This release fixes many security issues and users should upgrade as soon as possible.

Changes

New features

• We enabled address space layout randomization in the Linux kernel (kASLR) to improve protection from buffer overflow attacks.

• We installed rngd to improve the entropy of the random numbers generated on computers that have a hardware random number generator.

Upgrades and changes

• Upgrade Tor to 0.2.8.7.

• Upgrade Tor Browser to 6.0.5.

• Upgrade to Linux 4.6. This should improve the support for newer hardware (graphics, Wi-Fi, etc.)

• Upgrade Icedove to 45.2.0.

• Upgrade Tor Birdy to 0.2.0.

• Upgrade Electrum to 2.6.4.

• Install firmware for Intel SST sound cards (firmware-intel-sound).

• Install firmware for Texas Instruments Wi-Fi interfaces (firmware-ti-connectivity).

• Remove non-free APT repositories. We documented how to configure additional APT repositories using the persistent volume.

• Use a dedicated page as the homepage of Tor Browser so we can customize it for our users.

• Set up the trigger for RAM erasure on shutdown earlier in the boot process. This should speed up shutdown and make RAM erasure more robust.

Fixed problems

• Disable the automatic configuration of Icedove when using OAuth. This should fix the automatic configuration for GMail accounts. (#11536)

• Make the Disable all networking and Tor bridge mode options of Tails Greeter more robust. (#11593)

For more details, read our changelog.

Known issues

• For some users memory wiping fails more often than in Tails 2.5, and for some users it fails less often. Please report any such changes to #11786.

See the list of long-standing issues.

Get Tails 2.6

• To install, follow our installation instructions.

• To upgrade, an automatic upgrade is available from 2.5 to 2.6.

  If you cannot do an automatic upgrade or if you fail to start after an automatic upgrade, please try to do a manual upgrade.

• Download Tails 2.6.

What's coming up?

Tails 2.7 is scheduled for November 8.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

You can help Tails! The first release candidate for the upcoming version 2.6 is out. Please test it and report any issue. We are in particular interested in feedback and problems relating to:

• Icedove's automatic configuration wizard. Using it to set up a new account is (most of the time) as easy as entering your email address (and password), and Icedove will configure your account for you.

How to test Tails 2.6~rc1?

Keep in mind that this is a test image. We tested that it is not broken in obvious ways, but it might still contain undiscovered issues.

But test wildly!

If you find anything that is not working as it should, please report to us! Bonus points if you first check if it is a known issue of this release or a longstanding known issue.

Download and install

Tails 2.6~rc1 torrent

Tails 2.6~rc1 ISO image OpenPGP signature

To install 2.6~rc1, follow our usual installation instructions, skipping the Download and verify step.

Upgrade from 2.5

1. Start Tails 2.5 on a USB stick installed using Tails Installer and set an administration password.

2. Run this command in a Root Terminal to select the "alpha" upgrade channel and start the upgrade:

   echo TAILS_CHANNEL=\"alpha\" >> /etc/os-release && \
        tails-upgrade-frontend-wrapper
   

3. After the upgrade is installed, restart Tails and choose Applications ▸ Tails ▸ About Tails to verify that you are running Tails 2.6~rc1.

What's new since 2.5?

Changes since Tails 2.5 are:

• Major new features and changes

  • Install Tor 0.2.8.6. (Closes: #11351)
  • Enable kASLR in the Linux kernel. (Closes: #11281)
  • Upgrade Icedove to 1:45.2.0-1~deb8u1+tails1: (Closes: #11714) · Drop auto-fetched configurations using Oauth2. They do not work together with Torbirdy since it disables needed functionality (like JavaScript and cookies) in the embedded browser. This should make auto-configuration work for GMail again, for instance. (Closes: ##11536) · Pin Icedove to be installed from our APT repo. Debian's Icedove packages still do not have our secure Icedove autoconfig wizard patches applied, so installing them would be a serious security regression. (Closes: #11613) · Add missing icedove-l10n-* packages to our custom APT repository (Closes: #11550)
  • Upgrade to Linux 4.6: (Closes: #10298) · Install the 686 kernel flavour instead of the obsolete 586 one. · APT, dpkg: add amd64 architecture. The amd64 kernel flavour is not built anymore for the i386 architecture, so we need to use multiarch now. · Build and install the out-of-tree aufs4 module. (Closes: #10298) · Disable kernel modesetting for QXL: it's not compatible with Jessie's QXL X.Org driver.

