Releases

The following changes were introduced in Tails 3.1:

Fixed problems

  • Make sure that Thunderbird erases its temporary directory, containing for example attachments opened in the past. #13340

  • Fix translations of the time synchronization and "Tor is ready" notifications. #13437

Code

  • intrigeri started a discussion about enabling AppArmor by default in Debian. So far the feedback has been good.
  • We decided to evaluate this year whether we can base Tails on quarterly snapshots of Debian testing. If we end up answering this question favorably, then the first such release would happen early in 2018 (January or April).
  • We worked on regressions introduced in Tails 3.0 that our Help Desk and Foundations Team deems high-priority, such as #12733 and #13437.
  • We worked on Tails Installer to make it create larger system partitions so that users can benefit more often from automatic upgrades, instead of having to perform a manual upgrade.
  • We are in the process of evaluating whether GNOME's on-screen keyboard could fully replace Florence.
  • We started porting Tails to Linux 4.12.
  • We started organizing teams, work, timeline and workflow for our upcoming OTF contract:

Documentation and website

  • We renamed our "Easy" tasks for new contributors as "Starter tasks".

User experience

  • We helped Tor redesign and rephrase Tor Launcher, the configuration screens of Tor Browser that are also used in Tails.

  • We held a collective workshop to identify personas with 12 core contributors. We started with a brainstorming of Tails users and their goals, followed by a collective grouping of all the identified use cases into categories based on type of users and user goals.

    After that, a smaller team started drafting persona skeletons based on this output, including holistic security and threat modeling aspects for each persona.

    The process and output are documented in our blueprint on personas.

Hot topics on our help desk

  1. A few users reported that during some sessions, the Applications menu button stops working moments after Tails finishes to start

  2. A few users were asking about shipping Tails with software for additional cryptocurrencies (i.e. Monero)

  3. There was some input on a problem with Install by cloning, which sometimes fails silently on specific installations.

  4. Users are still struggling with hardware support.

Funding

Outreach

Past events

  • A few Tails contributors attended DebConf17, the annual conference for Debian contributors and users interested in improving Debian. Among other things we had discussions and hacking sessions about enabling AppArmor by default in Debian (see above), OpenPGP Applet, Debian Perl Group open tasks, and how to bring the benefits of Flatpak to our users.
  • Alan attended GUADEC and sent a comprehensive report

Upcoming events

On-going discussions

Translation

All website PO files

  • de: 56% (2821) strings translated, 7% strings fuzzy, 49% words translated
  • fa: 42% (2115) strings translated, 10% strings fuzzy, 44% words translated
  • fr: 89% (4466) strings translated, 1% strings fuzzy, 87% words translated
  • it: 41% (2050) strings translated, 5% strings fuzzy, 36% words translated
  • pt: 25% (1295) strings translated, 9% strings fuzzy, 22% words translated

Total original words: 53366

Core PO files

  • de: 77% (1471) strings translated, 12% strings fuzzy, 78% words translated
  • fa: 34% (656) strings translated, 11% strings fuzzy, 35% words translated
  • fr: 98% (1866) strings translated, 1% strings fuzzy, 99% words translated
  • it: 77% (1459) strings translated, 13% strings fuzzy, 77% words translated
  • pt: 45% (853) strings translated, 15% strings fuzzy, 45% words translated

Total original words: 17252

Metrics

  • Tails has been started more than 674.373 times this month. This makes 21.754 boots a day on average.
  • 13.545 downloads of the OpenPGP signature of Tails ISO from our website.
  • 105 bug reports were received through WhisperBack.

You can help Tails! The first release candidate for the upcoming version 3.2 is out. We are very excited and cannot wait to hear what you think about it :)

What's new in 3.2~rc1?

Significant changes since Tails 3.1 include:

  • Upgrade to Tails Installer 4.4.19, which gets rid of the splash screen, detects when Tails already is installed on the target device (and then proposes to upgrade), and generally improves the UX. We are very interested in reports about problems with this new version of Tails Installer.

  • The Root Terminal has gone through some significant back-end changes; please make sure it works like before (or better)!

  • Add PPPoE support; if you have a DSL or dial-up connection that uses PPPoE, please give it a try!

