Tails Summit, 2018

Once a year a dozen or two Tails contributors meet in person to shape the project and define our priorities. This year, we met in August and enjoyed one week of discussions, skill sharing and hands-on work sessions. A great number of uninvited mosquitoes joined us as well but we managed to find efficient mitigation measures :)

Read the full report!

Releases

Code

Documentation and website

We documented how to:

User experience

  • We presented a first version of our personas to the community and agreed on focusing on Riou, The Censorship Evader, as our primary persona.

  • We completed the collaboration with Simply Secure on the Tails identity (aka. "brand") and making it easier to understand what is Tails and how it works. This work lays the foundation to:

    We will report on this in more details later.

  • We improved the readability of our HTML tables. See for example graphics.

Hot topics on our help desk

Like in previous months, most users writing to Help Desk are having issues with hardware support.

  1. Several users reported hard or soft lockups with recent Dell XPS and other laptops with recent NVIDIA graphics cards. We're still waiting for more test results before we can document a workaround. (#15774)

  2. Some problems were also reported with some Intel graphics cards on Tails 3.9~rc1. This was fixed in Tails 3.9. (#15821)

  3. Many users still lose temporarily their persistence configuration. To fix this, see the documented workaround.

Funding

  • DeepOnion partnered with Tails and donated 0.154 btc.

  • Handshake Foundation partnered with Tails and donated $200 000.

Outreach

Upcoming events

  • intrigeri and sajolida will be at Tor meeting in Mexico City from September 29 to October 3 and will present Tails during the open days on October 2.

  • sajolida will discuss Tails, user experience, and free software at the Coloquio de Privacidad y Anonimato of UNAM in Mexico City on October 4–5.

Translation

All the website

  • de: 55% (3192) strings translated, 6% strings fuzzy, 48% words translated
  • es: 57% (3331) strings translated, 1% strings fuzzy, 47% words translated
  • fa: 36% (2094) strings translated, 9% strings fuzzy, 38% words translated
  • fr: 91% (5296) strings translated, 1% strings fuzzy, 89% words translated
  • it: 32% (1874) strings translated, 6% strings fuzzy, 28% words translated
  • pt: 27% (1614) strings translated, 7% strings fuzzy, 24% words translated

Total original words: 61403

Core pages of the website

  • de: 81% (1562) strings translated, 9% strings fuzzy, 81% words translated
  • es: 96% (1850) strings translated, 1% strings fuzzy, 93% words translated
  • fa: 33% (639) strings translated, 11% strings fuzzy, 33% words translated
  • fr: 98% (1894) strings translated, 0% strings fuzzy, 98% words translated
  • it: 67% (1291) strings translated, 15% strings fuzzy, 66% words translated
  • pt: 45% (877) strings translated, 12% strings fuzzy, 49% words translated

Total original words: 17456

Metrics

  • Tails has been started more than 669 403 times this month. This makes 22 313 boots a day on average.
  • 6819 downloads of the OpenPGP signature of Tails ISO from our website.
  • 74 bug reports were received through WhisperBack.

How do we know this?

Posted 2018-09-11

Tails 3.9 is the biggest update of Tails this year!

It includes two new features on which we have been working for more than a year:

  • Additional Software
  • VeraCrypt integration

This release also fixes many security issues and users should upgrade as soon as possible.

Changes

New features

Additional Software

You can now install additional software automatically when starting Tails.

When installing an additional Debian package from Tails, you can decide to install it automatically every time:

Add vlc to your additional software? 'Install Only Once' or 'Install Every Time'

To check your list of additional software packages, choose Applications ▸ System Tool ▸ Additional Software.

The packages included in Tails are carefully tested for security. Installing additional packages might break the security built in Tails, so be careful with what you install.

Read our documentation on installing additional software.

VeraCrypt integration

To unlock VeraCrypt volume in Tails, choose Applications ▸ System Tool ▸ Unlock VeraCrypt Volumes.

The integration of VeraCrypt in the Files and Disks utilities was done upstream in GNOME and will be available outside of Tails in Debian 10 (Buster) and Ubuntu 18.10 (Cosmic Cuttlefish).

Read our documentation on using VeraCrypt volumes.

News reading in Thunderbird

Thunderbird is now the official RSS and Atom news feed reader in Tails.

Liferea will be removed from Tails in version 3.12, early 2019.

Upgrades and changes

  • Improve the configuration of the persistent storage to make it easier to scroll and consistent with the GNOME guidelines.

Included software

  • Update Tor Browser to 8.0, based on Firefox 60 ESR.

  • Update Thunderbird from 52 to 60.

  • Update Tor to 0.3.4.7-rc.

  • Update Electrum to from 3.0.6 to 3.1.3.

Hardware support

The following updates make Tails work better on recent hardware (graphics, Wi-Fi, etc.):

  • Update Linux to 4.17 which also fixes the Foreshadow attack.

  • Update the DRM and Mesa libraries to improve support for some graphics cards.