• Security fixes

  • Hopefully fixed an issue which would sometimes make the Greeter ignore the "disable networking" or "bridge mode" options. (Closes: #11593)

• Minor improvements

  • Install firmware-intel-sound and firmware-ti-connectivity. This adds support for some sound cards and Wi-Fi adapters. (Closes: #11502)
  • Install OpenPGP Applet from Debian. (Closes: #10190)
  • Install gnome-sound-recorder (again). (Closes: #10950)
  • Port the "About Tails" dialog to python3.
  • Run our initramfs memory erasure hook earlier (Closes: #10733). The goal here is to: · save a few seconds on shutdown (it might matter especially for the emergency one); · work in a less heavily multitasking / event-driven environment, for more robust operation.
  • Install rngd, and make rng-tools initscript return success when it can't find any hardware RNG device. Most Tails systems around probably have no such device, and we don't want systemd to believe they failed to boot properly. (Closes: #5650)
  • Don't force using the vboxvideo X.Org driver. According to our tests, this forced setting is: · harmful: it breaks X startup when the vboxvideo kernel driver is loaded; · useless: X.Org now autodetects the vboxvideo X.Org driver and uses it when running in VirtualBox and the vboxvideo kernel is not present.
  • Port boot-profile to python3 (Closes: #10083). Thanks to heartsucker heartsucker@autistici.org for the patch!
  • Include /proc/cmdline and the content of persistent APT sources in WhisperBack bug reports. (Closes: #11675, #11635)
  • Disable non-free APT sources at boot time. (Closes: #10130)
  • Have a dedicated page for the homepage of Tor Browser in Tails. (Closes: # 11725)
  • Only build the VirtualBox kernel modules for the 32-bit kernel. It's both hard and useless to build it for 64-bit in the current state of things, as long as we're shipping a 32-bit userspace. Also, install virtualbox-* from jessie-backports, since the version in Jessie is not compatible with Linux 4.x.

For more details, see also our changelog.

Known issues in 2.6~rc1

• Longstanding known issues

Releases

• There have been no releases in July.
• Tails 2.5 is scheduled for August 3.

Code

• Icedove: Tails' Icedove Apparmor profile has been accepted in Debian!
• DAVE: We have added new mirrors to our mirror pool, and soon we will update our Firefox Add-on with this changes.
• Tails Server: There is a lot of progress the GUI, there have been user testing, ephemeral hidden services are created now with stem, the code is integrated in Tails now, it is possible to reset the onion addresses, the application is translatable and there are ISO images available for testing now! You can read more about this here and here
• We keep reducing our delta with upstream: now we have dropped the custom value for kernel.perf_event_paranoid sysctl (#11511).

Documentation and website

• We have documented how to get the source code of packages shipped in Tails (#6311).
• That manual ISO build needs a HTTP proxy #11046.
• The monitoring service also has more documentation now: #11366.
• We have added Linux Mint instructions to our Installation Assistant: #11561.
• And also how to save KeePassX settings using Dotfiles.
• We have added Veracrypt to the list of programs often asked by users (spoiler: get it on Debian first).
• We added links to Debian Reproducible Builds on our documentation.

User experience

• Two user tests have been done for Tails Server, with technical and non-technical users. More information on the results: first and second
• We have made some statistics about how quick our users update Tails. Most users update quickly, but there is still a 15% that update from Tails 4 months or older. More info on the ticket.

Infrastructure

• After a lot of work, we have finished implementing Tails servers monitoring system! Read the sysadmins documentation for details.
• We noticed that the apt-cacher-ng cache disk was filling up because of expired time-based snapshots. So we re-implemented our puppet modules to prevent this (#11532).
• Our test suite covers 209 scenarios, one more that in June.
• 1178 ISO images were automatically built and tested by our continuous integration infrastructure.

Outreach

• Nuit du Hack, France: jvoisin and fr33tux did a presentation about Tails: Here the video
• Rancho electrónico, Mexico city, hosted talks about Tails every Monday of July on their 'Digital self-defense' workshops.