  • Bluetooth support is now completely disabled (details: #14655). If this makes it hard for you to use Tails, please let us know!

  • Upgrade to Linux 4.12.12, which improves hardware support, e.g. better support for the NVIDIA Maxwell series of graphics cards.

  • Upgrade to Thunderbird 52.3.0. Ideally it should work exactly like before, or better.

Technical details of all the changes are listed in the Changelog.

How to test Tails 3.2~rc1?

Keep in mind that this is a test image. We tested that it is not broken in obvious ways, but it might still contain undiscovered issues.

But test wildly!

If you find anything that is not working as it should, please report to us on tails-testers@boum.org.

Bonus points if you first check if it is a known issue of this release or a longstanding known issue.

Upgrade from 3.1

  1. Start Tails 3.1 on a USB stick installed using Tails Installer and set an administration password.

  2. Run this command in a Terminal to select the "alpha" upgrade channel and start the upgrade:

    echo TAILS_CHANNEL=\"alpha\" | sudo tee -a /etc/os-release && \
         tails-upgrade-frontend-wrapper
    

    and enter the administration password when asked for the "password for amnesia".

  3. After the upgrade is installed, restart Tails and choose Applications ▸ Tails ▸ About Tails to verify that you are running Tails 3.2~rc1.

Download and install

You can install 3.2~rc1 by following our usual installation instructions, skipping the Download and verify step.

Tails 3.2~rc1 ISO image OpenPGP signature
Tails 3.2~rc1 torrent

Known issues in 3.2~rc1

  • GNOME screen keyboard (that replaced Florence in this version) is not working: pressing its on-screen keyboard buttons do nothing (#14675).

Longstanding known issues

What's coming up?

Tails 3.2 is scheduled on September 26.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Tags:

Releases

Documentation and website

  • We improved our installation instructions for Ubuntu to configure the PPA through Software & Updates instead of the command line.

  • We published instructions on how to repair a Tails 3.0.1 broken by the automatic upgrade.

  • We documented that Tails fails to start on computers with NVIDIA Maxwell graphics.

  • We updated the terminology on our website to stop mentioning SD cards and always talk about Tails USB stick instead of Tails device. #9965

  • We made it clearer in the system requirements that Tails doesn't work on handheld devices.

  • We improved the link and QR code to get back to the same step when switching device during installation. #12319

  • We updated our command line instructions to use apt instead of apt-get.

  • We renamed Mac OS X as macOS, its new name.

  • We improved the inlining mechanism that links to release notes during upgrades. #13341

Funding

  • We received a donation from ExpressVPN.

  • Our OTF proposal was accepted and we will help us do great work between 2017Q4 and 2018Q3:

    • TrueCrypt support in GNOME: graphical utilities to mount TrueCrypt volumes (#11684, #6337)
    • Graphical interface for the Additional Packages persistent feature: allow users to customize which applications are available in their Tails (#5996 #9059)
  • We started using CCT, the Center for the Cultivation of Technology as our European fiscal sponsor for real and are very happy about it. On the long run they will help us spend less time doing administrative work and more time improving Tails!

  • Next INpact started a donation campaign to support Tails, Tor and VeraCrypt using 33% of total donations.

Outreach

Past events

Translation

All the website

  • de: 56% (2809) strings translated, 7% strings fuzzy, 49% words translated
  • fa: 42% (2094) strings translated, 10% strings fuzzy, 44% words translated
  • fr: 87% (4354) strings translated, 2% strings fuzzy, 84% words translated
  • it: 30% (1500) strings translated, 5% strings fuzzy, 26% words translated
  • pt: 25% (1268) strings translated, 10% strings fuzzy, 22% words translated

Total original words: 53070

Core pages of the website

  • de: 77% (1456) strings translated, 13% strings fuzzy, 77% words translated
  • fa: 34% (648) strings translated, 12% strings fuzzy, 35% words translated
  • fr: 95% (1812) strings translated, 4% strings fuzzy, 95% words translated
  • it: 73% (1386) strings translated, 14% strings fuzzy, 72% words translated
  • pt: 44% (842) strings translated, 16% strings fuzzy, 45% words translated

Total original words: 17252

Metrics

  • Tails has been started more than 690564 times this month. This makes 22276 boots a day on average.
  • 15501 downloads of the OpenPGP signature of Tails ISO from our website.
  • 160 bug reports were received through WhisperBack.