  • Update the Intel and AMD microcodes and most firmware packages.

Fixed problems

  • Stop displaying the Enigmail setup wizard every time Tails is restarted. (#15693 and #15746)

  • Show a spinner while starting Tor Browser, Tails documentation, and WhisperBack. (#15101)

  • Use Tor Browser again for browsing the documentation offline. (#15720)

  • Show Synaptic and Root Terminal even when no administration password is set. (#11013)

  • Tails Installer

    • Link to upgrade documentation when upgrading. (#7904)
    • Hide the Reinstall option when the USB stick is too small. (#14810)
    • Correct the size of the USB stick in the confirmation dialog when reinstalling. (#15590)

For more details, read our changelog.

Known issues

  • Starting Tails 3.9 from DVD is twice slower than earlier releases. (#15915)

See the list of long-standing issues.

Get Tails 3.9

What's coming up?

Tails 3.10 is scheduled for October 23.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Posted 2018-09-04 Tags:

You can help Tails! The first release candidate for the upcoming version 3.9 is out. We are very excited and cannot wait to hear what you think about it :)

Changes

Upgrades and changes

  • Integrate the Additional Software Packages feature into the desktop and revamp the interface of "Configure Persistent Volume".

  • Support unlocking TrueCrypt and VeraCrypt encrypted volumes on the desktop.

  • Upgrade Tor Browser to 8.0a9, based on Firefox 60 ESR.

  • Upgrade Thunderbird to 60.0b10.

  • Improve hardware support: upgrade some graphics drivers, firmware, and upgrade Linux to 4.17.

  • Upgrade tor to 0.3.4.6-rc.

  • Due to security concerns the Liferea feed reader will be removed from Tails by the end of 2018. Please migrate your feeds to Thunderbird.

Fixed problems

  • Don't display the Enigmail configuration wizard in every Tails session.

  • Many problems fixed in Tails Installer and elsewhere. For more details, read our changelog.

Known issues

Tor Browser always prompts whether it should ask webpages in English This will be fixed in Tails 3.9 (#15706).

The first time Tor Browser is started in a given Tails session, the NoScript icon is not displayed (bug #23359 on Tor Project's Trac). If you need this icon, restart Tor Browser.

This version may be slower than usual to start from DVD.

See the list of long-standing issues.

How to test Tails 3.9~rc1?

Keep in mind that this is a test image. We tested that it is not broken in obvious ways, but it might still contain undiscovered issues.

But test wildly!

If you find anything that is not working as it should, please report to us on tails-testers@boum.org.

Bonus points if you first check if it is a known issue of this release or a longstanding known issue.

Upgrade from 3.8

  1. Start Tails 3.8 on a USB stick installed using Tails Installer and set an administration password.

  2. Run this command in a Terminal to select the "alpha" upgrade channel and start the upgrade:

    echo TAILS_CHANNEL=\"alpha\" | sudo tee -a /etc/os-release && \
         tails-upgrade-frontend-wrapper
    

    and enter the administration password when asked for the "password for amnesia".

  3. After the upgrade is installed, restart Tails and choose Applications ▸ Tails ▸ About Tails to verify that you are running Tails 3.9~rc1.

Download and install

You can install 3.9~rc1 by following our usual installation instructions, skipping the Download and verify step.

Tails 3.9~rc1 ISO image OpenPGP signature
Tails 3.9~rc1 torrent

What's coming up?

Tails 3.9 is scheduled for September 5.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Posted 2018-08-17 Tags:

Releases

  • Tails 3.9 is scheduled for September 5. Its release candidate is scheduled for August 17.

Code

We did most of the work needed to upgrade to Tor Browser 8, based on Firefox 60ESR.

We continued to work on including VeraCrypt in Tails.

We continued our work on creating a user interface for our Additional Software feature to make it easier to use.

We worked on new Debian packages for Torbirdy, Tails Installer and OnionShare.

We prepared a fix for a long standing bug in ikiwiki that makes our website render in a buggy way regularly.

We worked more on integrating our future web translation platform with our infrastructure. This platform is currently not production ready but is being tested and used by a few translators.

  • We wrote Git hooks for all machines and contributors using Git.

  • We wrote and improved several scripts that check the validity of PO files that we carry. We need these scripts to further automate our translation processes, hence all translators, humans and interfaces need to respect certain rules when committing PO files to our repository. This is currently not active and still needs to be tested more extensively.

  • We are working on ikiwiki, our website engine, to support adding translation files for non-active languages.

Documentation and website

We updated our installation instructions for Debian to:

  • Linux Mint 19

  • Tails Installer with no splash screen

User experience

We designed interfaces to:

  • Persist the screen locking password (#15641).

  • Attach screenshots to WhisperBack reports (#8660).

Hot topics on our help desk

  1. Users complained about GDM not starting (most of them with Intel GPU #15700).
  2. Some others were unable to use Wi-Fi (non supported USB adapters and #15520).