Translation

• We have finished deciding a merge strategy for our Weblate install: #10257.

All the website

• de: 57% (2894) strings translated, 3% strings fuzzy, 51% words translated
• fa: 46% (2346) strings translated, 7% strings fuzzy, 52% words translated
• fr: 77% (3880) strings translated, 3% strings fuzzy, 77% words translated
• it: 17% (890) strings translated, 2% strings fuzzy, 18% words translated
• pt: 32% (1639) strings translated, 7% strings fuzzy, 30% words translated

Total original words: 50335

Core pages of the website

• de: 88% (1618) strings translated, 4% strings fuzzy, 88% words translated
• fa: 39% (726) strings translated, 9% strings fuzzy, 41% words translated
• fr: 88% (1624) strings translated, 5% strings fuzzy, 89% words translated
• it: 48% (876) strings translated, 6% strings fuzzy, 55% words translated
• pt: 54% (993) strings translated, 10% strings fuzzy, 54% words translated

Total original words: 16625

Metrics

• Tails has been started more than 544.464 times this month. This makes 17.563 boots a day on average.
• 7.364 downloads of the OpenPGP signature of Tails ISO from our website.
• 89 bug reports were received through WhisperBack.

This release fixes many security issues and users should upgrade as soon as possible.

Changes

New features

Upgrades and changes

• Update Tor Browser to 6.0.3, based on Firefox 45.3.

• Upgrade Icedove to 45.1. (#11530)

Fixed problems

• The automatic account configuration of Icedove used to freeze when connecting to some email providers. (#11486)

• In some cases sending an email with Icedove used to result in the error: "The message could not be sent using Outgoing server (SMTP) mail.riseup.net for an unknown reason." (#10933)

• A spurious error message used to sometimes appear when creating an account in Icedove and providing its password. (#11550)

• Fix some time synchronization problems, by replacing obsolete and unreliable servers, and decreasing a timeout. (#11577)

• KVM virtual machines with QXL video: vastly improve graphics performance and fix visual artifacts in Tor Browser. (#11500, #11489)

For more details, read our changelog.

Known issues

See the list of long-standing issues.

Get Tails 2.5

• To install, follow our installation instructions.

• To upgrade, an automatic upgrade is available from 2.4 to 2.5.

  If you cannot do an automatic upgrade or if you fail to start after an automatic upgrade, please try to do a manual upgrade.

• Download Tails 2.5.

What's coming up?

Tails 2.6 is scheduled for September 13.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Releases

• Tails 2.4 was released on June 7 (major release).

• Tails 2.5 is scheduled for August 2.

The following changes were introduced in Tails 2.4:

• We enabled the automatic account configuration of Icedove which discovers the correct parameters to connect to your email provider based on your email address. We improved it to rely only on secure protocol and we are working on sharing these improvements with Mozilla so that users of Thunderbird outside Tails can benefit from them as well.

• Remove the preconfigured #tails IRC channel. Join us on XMPP instead!

• Always display minimize and maximize buttons in titlebars. (#11270)

• Remove GNOME Tweak Tool and hledger. You can add them back using the Additional software packages persistence feature.

• Use secure HKPS OpenPGP key server in Enigmail.

• Harden our firewall by rejecting RELATED packets and restricting Tor to only send NEW TCP syn packets. (#11391)

• Harden our kernel by:

  • Setting various security-related kernel options: slab_nomerge slub_debug=FZ mce=0 vsyscall=none. (#11143)
  • Removing the .map files of the kernel. (#10951)

• Update the DRM and Mesa graphical libraries. This should fix recent problems with starting Tails on some hardware. (#11303)

• Some printers that stopped working in Tails 2.0 should work again. (#10965)

• Enable Packetization Layer Path MTU Discovery for IPv4. This should make the connections to obfs4 Tor bridges more reliable. (#9268)

• Remove our custom ciphers and MACs settings for SSH. This should fix connectivity issues with other distributions such as OpenBSD. (#7315)

• Fix the translations of Tails Upgrader. (#10221)

• Fix displaying the details of a circuit in Onion Circuits when using Tor bridges. (#11195)

Code

• segfault sent his 3rd and 4th reports for his GSoC on Tails Server.