This release fixes many security issues and users should upgrade as soon as possible.

Changes

Upgrades and changes

  • Update Tor Browser to 7.0.4.
  • Update Linux to 4.9.30-2+deb9u3.

Fixed problems

  • Make sure that Thunderbird erases its temporary directory, containing for example attachments opened in the past. #13340

  • Fix translations of the time synchronization and "Tor is ready" notifications. #13437

For more details, read our changelog.

Known issues

None specific to this release.

See the list of long-standing issues.

Get Tails 3.1

  • To install, follow our installation instructions.

  • To upgrade, automatic upgrades are available from 3.0 to 3.1. Due to the #13426 bug, automatic upgrades from 3.0.1 are disabled. If you cannot do an automatic upgrade or if you fail to start after an automatic upgrade, please try to do a manual upgrade.

  • Download Tails 3.1.

What's coming up?

Tails 3.2 is scheduled for October 3.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Tags:
If Tails 3.0.1 is working fine for you, please ignore this message!

If you upgraded Tails 3.0 to 3.0.1 with an automatic upgrade you most likely are experiencing problems, one of the most serious being that Tor does not work which makes most Internet activity impossible.

If you are affected you can repair your Tails 3.0.1 by doing a manual upgrade to 3.0.1.

Sorry for the inconvenience!

Tags:

Releases

Tails 3.0 is the first version of Tails based on Debian 9 (Stretch). It brings a completely new startup and shutdown experience, a lot of polishing to the desktop, security improvements in depth, and major upgrades to a lot of the included software. We cannot list all the improvements it brings here (see the announcement), but let's still highlight a few major changes:

  • Tails Greeter, the application to configure Tails at startup, has been completely redesigned for ease of use.
  • The shutdown experience has also been redesigned in order to be more reliable and more discrete.
  • Tails 3.0 works on 64-bit computers only and not on 32-bit computers anymore.

Code

Thanks to multiprocess Firefox, we started working on sandboxing Tor Browser's content renderer processes more strictly with AppArmor. We now have a working draft and are waiting for our pull request to be merged upstream.

We started fixing regressions introduced in Tails 3.0, such as SSH_AUTH_SOCK occasionally not being set in GNOME Terminal and Tails Installer rejects working USB drives, pretending they're not removable. Our Help Desk and Foundation Team met and prioritized the remaining ones from a user-centric point of view.

Reproducible Builds

We are still working on making Tails ISO images build reproducibly. We've seen some images build in such a deterministic manner in March and even during a testing session. However, in some build environments it does not work reliably yet and some new issues have manifested themselves which need to be fixed until we can claim that our ISO images are really reproducible, such as Comment changes in POT files make ISO non reproducible. Besides, we need to draw a line wrt. what kind of build environment variations we want to support.

Furthermore, we are still working on documenting the new release process and verification options for our users (#12616, #12629, #12630).

User experience

  • We discussed strategies to porting our Download and Verify extension for Firefox to Web Extensions, a requirement for the upcoming Firefox 57 (November 14), as this will affect the design of our download instructions.

  • We finished the redesign of Tails Installer to get rid of the initial splash screen. (#8859)

  • We installed a prototype of Piwik, a free web analytics platform, to evaluate how well it would work against our privacy constraints and metrics needs.

  • We agreed on increasing the size of the system partition from 2.5 to 4 GiB minimum starting from Tails 3.2 (October 3) to allow for more automatic upgrades before a manual upgrade is needed. (#12705)

Infrastructure

Improving communication & transparency wrt. our core teams' priorities

We have set up some infrastructure bits so that all contributors have more visibility and power over our core teams's priorities.

HTTPS mirror pool

We've switched our mirror pool to mirrors serving files over HTTPS only (#12837). Our round-robin fallback DNS pool is still serving files over HTTP, and we are currently thinking about how to switch those to HTTPS too (#12833).

Reproducible builds

Remaining issues on our CI infrastructure include:

Sysadmin

We kept our systems up and running, which was not always easy since we've deployed our updated infrastructure for reproducible builds before upgrading our capacity accordingly, not mentioning a kernel regression caused by the initial Stack Clash fix that broke our CI.

