button, immediately press the Alt key until a boot menu appears, and then choose the entry that reads Boot EFI and looks like a USB stick.
    • On a PC: look first into the boot menu; if nothing reads EFI in there, look in the BIOS settings, and try any of the following options if available: Disable Legacy mode, Disable CSM boot, and Enable UEFI.

11. Take detailed notes about how this boot goes.

12. Report your results to us, as documented below.

Reporting success and failure

We are interested both in your success and failure reports. The exact information we need in a report depends on whether you are reporting success or failure.

Reporting success

From Tails started in UEFI mode, please send us a report with WhisperBack. Include your testing notes, and the answer to the following questions:

1. What is the number of the step you are reporting about?
2. What is the filename of the ISO you have been testing?
3. How exactly did you prepare the boot device?
4. What exact steps did you follow to start Tails from this device?

Reporting failure

If you find a computer that cannot start with an experimental version of Tails that supports UEFI, please first check if the problem you are experiencing is already known. If it is, then you do not need to send us a report. If not, read on.

Include the answer to the following questions:

1. What is the number of the step you are reporting about?
2. What is the filename of the ISO you have been testing?
3. How exactly did you prepare this boot device?
4. What exact steps did you follow to start Tails from this device?
5. What is the brand and model of the computer your have been testing on?
6. What is the type, brand, and model of this boot device?
7. What exactly happens when you tried to start Tails from this device?

Please also consider trying what follows, and including the results in your report:

1. Try to reproduce the problem with the latest official version of Tails, installed in the same way, on the same hardware.
2. Try to reproduce the problem with an experimental ISO built from the devel branch, installed in the same way, on the same hardware.

In any case, please email your report to intrigeri@boum.org. You may encrypt it with OpenPGP to:

pub   4096R/0xBACE15D2A57498FF 2009-09-13 [expires: 2014-09-12]
      Key fingerprint = 1152 BF13 6B7A 1B1C 49FC  A659 BACE 15D2 A574 98FF
uid                            intrigeri <intrigeri@boum.org>
sub   4096R/0x4F5C654A93F976C9 2009-09-13 [expires: 2014-09-12]

Known issues

Known issues of UEFI support are listed:

• as subtasks of ticket #5739 in Redmine
• on the blueprint

Our logo contest ended up a few days ago. Since then, 11 regular Tails contributors voted on the 36 proposals.

Winner

The winning proposal is the one by Tchou.

We commented on the initial version and we already came up with an improved version:

Congratulations!

In the coming days we will keep on fine-tuning it and integrating it in time for Tails 1.0. So don't hesitate to comment on it.

Top 7

Six other great proposals made it to the top 7:

• 2nd: tie between Andrew and Joe
• 4th: tie between Jared and Renato
• 6th: tie between MewChan, hiding cat and Christopher

This PDF shows a graph of how many voters preferred a given proposal to another one.

We reiterate our thanks to the 31 designers who worked for this contest to be such a success.

Releases

Tails 0.23 was released on March 19.

Metrics

• Tails has been started more than 261 878 times in March. This make 8 448 boots a day in average.
• 19 076 downloads of the OpenPGP signature of Tails ISO.
• 80 reports were received through WhisperBack.

Code

• The Cookie Monster extension was removed from our browser. ticket #6790

• The new support for bridges was completed. It now uses Tor Launcher to configure Tor when needed.

• A bookmark to the Tor Stack Exchange was added to our browser.

• A launcher for our documentation was added to the Tails menu.

• Some race conditions when starting automatic upgrades were fixed. ticket #6592

• The wikileaks.de server was removed from Pidgin.

• The #tor IRC channel was removed from Pidgin.

• We cleaned up a bit our ISO images to make them a bit smaller.

• A bug in the localization of Tor Launcher was fixed.

• We now install Linux 3.12 from deb.tails.boum.org not to install Linux 3.13.5-1 from testing yet.

• Some work as been done towards Tails Wheezy, for example on the menus and launchers, the integration of Seahorse Nautilus, network-manager, and the migration from GConf to dconf.

Documentation and website

• A new contribute page for sysadmins to improve the infrastructure behind Tails was written.

• Our sample rtorrent.rc was improved. ticket #6995

• A sample configuration for Tails mirror using nginx was added. ticket #6993

• A "News" link was added to the sidebar.

• The expectations for our mirrors in terms of bandwidth were clarified.