• GoodCrypto sent more patches to convert our custom bash scripts to Python.

User experience

We continued discussing:

• How to get rid of the splash screen of Tails Installer and how to propose the alternative between cloning and using an ISO image in the interface.

• How to allow editing the configuration of a service in Tails Server.

Infrastructure

• Our test suite covers 208 scenarios, 1 more that in May.

Funding

• We got an award by Mozilla to make Tails ISO images build reproducibly.

• We apply for a small technology grant by the ISC Project for a translation platform for our website.

Outreach

Upcoming events

• El Rancho Electrónico organizes a series of Tails workshops on July 4, 11, and 18 in Ciudad Monstruo, Mexico.

Translation

All the website

• de: 54% (2856) strings translated, 2% strings fuzzy, 47% words translated
• fa: 47% (2477) strings translated, 7% strings fuzzy, 54% words translated
• fr: 71% (3715) strings translated, 3% strings fuzzy, 69% words translated
• it: 17% (899) strings translated, 2% strings fuzzy, 17% words translated
• pt: 31% (1644) strings translated, 6% strings fuzzy, 28% words translated

Total original words: 53798

Core pages of the website

• de: 87% (1581) strings translated, 2% strings fuzzy, 86% words translated
• fa: 40% (729) strings translated, 9% strings fuzzy, 42% words translated
• fr: 84% (1527) strings translated, 4% strings fuzzy, 86% words translated
• it: 49% (885) strings translated, 6% strings fuzzy, 56% words translated
• pt: 55% (1000) strings translated, 9% strings fuzzy, 55% words translated

Total original words: 16515

Metrics

• Tails has been started more than 554.690 times this month. This makes 18490 boots a day on average.
• 8.174 downloads of the OpenPGP signature of Tails ISO from our website.
• 131 bug reports were received through WhisperBack.

Code

• segfault sent his first and second report on his GSoC on Tails Server.

• We've prepared a patched version of Icedove and Torbirdy for the next Tails release. Icedove users can now use the automatic configuration wizard and by default, requests will be done only over secure protocols. Other Icedove improvements include using a hkps keyserver in Enigmail, default to POP if persistence is enabled, IMAP if not. We've disabled remote email account creation. All our patches are being upstreamed to Thunderbird and Torbirdy.

Documentation and website

• sajolida finished replacing the old installation instructions we had before the installation assistant. This implied rewriting our instructions for OpenPGP verification which now include a direct download link. We are still discussing how to better link this page to make it easier to find.

• emmapeel documented how to exchange files with I2P Browser.

• sajolida sent some statistics on the hits on our website.

User experience

• We discussed the design of segfault's second prototype for Tails Server.

• We discussed the design of the Unlock and Relock widgets of the new Tails Greeter.

• kurono wrote a simplified interface for Tails Installer that would allow removing the splash screen and asked for reviews of his design.

Infrastructure

• Our channel #tails for user support moved from IRC to XMPP. For further details read our support page.

• The new mirror pool is now used by Tails Upgrader, by users who download Tails without using our Download And Verification Extension for Firefox (aka. DAVE), for any download that is not supported by DAVE (e.g. release candidates), and for downloads started from a web browser that has JavaScript disabled. So, in summary two of the use cases of this work are covered already, and only the "downloading with DAVE" use case is left to complete. As of May 31st we now have 36 active mirrors.

Funding

• Mediapart, a French online investigative journal that uses Tails for their work, is the first media organization to answer positively our call to support Tails financially. The terms of our partnership are still being discussed.

• We submitted a proposal to fund reproducible builds to the Mozilla Open Source Support.

Outreach

Upcoming events

• jvoisin and fr33tux are going to give a talk on Tails at Nuit du Hack

On-going discussions

Press and testimonials

Translation

• The documentation is now also available in Italian language. We welcome the Italian translation team, thanks for all of the work done!