We deployed some work done by groente, who is in the process of joining our sysadmin team.

tails-support mailing list

We closed the tails-support@boum.org mailing list.

Funding

Outreach

Past events

Upcoming events

  • Tails contributors will attend DebConf17, the annual conference for Debian contributors and users interested in improving Debian.

  • A Tails contributor proposed a talk about Tails for the BalCCon2k17 (Balkan Computer Congress).

Press and testimonials

The Tails 3.0 release was abundantly covered on the web.

Translation

All programs

  • ar: 47 translated messages, 9 fuzzy translations, 6 untranslated messages.
  • az: 47 translated messages, 9 fuzzy translations, 6 untranslated messages.
  • bg: 62 translated messages.
  • ca: 62 translated messages.
  • cs: 54 translated messages, 6 fuzzy translations, 2 untranslated messages.
  • cy: 44 translated messages, 11 fuzzy translations, 7 untranslated messages.
  • da: 62 translated messages.
  • de: 62 translated messages.
  • el: 62 translated messages.
  • en_GB: 62 translated messages.
  • es: 62 translated messages.
  • es_AR: 62 translated messages.
  • fa: 62 translated messages.
  • fi: 62 translated messages.
  • fr: 62 translated messages.
  • fr_CA: 62 translated messages.
  • he: 54 translated messages, 6 fuzzy translations, 2 untranslated messages.
  • hr_HR: 62 translated messages.
  • hu: 62 translated messages.
  • id: 62 translated messages.
  • is: 62 translated messages.
  • it: 62 translated messages.
  • ja: 62 translated messages.
  • km: 45 translated messages, 11 fuzzy translations, 6 untranslated messages.
  • ko: 62 translated messages.
  • lv: 62 translated messages.
  • nb: 62 translated messages.
  • nl: 62 translated messages.
  • nn: 62 translated messages.
  • pl: 62 translated messages.
  • pt: 62 translated messages.
  • pt_BR: 62 translated messages.
  • ro: 62 translated messages.
  • ru: 62 translated messages.
  • sk: 54 translated messages, 6 fuzzy translations, 2 untranslated messages.
  • sk_SK: 62 translated messages.
  • sl_SI: 47 translated messages, 9 fuzzy translations, 6 untranslated messages.
  • sq: 62 translated messages.
  • sr: 54 translated messages, 6 fuzzy translations, 2 untranslated messages.
  • sv: 62 translated messages.
  • tr: 62 translated messages.
  • uk: 62 translated messages.
  • vi: 62 translated messages.
  • zh: 0 translated messages, 62 untranslated messages.
  • zh_CN: 62 translated messages.
  • zh_HK: 62 translated messages.
  • zh_TW: 62 translated messages.

All the website

  • de: 57% (2863) strings translated, 6% strings fuzzy, 51% words translated
  • fa: 43% (2162) strings translated, 9% strings fuzzy, 46% words translated
  • fr: 89% (4428) strings translated, 1% strings fuzzy, 87% words translated
  • it: 31% (1547) strings translated, 4% strings fuzzy, 27% words translated
  • pt: 26% (1335) strings translated, 8% strings fuzzy, 23% words translated

Total original words: 52933

Core pages of the website

  • de: 78% (1492) strings translated, 10% strings fuzzy, 79% words translated
  • fa: 36% (690) strings translated, 9% strings fuzzy, 38% words translated
  • fr: 98% (1869) strings translated, 1% strings fuzzy, 98% words translated
  • it: 75% (1434) strings translated, 11% strings fuzzy, 76% words translated
  • pt: 46% (886) strings translated, 14% strings fuzzy, 48% words translated

Total original words: 17298

Metrics

  • Tails has been started more than 695 672 times this month. This makes 23 189 boots a day on average.
  • 15 508 downloads of the OpenPGP signature of the Tails ISO from our website.
  • 215 bug reports were received through WhisperBack.

This release fixes many security issues and users should upgrade as soon as possible.

Changes

Upgrades and changes

  • Upgrade tor to 0.3.0.9-1~d90.stretch+1. (#13253)
  • Upgrade Linux to 4.9.30-2+deb9u2.