• The instructions to securely delete the persistent volume were improved.

• The instructions to manually backup the persistent volume were fixed.

• gpgApplet was renamed "Tails OpenPGP Applet".

• "Tails browser" was consistently renamed "Tor browser". ticket #6574

• Our list of related projects was updated:

  • Freepto was added.
  • Liberté Linux is in a sleeping state.
  • uVirtus is abandoned.

• The content of our Troubleshooting page was merging into the main Support page.

• Email commands to interact with Redmine were documented.

• The documentation for MAC spoofing was completed.

Translation

• The German team which started to work earlier this year, got more volunteers on board and more work done.

• People volunteered on the tails-l10n mailing-list to translate our website into Italian, Spanish, Turkish, and Portuguese (Portugal).

Infrastructure

• The mailing-list for early testers, tails-testers@boum.org, was announced and already joined by 35 people.

• We are ready to welcome new contributors to improve the infrastructure behind Tails, and drafted a call on that topic.

• Three branches were merged to improve our automated test suite:

  • test/5959-antitest-memory-erasure
  • test/sniffer-vs-mac-spoof
  • test/tor-is-ready-notification

• Our manual test suite for the browser was reorganized to better match the tests conducted for the TBB.

On-going discussions

• SHA256sum replacement or patch, about a possible replacement for our hash extension for Firefox.

• Feedback wanted on planned implementation of Feature #5301 - Clone or Backup Persistent Volume

• Testing EHLO messages: simplification proposal

• Perspectives for 0.23..1.1

• Upgrading the Linux kernel for 1.0?

• Review of https://tails.boum.org/contribute/index.en.html, about restructuring the links on the Contribute page.

• More tails.boum.org HTTP response headers?

Funding

• We were awarded the Access Innovation Prize.

• We submitted a proposal to the Knight Foundation News Challenge.

• The crowdfunding campaign by the Freedom of the Press Foundation was extended and revived thanks to some new articles by Trevor Timm.

• We applied to be audited through the OpenITP Peer Review Board.

• We are still the process of signing the contract for a grant we were awarded by OpenITP at the end of 2013.

Outreach

• We organized a logo contest to have a new logo in time for Tails 1.0. We received 36 proposals! Tails contributors started to vote on their favourite proposals.

• We scheduled two usability testing sessions together with Silicon Sentier on May 21 and May 28 in Paris.

• We scheduled a public hackfest. It will take place at IRILL (Paris, France) on July 5 and 6.

• We made progress on the organization of the 2014 edition of the yearly Tails contributors summit. We could make use of more funding sources.

Press and testimonials

• 2014-03-17: In Index Freedom of Expression Awards: Digital activism nominee Tails, Alice Kirkland interviews the Tails project about our nomination for the Censorship’s Freedom of Expression Awards.

• 2014-03-13: In his Les 7 clés pour protéger ses communications article (in French) published by the Tribune de Genève, Simon Koch recommends using Tails.

• 2014-03-12: In his Happy 25th Birthday World Wide Web - Let's Not Destroy It article published by the Huffington Post, Mike Harris writes that "Increasing numbers of activists are using high-tech tools such as Tor or Tails to encrypt their internet browsing and email".

• 2014-03-12: In his US and UK Spy Agencies Are "Enemies of the Internet" article, published in the Motherboard section of the Vice network, Joseph Cox covers Reporters Without Borders' latest report, and writes "If you're a journalist working on anything more sensitive than London Fashion Week or League 2 football, you might want to consider using the Linux-based 'Tails' operating system too."

• 2014-03-08: Reporters Without Borders's Grégoire Pouget blogs about Tails: FIC 2014 : Comment être réellement anonyme sur Internet (in French).

• 2014-03-03: In the March edition of the Linux Journal, that celebrates 20 years of this journal, Kyle demonstrates Tails.

Tails, The Amnesic Incognito Live System, version 0.23, is out.

All users must upgrade as soon as possible: this release fixes numerous security issues.

Changes

Notable user-visible changes include:

• Security fixes

  • Upgrade the web browser to 24.4.0esr-0+tails1~bpo60+1 (Firefox 24.4.0esr + Iceweasel patches + Torbrowser patches).

• Major new features

  • Spoof the network interfaces' MAC address by default. It can be disabled in Tails Greeter.
  • Rework the way to configure how Tor connects to the network by using bridges, proxies and restrictive firewalls. This option can be set from Tails Greeter, and replaces the old experimental "bridge mode" feature.