Overall translation of the website

• de: 50% (2648) strings translated, 4% strings fuzzy, 44% words translated
• fa: 47% (2492) strings translated, 7% strings fuzzy, 54% words translated
• fr: 64% (3376) strings translated, 4% strings fuzzy, 65% words translated
• it: 17% (896) strings translated, 2% strings fuzzy, 17% words translated
• pt: 31% (1660) strings translated, 6% strings fuzzy, 29% words translated

Total original words: 53532

Core pages of the website

• de: 79% (1432) strings translated, 6% strings fuzzy, 79% words translated
• fa: 40% (726) strings translated, 9% strings fuzzy, 42% words translated
• fr: 74% (1341) strings translated, 5% strings fuzzy, 77% words translated
• it: 49% (886) strings translated, 6% strings fuzzy, 56% words translated
• pt: 55% (1001) strings translated, 9% strings fuzzy, 55% words translated

Total original words: 16492

Metrics

• Tails has been started more than 541.950 times this month. This makes 17.482 boots a day on average.
• 6359 downloads of the OpenPGP signature of Tails ISO from our website.
• 112 bug reports were received through WhisperBack.

This release fixes many security issues and users should upgrade as soon as possible.

Changes

New features

• We enabled the automatic account configuration of Icedove which discovers the correct parameters to connect to your email provider based on your email address. We improved it to rely only on secure protocol and we are working on sharing these improvements with Mozilla so that users of Thunderbird outside Tails can benefit from them as well.

  

Upgrades and changes

• Update Tor Browser to 6.0.1, based on Firefox 45.

• Remove the preconfigured #tails IRC channel. Join us on XMPP instead!

• Always display minimize and maximize buttons in titlebars. (#11270)

• Remove GNOME Tweak Tool and hledger. You can add them back using the Additional software packages persistence feature.

• Use secure HKPS OpenPGP key server in Enigmail.

• Harden our firewall by rejecting RELATED packets and restricting Tor to only send NEW TCP syn packets. (#11391)

• Harden our kernel by:

  • Setting various security-related kernel options: slab_nomerge slub_debug=FZ mce=0 vsyscall=none. (#11143)
  • Removing the .map files of the kernel. (#10951)

Fixed problems

• Update the DRM and Mesa graphical libraries. This should fix recent problems with starting Tails on some hardware. (#11303)

• Some printers that stopped working in Tails 2.0 should work again. (#10965)

• Enable Packetization Layer Path MTU Discovery for IPv4. This should make the connections to obfs4 Tor bridges more reliable. (#9268)

• Remove our custom ciphers and MACs settings for SSH. This should fix connectivity issues with other distributions such as OpenBSD. (#7315)

• Fix the translations of Tails Upgrader. (#10221)

• Fix displaying the details of a circuit in Onion Circuits when using Tor bridges. (#11195)

For more details, read our changelog.

Known issues

• The automatic account configuration of Icedove freezes when connecting to some email providers. (#11486)

• In some cases sending an email with Icedove results in the error: "The message could not be sent using Outgoing server (SMTP) mail.riseup.net for an unknown reason." When this happens, simply click "Ok" and try again and it should work. (#10933)

• The update of the Mesa graphical library introduce new problems at least on AMD HD 7770 and nVidia GT 930M.

• In the PDF Viewer the Download button doesn't work. This can be worked around by right-clicking anywhere in the document and selecting Save Page As.

See the list of long-standing issues.

Get Tails 2.4

• To install, follow our installation instructions.

• To upgrade, an automatic upgrade is available from 2.3 to 2.4.

  If you cannot do an automatic upgrade or if you fail to start after an automatic upgrade, please try to do a manual upgrade.

• Download Tails 2.4.

What's coming up?

Tails 2.5 is scheduled for August 2.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

You can help Tails! The first release candidate for the upcoming version 2.4 is out. Please test it and report any issue. We are in particular interested in feedback and problems relating to:

• Icedove's automatic configuration wizard. Using it to set up a new account is (most of the time) as easy as entering your email address (and password), and Icedove will configure your account for you.

• Graphics-related regressions, e.g. if the graphical user interface doesn't seem to start at all (i.e. you cannot reach Tails Greeter).

How to test Tails 2.4~rc1?

Keep in mind that this is a test image. We tested that it is not broken in obvious ways, but it might still contain undiscovered issues.

But test wildly!

If you find anything that is not working as it should, please report to us! Bonus points if you first check if it is a known issue of this release or a longstanding known issue.