Fixed problems

  • Fix interaction between SSH and GNOME Keyring. (#12481)
  • Have Tails Installer stop rejecting valid USB drives, pretending they're not "removable". (#12696)
  • Make behavior of the power button and lid close actions in the Greeter consistent with the regular GNOME session. (#13000)

For more details, read our changelog.

Known issues

None specific to this release.

See the list of long-standing issues.

Get Tails 3.0.1

What's coming up?

Tails 3.1 is scheduled for August 8.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Tags:

We are especially proud to present you Tails 3.0, the first version of Tails based on Debian 9 (Stretch). It brings a completely new startup and shutdown experience, a lot of polishing to the desktop, security improvements in depth, and major upgrades to a lot of the included software.

Debian 9 (Stretch) will be released on June 17. It is the first time that we are releasing a new version of Tails almost at the same time as the version of Debian it is based upon. This was an important objective for us as it is beneficial to both our users and users of Debian in general and strengthens our relationship with upstream:

  • Our users can benefit from the cool changes in Debian earlier.
  • We can detect and fix issues in the new version of Debian while it is still in development so that our work also benefits Debian earlier.

This release also fixes many security issues and users should upgrade as soon as possible.

Changes

New features

New startup and shutdown experience

  • Tails Greeter, the application to configure Tails at startup, has been completely redesigned for ease of use:

    • All options are available from a single window.
    • Language and region settings are displayed first to benefit our international audience.
    • Accessibility features can be enabled from the start.

    This has been a long process, started three years ago with the UX team of NUMA Paris and lead only by volunteers. Join us on tails-ux@boum.org to participate in future designs!

  • The shutdown experience has also been redesigned in order to be:

    • More reliable. It was crashing on various computers with unpredictable results.
    • More discrete. The screen is now totally black to look less suspicious.

    Technically speaking, it is now using the freed memory poisoning feature of the Linux kernel.

Polishing the desktop

  • We switched to the default black theme of GNOME which has a more modern and discrete look:

  • Tails 3.0 benefits from many other small improvements to the GNOME desktop:

    • Files has been redesigned to reduce clutter and make the interface easier to use. Several new features have been added, such as the ability to rename multiple files at the same time and the ability to extract compressed files without needing a separate application.

    • The notification area has been improved to allow easy access to previous notifications. Notification popups have also been repositioned to make them more noticeable.

    • Shortcut windows have been added to help you discover keyboard shortcuts in GNOME applications.

      For example, press Ctrl+F1 in Files to display its shortcut window.

Security improvements in depth

  • Tails 3.0 works on 64-bit computers only and not on 32-bit computers anymore. Dropping hardware support, even for a small portion of our user base, is always a hard decision to make but being 64-bit only has important security and reliability benefits. For example, to protect against some types of security exploits, support for the NX bit is compulsory and most binaries are hardened with PIE which allows ASLR.

    Check if your computer is 64-bit or 32-bit.

  1. Start any Tails version.

  2. To open a terminal choose Applications ▸ Utilities ▸ Terminal.

  3. Execute the following command to display system information:

        uname -m
    
    • If the output is x86_64, your computer is 64-bit and Tails 3.0 should work.

    • If the output is i686, your computer is 32-bit and Tails 3.0 will not work.

  • Update Tor Browser to 7.0.1 (based on Firefox 52 ESR) which is multiprocess and paves the way to content sandboxing. This should make it harder to exploit security vulnerabilities in the browser.

Major upgrades to included software

  • Most included software has been upgraded in Debian 9, for example:
    • KeePassX from 0.4.3 to 2.0.3
      Your password database will be migrated automatically to the new format of KeePassX 2.
    • LibreOffice from 4.3.3 to 5.2.6
    • Inkscape from 0.48.5 to 0.92.1
    • Audacity from 2.0.6 to 2.1.2
    • Enigmail from 1.8.2 to 1.9.6
    • MAT from 0.5.2 to 0.6.1
    • Dasher from 4.11 to 5.0
    • git from 2.1.4 to 2.11.0

Upgrades and changes

  • The Pidgin tray icon was removed from the top navigation bar and replaced by popup notifications.