• Bugfixes

  • Additional software: do not crash when persistence is disabled.
  • Upgrade Pidgin to 2.10.9, that fixes some regressions introduced in the 2.10.8 security update.
  • Wait for Tor to have fully bootstrapped, plus a bit more time, before checking for upgrades and unfixed known security issues.
  • Disable the Intel Management Engine Interface driver. We don't need it in Tails, it might be dangerous, and it causes bugs on various hardware such as systems that reboot when asked to shut down.
  • Add a launcher for the Tails documentation. This makes it available in Windows Camouflage mode.
  • Remove the obsolete wikileaks.de account from Pidgin.

• Minor improvements

  • Upgrade Tor to 0.2.4.21-1~d60.squeeze+1.
  • Upgrade obfsproxy to 0.2.6-2~~squeeze+1.
  • Upgrade I2P to 0.9.11-1deb6u1.
  • Install 64-bit kernel instead of the 686-pae one. This is a necessary first step towards UEFI boot support.
  • Install Monkeysign (in a not-so-functional shape yet).
  • Disable the autologin text consoles. This was one of the blockers before a screen saver can be installed in a meaningful way.
  • Don't localize the text consoles anymore: it is broken on Wheezy, the intended users can as well use loadkeys, and we now do not have to trust setupcon to be safe for being run as root by the desktop user.
  • Make it possible to manually start IBus.
  • Reintroduce the possibility to switch identities in the Tor Browser, using a filtering proxy in front of the Tor ControlPort to avoid giving full control over Tor to the desktop user.
  • Incremental upgrades improvements:
    • Drop the Tails Upgrader launcher, to limit users' confusion.
    • Lock down sudo credentials a bit.
    • Hide debugging information.
    • Include ~/.xsession-errors in WhisperBack bug reports. This captures the Tails Upgrader errors and debugging information.
    • Report more precisely why an incremental upgrade cannot be done.
    • Various user interface and phrasing improvements.
  • Don't install the Cookie Monster browser extension.
  • Add a browser bookmark pointing to Tor's Stack Exchange.
  • Remove the preconfigured #tor channel from the Pidgin: apparently, too many Tails users go ask Tails questions there, without making it clear that they are running Tails, hence creating a user-support nightmare.
  • Use (most of) Tor Browser's mozconfig.
  • Rebase the browser on top of iceweasel 24.3.0esr-1, to get the certificate authorities added by Debian back.
  • Give access to the relevant documentation pages from Tails Greeter.
  • Hide Tails Greeter's password mismatch warning when entry is changed.
  • Persistent Volume Assistant:
    • Take into account our installer is now called Tails Installer.
    • Optimize window height.
    • Display device paths in a more user-friendly way.

See the online Changelog for technical details.

Known issues

• Longstanding known issues.

I want to try it or to upgrade!

Go to the download page.

As no software is ever perfect, we maintain a list of problems that affects the last release of Tails.

What's coming up?

The next Tails release is scheduled for April 29.

Have a look to our roadmap to see where we are heading to.

Would you want to help? There are many ways you can contribute to Tails. If you want to help, come talk to us!

On the 29th of April, we will release Tails 1.0. This will be an important symbolic milestone about 5 years after our first public releases.

We want to have a great logo by then to give Tails the visual impact it deserves. The image and banner we have been using so far don't really do the job anymore...

So we're starting a contest for designers to create a logo for Tails. We have already brainstormed on the idea, and received some great proposals in the past. Still, we had a hard time making our collective mind on a single proposal, and wanted to give more people a chance.

Requirements

• Free licence, compatible with GPL3+.
• Source in SVG format.
• An image with an approximate 1:1 ratio, like the onion logo.
• Plus the same image along with the "Tails" word either:
  • merged with the image as in the Tor logo;
  • on the side of the image.
• The "Tails" name must be spelled with an uppercase "T" only, and lowercase "ails".
• The image should convey the ideas behind Tails: secrecy, privacy, anonymity, mystery, simplicity (Tails is ready-to-use).
• The logo has to be a bit serious, but not sad.
• Until now we reuse the colors from Tor (green and purple), but this can be changed.
• We cannot reuse directly the Tor or Debian logo, but evoking it is ok (use Tor colors, or evoking the Debian swirl).
• The image should be suited to print on nice stickers that people want to have on their computers, and on t-shirts that people are happy to wear.
• Make sure that the fonts that you use are compatible with GPL3+. To be on the safe side, use fonts available in Debian main, otherwise we will ask you to prove their compatibility with GPL3+.