Download and install

Tails 2.4~rc1 torrent

Tails 2.4~rc1 ISO image ?OpenPGP signature

To install 2.4~rc1, follow our usual installation instructions, skipping the Download and verify step.

Upgrade from 2.3

1. Start Tails 2.3 on a USB stick installed using Tails Installer and set an administration password.

2. Run this command in a Root Terminal to select the "alpha" upgrade channel and start the upgrade:

   echo TAILS_CHANNEL=\"alpha\" >> /etc/os-release && \
        tails-upgrade-frontend-wrapper
   

3. After the upgrade is installed, restart Tails and choose Applications ▸ Tails ▸ About Tails to verify that you are running Tails 2.4~rc1.

What's new since 2.3?

Changes since Tails 2.3 are:

• Major new features and changes

  • Upgrade Tor Browser to 6.0 based on Firefox 45.2. (Closes: #11403).
  • Enable Icedove's automatic configuration wizard. We patch the wizard to only use secure protocols when probing, and only accept secure protocols, while keeping the improvements done by TorBirdy in its own non-automatic configuration wizard. (Closes: #6158, #11204)

• Bugfixes

  • Enable Packetization Layer Path MTU Discovery for IPv4. If any system on the path to the remote host has a MTU smaller than the standard Ethernet one, then Tails will receive an ICMP packet asking it to send smaller packets. Our firewall will drop such ICMP packets to the floor, and then the TCP connection won't work properly. This can happen to any TCP connection, but so far it's been reported as breaking obfs4 for actual users. Thanks to Yawning for the help! (Closes: #9268)
  • Make Tails Upgrader ship other locales than English. (Closes: #10221)

• Minor improvements

  • Icedove improvements:
    • Stop patching in our default into Torbirdy. We've upstreamed some parts, and the rest we set with pref branch overrides in /etc/xul-ext/torbirdy.js. (Closes: #10905)
    • Use hkps keyserver in Engimail. (Closes: #10906)
    • Default to POP if persistence is enabled, IMAP if not. (Closes: #10574)
    • Disable remote email account creation in Icedove. (Closes: #10464)
  • Firewall hardening (Closes: #11391):
    • Don't accept RELATED packets. This enables quite a lot of code in the kernel that we don't need. Let's reduce the attack surface a bit.
    • Restrict debian-tor user to NEW TCP syn packets. It doesn't need to do more, so let's do a little bit of security in depth.
    • Disable netfilter's nf_conntrack_helper.
    • Fix disabling of automatic conntrack helper assignment.
  • Kernel hardening:
    • Set various kernel boot options: slab_nomerge slub_debug=FZ mce=0 vsyscall=none. (Closes: #11143)
    • Remove the kernel .map files. These are only useful for kernel debugging and slightly make things easier for malware, perhaps and otherwise just occupy disk space. Also stop exposing kernel memory addresses through /proc etc. (Closes: #10951)
  • Drop zenity hacks to "focus" the negative answer. Jessie's zenity introduced the --default-cancel option, finally! (Closes: #11229)
  • Drop useless APT pinning for Linux.
  • Remove gnome-tweak-tool. (Closes: #11237)
  • Install python-dogtail, to enable accessibility technologies in our automated test suite. (Part of: #10721)
  • Install libdrm and mesa from jessie-backports. (Closes: #11303)
  • Remove hledger. (Closes: #11346)
  • Don't pre-configure the #tails chan on the default OFTC account. (Part of: #11306)
  • Install onioncircuits from jessie-backports. (Closes: #11443)
  • Remove nmh. (Closes: #10477)
  • Drop Debian experimental APT source: we don't use it.
  • Use APT codenames (e.g. "stretch") instead of suites, to be compatible with our tagged APT snapshots.
  • Drop module-assistant hook and its cleanup. We've not been using it since 2010.
  • Remove 'Reboot' and 'Power Off' entries from Applications → System Tools. (Closes: #11075)
  • Pin our custom APT repo to the same level as Debian ones, and explicitly pin higher the packages we want to pull from our custom APT repo, when needed.
  • config/chroot_local-hooks/59-libdvd-pkg: verify libdvdcss package installation. (Closes: #11420)
  • Make Tails Upgrader use our new mirror pool design. (Closes: #11123)

For more details, see also our changelog.