  • Icedove was renamed as Thunderbird, its original name, inheriting this change from Debian.

  • The search box and the search feature of the address bar of the Unsafe Browser were removed. (#12540)

  • The read-only option of the persistent storage was removed. It was used by very few users, created confusion, and lead to unexpected issues. (#12093)

Fixed problems

  • The new X.Org display server in Tails 3.0 should work on more newer graphical hardware.

  • UEFI boot has been fixed on some machines (ThinkPad X220).

  • MAC spoofing has been fixed on some network interfaces (TP-Link WN725N). (#12362)

For more details, read our changelog.

Known issues

  • Tails Installer erroneously rejects some USB sticks. When this happens, a message that starts with "Skipping non-removable device" is displayed (#12696). To workaround this problem:

    1. Start the operating system you want to use Tails Installer on.
      If you want to use Tails Installer in Tails 3.0, set up an administration password.

    2. Choose Applications ▸ System Tools ▸ Root Terminal to open a terminal with administration rights.

    3. Execute the following command to fix the bug in Tails Installer:

      perl -pi -E 's,media_removable,removable,' /usr/lib/python2.7/dist-packages/tails_installer/creator.py

    4. Tails Installer should not expose this problem again… until you restart Tails, as these changes will be reverted upon restart.

  • Tails fails to start on some computers with Intel graphical hardware.

  • Some users have reported problems during the migration from Icedove to Thunderbird, in particular that Thunderbird doesn't start.

    If this happens to you, please send us a WhisperBack report without restarting Tails.

See the list of long-standing issues.

Get Tails 3.0

What's coming up?

Tails 3.1 is scheduled for August 8.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Tags:

We decided to close tails-support@boum.org, the public mailing list for user support which was created in 2013 after closing the forum that we had on this website.

The idea behind having a public space for user support was to:

  • Reduce the amount of work for our help desk behind tails-support-private@boum.org (which is encrypted and also receives WhisperBack reports).

    This is not really working as tails-support-private@boum.org still has 12 times more traffic than tails-support@boum.org.

  • Build a community of people doing user support outside of our team.

    This is not really working either as most of the threads are still answered by our help desk or other core contributors.

  • Build a public database to make it easy to consult or reuse previous answers.

    This is not really working either as the archive of the mailing list are hard to search and reuse and it's easier to point people to the documentation, known issues, or FAQ.

Having a public mailing list also makes it:

  • Complicated to make sure that both the list and the sender receive our answers.

  • Sensitive to ask for more technical information about the problem, such as logs, as they are harder for the person reporting the error to share with us and also raises privacy concerns.

  • Duplicate work between tails-support-private@boum.org and tails-support@boum.org as people often write to both.

The major downside of closing tails-support@boum.org is that it was a good place for developers to have some feedback on the recurrent problems faced by users. We want to solve this while working on a request tracker for our help desk.

See you on tails-support-private@boum.org!

Releases

Code

Tails 3.0

We have been focused on the last finishing touches before we deem Tails 3.0 ready for release. Things are looking good so far!

Reproducible builds

Here are some details about our work in April and May on making Tails reproducible. This effort is covered by the Mozilla Open Source Support award (MOSS) that we've received.

Current status

In March we reported that we had finally seen an ISO image build reproducibly on several machines. Since then we kept working on this front.

Our automatic upgrades are now reproducible, however, one remaining issue currently blocks us from claiming that our ISO images are too. We are confident that this issue will be solved within a few weeks.

Reproducible website build

In March we've made great progress to get our website build reproducibly. Later on, we realized that ikiwiki resized some images of our website which sometimes contained timestamped metadata, thus making the ISO image build unreproducibly. We have worked around this on our side (#12566), and will fix the root cause of the problem in ikiwiki upstream (#12625).

The blocker: fontconfig

The cloud which hides the blue skies and the sun in the reproducible builds solar system today, and which is our sole remaining problem to make our ISO image build reproducibly is this: we ship a cache for fonts in Tails. However, this cache is currently not generated in a reproducible manner. In March we tried moving its generation out of the ISO, however, it makes Tails start slower and resulted in too many unreliable test failures. Thus, we decided to move it back into the ISO image and to try and fix the root cause of the problem instead. We filed Debian bug #863427, but we already know that our patch is not yet enough to fix the problem, although it greatly reduces the number of differences from 75 to 5 (#12567); so we'll keep working on it.