Complementary materials

As the logo will be used in quite different places, we encourage you to submit complementary materials. These are not strict requirements but will help us evaluate your proposal better. Besides, if your logo is chosen, we will need them anyway before we are able to put it to use publicly.

These complementary materials are:

• A banner for the website. The current one is 986x60px, but the new one could be higher, maybe up to 150px.
• A splash screen for boot. Must be 640x480px with a black background, 8-bit/RGBA. It has to be distinguishable by the user as Tails, but discrete enough not to attract too much attention from other people around.
• A color palette for the website, if it needs to be adapted to match the logo.
• Fonts to be used to create other material matching the logo.
• A CSS patch for colors and fonts on the website, if you are into CSS.
• A grayscale version of the logo.

Calendar

• 31st of March: Deadline for sending proposals to tails-dev@boum.org. No attachments to the email, but link to a public place where we can find your work.
• 9th of April: The winner is announced.
• 15th of April: All the complementary materials have to be ready so we have time to include them in Tails 1.0. The designer of the winning logo is strongly encouraged to do this work, before or after the deadline for proposals.

You can help Tails! The first (and hopefully only) release candidate for the upcoming version 0.23 is out. Please test it and see if all works for you.

How to test Tails 0.23~rc1?

1. Keep in mind that this is a test image. We have made sure that it is not broken in an obvious way, but it might still contain undiscovered issues.

2. Download the ISO image and its signature:

   Tails 0.23~rc1 ISO image

   Tails 0.23~rc1 signature

3. Verify the ISO image.

4. Have a look at the list of known issues of this release and the list of longstanding known issues.

5. Test wildly!

If you find anything that is not working as it should, please report to us! Bonus points if you check that it is not a known issue of this release or a longstanding known issue.

How to automatically upgrade from 0.22.1?

These steps allow you to automatically upgrade a device installed with Tails Installer from Tails 0.22.1 to Tails 0.23~rc1 using the Tails Upgrader:

• Start Tails 0.22.1 and set an administration password.

• Run this command in a Terminal to select the "alpha" upgrade channel and start the upgrade:

  echo 'TAILS_CHANNEL="alpha"' | sudo tee --append /etc/os-release && \
  tails-upgrade-frontend-wrapper

What's new since 0.22.1?

• Major improvements

• Spoof the network interfaces' MAC address by default (Closes: ticket #5421), as specified in our on design document .

• Rework the way to configure how Tor connects to the network (bridges, proxies, restrictive firewalls): add an option to Tails Greeter, start Tor Launcher when needed (Closes: ticket #5920, ticket #5343).

• Bugfixes

• Additional software: do not crash when persistence is disabled (Closes: ticket #6440).

• Upgrade Pidgin to 2.10.9, that fixes some regressions introduced in the 2.10.8 security update (Closes: ticket #6661).

• Wait for Tor to have fully bootstrapped, plus a bit more time, before checking for upgrades (Closes: ticket #6728) and unfixed known security issues.

• Disable the Intel Management Engine Interface driver (Closes: ticket #6460). We don't need it in Tails, it might be dangerous, and it causes bugs on various hardware such as systems that reboot when asked to shut down.

• Add a launcher for the Tails documentation. This makes it available in Windows Camouflage mode (Closes: ticket #5374, ticket #6767).

• Remove the obsolete wikileaks.de account from Pidgin (Closes: ticket #6807).

• Minor improvements

• Upgrade Tor to 0.2.4.21-1~d60.squeeze+1.

• Upgrade obfsproxy to 0.2.6-2~~squeeze+1.

• Upgrade I2P to 0.9.11-1deb6u1.

• Install 64-bit kernel instead of the 686-pae one (Closes: ticket #5456). This is a necessary first step towards UEFI boot support.

• Install Monkeysign (in a not-so-functional shape yet).

• Disable the autologin text consoles (Closes: ticket #5588). This was one of the blockers before a screen saver can be installed in a meaningful way (ticket #5684).

• Don't localize the text consoles anymore: it is broken on Wheezy, the intended users can as well use loadkeys, and we now do not have to trust setupcon to be safe for being run as root by the desktop user.