Known issues in 2.4~rc1

• Longstanding known issues

• The new version of mesa (#11303) improves the situation on some hardware, but introduces regressions at least on:

  • AMD HD 7770
  • nVidia GT 930M

• Icedove's autoconfig wizard stalls when probing some domains (#11486) but not all.

Releases

• Tails 2.3 was released on April 26, 2016 (major release).

Code

• i2p in Tails now has a new maintainer, welcome aboard!

Documentation and website

• sajolida rewrote the instructions for OpenPGP verification as part of small improvements to make the installation assistant less frustrating for power users.

• Some examples were added on the documentation about adding new mirror.

• We sped up the build of our website by almost 50% by removing deprecated documentation and translations of little relevance.

• We wrote a small FAQ on ping not working in Tails.

User experience

• Alan built an ISO image with the new design of Tails Greeter and asked for review.

• segfault was approved to work on Tails Server as his Google Summer of Code and already sent some mockups for a user interface.

Infrastructure

• We moved our contributors chat to an XMPP channel. More info here.
• We are updating our mirror infrastructure to allow more mirrors as well as to switch all downloads to HTTPS in the future read the blueprint. Nearly all mirror operators have already adopted the new configuration of their server. We have updated our documentation for hosting a mirror. Administrators of the mirror pool now have a dedicated mailing list.
• In April, 779 ISO images were automatically built by our Jenkins instance.
• We have continued to try out new "fundamental approaches" in our test suite to deal with robustness issues. This month we have looked closer at the "transient network issues", of which all seem to be related to using the real Tor network. Our solution ended up being to run our own miniature Tor network on the automated test suite host using the Tor project's own tool for running Tor network diagnostic tests, Chutney.
• Our new monitoring system was deployed to production, and works very well so far. It's aim is to be able to detect within hours failures and malfunction on our services.

More information on our work on infrastructure this month can be found in our SponsorS report for April 2016.

Outreach

• RomeoPapa announced SilentKeys as fork of Tails.

Press and testimonials

• 2016-04-13: Tails Product Review: Tails OS by Kevin Lee in Privacy Shell.

Translation

Overall translation of the website

• german: 47% (2567) strings translated, 4% strings fuzzy, 42% words translated
• farsi: 52% (2843) strings translated, 6% strings fuzzy, 59% words translated
• french: 62% (3366) strings translated, 5% strings fuzzy, 64% words translated
• portuguese: 30% (1644) strings translated, 7% strings fuzzy, 29% words translated

Total original words: 56061

Core pages of the website

• german: 88% (1179) strings translated, 6% strings fuzzy, 91% words translated
• farsi: 77% (1037) strings translated, 12% strings fuzzy, 72% words translated
• french: 85% (1139) strings translated, 7% strings fuzzy, 89% words translated
• portuguese: 70% (940) strings translated, 16% strings fuzzy, 69% words translated

Total original words: 14006

Metrics

• Tails has been started more than 527.629 times this month. This makes 17.587 boots a day on average.
• 5.321 downloads of the OpenPGP signature of Tails ISO from our website.

This release fixes many security issues and users should upgrade as soon as possible.

Changes

Upgrades and changes

• You can now copy and paste your GnuPG passphrases into the pinentry dialog, for example from KeePassX or the clipboard.

• Upgrade Tor Browser to 5.5.5.

• Upgrade I2P to 0.9.25.

• Upgrade Electrum from 2.5.4 to 2.6.3.

Fixed problems

• Clarify that users migrating from Claws Mail to Icedove should delete all their Claws Mail data to remove the warning when starting Icedove. (#11187)

• Make both panes of Onion Circuits scrollable to fix display issues on smaller screens. (#11192)

For more details, read our changelog.

Known issues

None specific to this release.

See the list of long-standing issues.

Get Tails 2.3

• To install, follow our installation instructions.

• To upgrade, an automatic upgrade is available from 2.2.1 to 2.3.

  If you cannot do an automatic upgrade or if you fail to start after an automatic upgrade, please try to do a manual upgrade.

• Download Tails 2.3.

What's coming up?

Tails 2.4 is scheduled for June 7.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!