ISO image and IUKs

Our automatic upgrades are now reproducible (#12630).

When we generate the ISO image using isohybrid, we pass it an ID. We tried setting this ID to $SOURCE_DATE_EPOCH which resulted in a reproducible, but non-hybrid, ISO. Thus, we decided to pass a fixed ID instead: #12453.

The bright future

Remaining technical issues are tracked on #12608.

We are working on documenting how to modify our release process to ensure the ISO images we publish are reproducible (#12628, #12629).

For those of our users who want to verify their own ISO builds against ours, we'll soon document how to do that (#12630).

Infrastructure

See the Infrastructure section for our work on the infrastructural aspects of this project.

Documentation and website

  • We have published the Tails Social contract.

  • We finished updating all our documentation to Tails 3.0, based on Debian Stretch.

  • We updated our documentation to a new layout of the Universal USB Installer for Windows and scaled its screenshots to fix an issue reported by huertanix.

  • We updated our documentation of the build system, as a result of the work on reproducible builds.

User experience

Infrastructure

  • We upgraded some more of our systems to Debian Stretch.

  • We have continued the efforts to optimize our systems' resources, by playing with different settings of the NUMA balancing (#11179).

  • We have adapted our CI infrastructure to be able to bring back the email notification mechanism for build and test failures, at least for branches which have tickets in a "Ready For QA" state in Redmine (#11355). This will be unleashed in June so that we'll be able to gather statistics about false positives in our CI notifications to developers.

  • Most of our efforts have been focused on upgrading our infrastructure to support reproducible builds, see below.

Reproducible builds

After a long discussion, we decided not to publish any Vagrant basebox at all: the key argument in favour of this major design change was to remove one huge binary blob from the list of trusted inputs needed for building a Tails ISO image. This will substantially increase the value of Tails ISO images building reproducibly. This decision has a few nice side effects, including:

  • the properties of the basebox required to build a given state of our code base are entirely encoded in the corresponding Git commit;
  • changes in the ISO build box definition don't require building and uploading a new basebox.

Then we made enough progress to migrate our Continuous Integration platform to the build system used by developers. This is now running in production, not exactly smoothly yet (as explained below), but well enough to keep supporting our development and quality assurance processes. For details, see #11972, #11979, #11980, #11981, #12017, and #11006.

Then we had to deal with a number of issues that we were not in a position to identify before submitting this brand new system to a real-world workload. Some are fixed already (#12530, #12578, #12565, #12541, #12529, #12575, #12606). Work is still in progress on some other problems: they are our Continuous Integration engineers' top priority, and should be fully resolved in the next couple of months.

Finally, we have set up automated tests for the reproducibility of our ISO image. Obviously, the results of these tests are publicly available.

Funding

Outreach

Past events

  • gagz and geb did a presentation and a workshop of Tails at the CPML yearly meeting.

On-going discussions

Translation

All the website

  • de: 59% (2977) strings translated, 5% strings fuzzy, 52% words translated
  • fa: 43% (2200) strings translated, 9% strings fuzzy, 47% words translated
  • fr: 87% (4357) strings translated, 1% strings fuzzy, 85% words translated
  • it: 31% (1585) strings translated, 4% strings fuzzy, 28% words translated
  • pt: 28% (1443) strings translated, 8% strings fuzzy, 25% words translated

Total original words: 52.798

Core pages of the website

  • de: 82% (1537) strings translated, 10% strings fuzzy, 82% words translated
  • fa: 37% (695) strings translated, 10% strings fuzzy, 39% words translated
  • fr: 98% (1843) strings translated, 1% strings fuzzy, 98% words translated
  • it: 78% (1473) strings translated, 11% strings fuzzy, 78% words translated
  • pt: 48% (910) strings translated, 13% strings fuzzy, 49% words translated

Total original words: 17.079

Metrics

  • Tails has been started more than 694.165 times this month. This makes 22.392 boots a day on average.
  • 13.181 downloads of the OpenPGP signature of Tails ISO from our website.
  • 110 bug reports were received through WhisperBack.