• Make it possible to manually start IBus.

• Reintroduce the possibility to switch identities in the Tor Browser, using a filtering proxy in front of the Tor ControlPort to avoid giving full control over Tor to the desktop user (Closes: ticket #6383).

• Incremental upgrades improvements:

  • Drop the Tails Upgrader launcher, to limit users' confusion (Closes: ticket #6513).

  • Lock down sudo credentials a bit.

  • Hide debugging information (Closes: ticket #6505).

  • Include ~/.xsession-errors in WhisperBack bug reports. This captures the Tails Upgrader errors and debugging information.

  • Report more precisely why an incremental upgrade cannot be done (Closes: ticket #6575).

  • Various user interface and phrasing improvements.

• Don't install the Cookie Monster browser extension (Closes: ticket #6790).

• Add a browser bookmark pointing to Tor's Stack Exchange (Closes: ticket #6632).

• Remove the preconfigured #tor channel from Pidgin: apparently, too many Tails users go ask Tails questions there, without making it clear that they are running Tails, hence creating a user-support nightmare (Closes: ticket #6679).

• Use (most of) Tor Browser's mozconfig (Closes: ticket #6474).

• Rebase the browser on top of iceweasel 24.3.0esr-1, to get the certificate authorities added by Debian back (Closes: ticket #6704).

• Give access to the relevant documentation pages from Tails Greeter.

• Hide Tails Greeter's password mismatch warning when entry is changed.

• Persistent Volume Assistant:

  • Take into account our installer is now called Tails Installer.

  • Optimize window height (Closes: ticket #5458).

  • Display device paths in a more user-friendly way (Closes: ticket #5311).

• Build system

• Ease updating POT and PO files at release time, and importing translations from Transifex (Closes: ticket #6288, ticket #6207).

• Drop custom poedit backport, install it from squeeze-backports-sloppy.

• Make ISO and IUK smaller (Closes: ticket #6390, ticket #6425):

  • Exclude more files from being included in the ISO.

  • Remove *.pyc later so that they are not recreated.

  • Truncate log files later so that they are not filled again.

  • At ISO build time, set mtime to the epoch for large files whose content generally does not change between releases. This forces rsync to compare the actual content of these files, when preparing an IUK, instead of blindly adding it to the IUK merely because the mtime has changed, while the content is the same.

  • Make local hooks logging consistent.

• Test suite

• Migrate from JRuby to native Ruby + rjb.

• The test suite can now be run on Debian Wheezy + backports.

• Fix buggy "persistence is not enabled" step (Closes: ticket #5465).

• Use IPv6 private address as of RFC 4193 for the test suite's virtual network. Otherwise dnsmasq from Wheezy complains, as it is not capable of handling public IPv6 addresses.

• Delete volumes after each scenario unless tagged @keep_volumes.

• Add an anti-test to make sure the memory erasure test works fine.

• A *lot* of bugfixes, simplifications and robustness improvements.

Known issues in 0.23~rc1

• Selecting a non-English locale breaks bridge mode.

All these issues are being worked on and will hopefully be fixed in Tails 0.23.

If you are a Tails enthusiast, testing ISO images of upcoming releases and future features is a great way to make Tails stronger. If you like playing with new features, identifying problems, and breaking things, then consider subscribing to the tails-testers mailing list.

This is where we announce and report back on:

• Release candidates for future releases
• Feature previews for upcoming improvements

Release candidates

Two weeks before each release, we publish a release candidate. It has the same features as the upcoming release but needs testing to validate that they are working correctly.

The release candidates are also announced in our news and are available online.

What you can test on them:

• The new features, as described in the Changelog, linked from the announcement.
• Any other feature of Tails, for example the ones listed in our manual test suite.

Feature previews

Every now and then, we also publish ISO images to test more specifically a new feature we are working on.

They are available on http://nightly.tails.boum.org/ and are announced together with specific testing instructions.

Subscribe

Archives from the list

This list is archived publicly:

https://mailman.boum.org/pipermail/tails-testers/

Thanks to the Knight Foundation and to the Tor project, we have organized a bounty program to improve software upon which Tails is relying.

The recruiting process was long and not exactly easy, some projects did not reach completion... but four of them were successful!

Removable USB in libvirt

Support for marking emulated USB devices as removable was added libvirt and virt-manager.

This was merged upstream by October 2013.

Symmetric file encryption and signature verification in Seahorse Nautilus

Support for symmetric encryption was added to the user interface which is presented by Seahorse Nautilus on right-click → Encrypt. Additionally, support for checking both detached signatures and text messages with cleartext signatures, as well reporting on their validity, was added to the Nautilus contextual menu.

This involved patching seahorse-nautilus, shared-mime-info, and libcryptui.

Relevant tickets:

• https://bugs.debian.org/668221
• https://bugzilla.gnome.org/show_bug.cgi?id=325803
• https://bugzilla.gnome.org/show_bug.cgi?id=699161
• https://bugs.freedesktop.org/show_bug.cgi?id=65679
• https://bugzilla.gnome.org/show_bug.cgi?id=708640

The patches were merged upstream by December 2013.

Packaging and improving keyringer

Various improvements to keyringer were delivered, to make it more usable and easier to install:

• Debian packaging
• man page
• Bash and Zsh completion

All the deliverables were approved by December 2013, and keyringer is now available in Debian.

Exporting ikiwiki tickets to Redmine

A custom ikiwiki plugin was written to help importing from the old Tails task tracker to Redmine. This included exporting ticket name, tags, and parent/child relationships in a format suitable for importing into Redmine, and creating rewrite rules to redirect ikiwiki URLs to Redmine.

All the deliverables were approved by August 2013. 887 tickets were imported in our new Redmine project.

Encrypted /me IRC messages in Pidgin OTR

The goal was to make it so /me messages in OTR conversations, when using IRC in Pidgin, are encrypted just like regular messages typed in this context.

The person we contacted to work on this bounty was not able to finish the work in due time. Since then, someone else worked on a patch, that we have successfully tested, and that is now waiting for review in the upstream bug tracker.

Ticket: https://developer.pidgin.im/ticket/15750

Support for importing SSH keys with Seahorse

The goal was to allow importing public and private SSH keys with Seahorse.

The person we contacted to work on this bounty was not able to finish the work.

Improve Vidalia

The goals were to make Vidalia better adapted to Tails needs, and to turn some of our patches into options available in the upstream code. More specifically:

• Adapt Vidalia UI to allow users to avoid connecting to the public Tor network.
• Support a HideSharing option in vidalia.conf to hide the "Sharing" tab of the Vidalia preferences window
• Support a HideNewCircuit option in vidalia.conf to hide every control that trigger the "New identity" feature of Vidalia.

Tickets:

• https://trac.torproject.org/projects/tor/attachment/ticket/2905/xxx-no-public-network.txt
• bug #2905 on Tor Project's Trac
• ticket #5305

The person we contacted to work on this bounty disappeared before signing the contract.

Releases

Tails 0.22.1 was released on February 4.

Metrics

• Tails has been started more than 222 134 times in February. This make 7 933 boots a day in average.
• 453 082 downloads of the OpenPGP signature of Tails ISO. Weird.
• 92 reports were received through WhisperBack.

Code

New features:

• Great progress was made towards better integrated, and more usable, support for using Tor bridges (ticket #5479). This implied working with the TBB team to improve Tor Launcher, so that we can start it as a standalone XUL application, instead of as a browser add-on.
• MAC spoofing support was completed and merged (ticket #5421).
• Phase four of incremental upgrades was completed (ticket #6508), and given it was enabled by default in Tails 0.22.1, most users will see it in action when 0.23 is out.
• One may now start IBus manually in locales environment where it is disabled by default (ticket #6656).
• Ship a 64-bit kernel in replacement for the 686-pae one (ticket #5456).
• The branch to stop creating auto-login text consoles was merged (ticket #5588).
• Support for persistence of I2P state was drafted (ticket #5544).
• The website lock down was merged and deployed.
• A branch to stop installing Cookie Monster was prepared (ticket #6790).
• Some initial work to improve the Greeter's administration password interface was done (ticket #5594).

Software updates:

• I2P has been updated to 0.9.11 (ticket #6696).
• We have uploaded Pidgin 2.10.9 to squeeze-backports, and we now install it from there (ticket #6661).
• Install Poedit from squeeze-backports-sloppy, where we have uploaded it some time ago (ticket #6456).
• The fact that Linux 3.12 is not in Debian unstable anymore was taken into account.
• The branch that installs Linux 3.13 was updated.

Bug and regression fixes:

• The Intel Management Engine Interface driver was disabled. This fixes memory wiping at shutdown (ticket #6460) on some, if not all, hardware.
• The possibility to switch identities in the Tor Browser was added back (ticket #6383).
• An issue that lead to releasing needlessly big ISO images was resolved (ticket #6390).
• feature/create-additional-software-config was merged.

Towards Tails based on Debian Wheezy:

• I2P packages compatible with Debian Wheezy were prepared, and are now installed in the feature/wheezy branch.
• Application launchers were added to the GNOME panel.
• A launcher to start the documentation viewer was added to the applications menu.
• A more standard icon is used for the shutdown button.

Documentation, website and localization

• Icons for the different roles on the Contribute section were finalized and deployed live.
• The ?FAQ was greatly expanded, and is now almost ready for prime-time.
• We have made good progress on specifying how the Tails logo should look like (ticket #5797).
• It was documented how to improve Tails by working on Debian. We have received positive feedback from Debian contributors about it.
• Many small improvements to the documentation and its translations were done, including:
  • quite a few clarifications in the documentation for new contributors;
  • updated system requirements documentation;
  • documented how to change the passphrase for the persistent volume (ticket #5621).
• Links to the I2P website were updated.
• Documentation for the new MAC address spoofing feature was drafted.
• Work is in progress on documentation about contributing to Tails in the infrastructure (systems administration, automation) area.

Infrastructure

• Our Puppet modules were published. This was a first blocker before we can welcome contributions to our infrastructure.
• The system that hosts our Redmine was re-installed from scratch on a new machine, upgraded to Debian Wheezy and to Redmine 1.4.4.
• Some improvements to our automated test suite were merged: test/fix-persistence-checks, test/keep-volumes-tag, and test/5959-antitest-memory-erasure. Thanks to this and the robustness improvements brought by the move to RJB, we were finally able to remove two of the most painful sets of tests from our manual test suite.
• A mailing-list for early testers was created and is being set up.

On-going discussions

• Usecases for the Cookie Monster browser extension?
• Tails logo
• How to remove identifying information in bug reports?
• Numlock on by default?
• Various issues with Vagrant.
• Interactions between Tails and TBB developers
• Adding BitMessage and Bitcoin-QT to Tails
• MAC address 'spoofing' and randomization
• Adapting Tor Launcher for Tails
• We were contacted by a few people who want to use Tails as a flexible framework, and build customized derivatives on top of it.
• We are discussing who we will invite to the 2014 Tails contributors summit, that should be a bit more crowded than usual.

Funding

• We have discussed with GNOME how they could use the money they have raised for privacy and anonymity improvements.

Outreach

• We have been working with people who want to build bridges between the graphics designers and usability experts community on the one hand, and Free Software developers on the other hand. Thanks to this collaboration, it is likely that Tails will go through a usability study in a few months, followed by a hackfest that will put at work designers and usability experts for finding solutions to (some of) the identified issues. The Tails sprint in July might host this hackfest.
• One of us attended FOSDEM, and got a chance to talk with many interesting people in person there.
• We got in touch with the people behind Freepto, and are looking how our two projects could collaborate more.
• We are participating in two new Debian teams: the Debian OTR Team and the Debian AppArmor Profiles Team.

Press and testimonials

• 2014-02-27: In his article "Why It’s Vital For Users to Fund Open-Source Encryption Tools" Trevor Timm from Freedom of the Press Foundation explains that Tails « has been vital for most, if not all, of the NSA journalists. [...] Its prime use case is journalists trying to communicate or work in environments in which they may normally be at risk or compromised. The NSA stories have been the biggest story in journalism in the past decade, yet the tool the reporters rely on is incredibly underfunded, is maintained by only a handful of developers, and operates on a shoestring budget. »
• 2014-02-07: In his review of uVirtus, Kheops, from Telecomix concludes that « Users should prefer Tails and other mature secure live distributions (such as IprediaOS, Liberté Linux, Privatix and Whonix) over uVirtus since they provide a real safety improvement to the user. For any activity that does not entail transferring large quantities of data (such as video files), there is no strong reason to prefer uVirtus over any of these. »

"The day we fight back" is a day of protest against mass surveillance. It asks legislators to oppose the FISA Improvements Act, support the USA Freedom Act, and enact protections for non-Americans.