  3. Enigmail setup wizard #15693 generated some requests.

  4. And still a few lost persistence reports. Remember: we need the debugging info from a session in which the persistence seems to be lost, to be able to fix this. More information here.

Infrastructure

We asked Wikimedia to become our primary fallback download mirror, and they accepted. We'll implement this change in the coming months. Thank you Wikimedia!

We've updated our web translation platform to a recent version. The process went smoothly.

We started looking into the long-term viability of Dogtail, one of the key components of our automated testing framework.

Funding

  • We analyzed the results from last year's donation campaign.

    We got more money than in 2016 (101 664€, +34%) but from less donations (-43%).

Outreach

Past events

  • sajolida attended PETS.

  • Four of us attended DebConf in Hsinchu, Taiwan.

  • emmapeel attended a dev sprint with Tactical Tech about investigative journalist tools for Tails in Montenegro.

Upcoming events

  • sajolida will be at Tor meeting in Mexico City from September 29 to October 3 and will present Tails during the open days on October 2.

Translation

All the website

  • de: 53% (3093) strings translated, 6% strings fuzzy, 47% words translated
  • es: 57% (3337) strings translated, 1% strings fuzzy, 48% words translated
  • fa: 36% (2096) strings translated, 9% strings fuzzy, 38% words translated
  • fr: 89% (5184) strings translated, 1% strings fuzzy, 88% words translated
  • it: 32% (1877) strings translated, 6% strings fuzzy, 28% words translated
  • pt: 28% (1617) strings translated, 7% strings fuzzy, 24% words translated

Total original words: 61156

Core pages of the website

  • de: 79% (1527) strings translated, 11% strings fuzzy, 78% words translated
  • es: 96% (1855) strings translated, 1% strings fuzzy, 94% words translated
  • fa: 33% (640) strings translated, 11% strings fuzzy, 33% words translated
  • fr: 98% (1893) strings translated, 0% strings fuzzy, 98% words translated
  • it: 67% (1294) strings translated, 15% strings fuzzy, 66% words translated
  • pt: 45% (879) strings translated, 12% strings fuzzy, 49% words translated

Metrics

  • Tails has been started more than 675150 times this month. This makes 21779 boots a day on average.
  • 7372 downloads of the OpenPGP signature of Tails ISO from our website.
  • 57 bug reports were received through WhisperBack.

How do we know this?

Posted 2018-08-16

You can help Tails! The beta version for the VeraCrypt support in Tails is ready for testing. We are very excited.

What's new in the Beta?

We worked to integrate VeraCrypt support into the existing GNOME workflow for unlocking encrypted volumes. As a result, most of the features already provided for LUKS volumes are now also provided for VeraCrypt volumes. This includes unlocking volumes via the GNOME Disks application and integration into the places sidebar in GNOME Files. If your file containers have the ".hc" file extension, they will be recognized as VeraCrypt volumes and can be easily unlocked in GNOME Files.

Additionally, we created a small application, VeraCrypt Mounter, which makes it easier to unlock VeraCrypt volumes, especially file containers that do not have the ".hc" extension.

How to test the Beta?

Download and install the ISO image on a USB stick or DVD, start it and try to unlock your existing VeraCrypt volumes.

We are interested in your feedback on bugs and usability of this feature.

  • Are there any steps that are not clear?
  • Did you run into technical issues?

Please send feedback emails to tails-testers@boum.org.

Get the Beta

VeraCrypt support in Tails beta ISO image

There is no signature available for this test ISO image.

Known issues

We've identified a list of known issues #14480 among which

  • Trying to unlock via the places sidebar using an incorrect password or keyfile results in a not very helpful error message #15663
  • Unlocking via the places sidebar doesn't provide any feedback #15664
  • No integration in the places sidebar of the file chooser dialog of some applications (including Tor Browser) #15667

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Posted 2018-07-13 Tags:

Releases

The following changes were introduced in Tails 3.7.1:

  • Upgrade Tor Browser to 7.5.5.

    This fixes a critical issue in Firefox announced on June 6.

  • Upgrade Thunderbird to 52.8.0.

    This partly mitigates the infamous EFAIL attack and fixes importing OpenPGP keys from keyservers with Enigmail.

  • Fix setting a screen locker password with non-ASCII characters. (#15636)

  • Rename the WhisperBack launcher to "WhisperBack Error Reporting" so that users have a better chance to understand what it does. (#6432)

The following changes were introduced in Tails 3.8:

  • Upgrade Enigmail from 1.9.9 to 2.0.7 which fixes some of the EFAIL attacks on OpenPGP.

  • Fix importing OpenPGP keys from email attachments. (#15610)

  • Fix the translations of the homepage of the Unsafe Browser. (#15461)

Code

  • We have worked on improving support for recent graphics cards and in particular those produced by NVIDIA. We've sent a call for testing and updated it. If the feedback is good, we will probably include these changes in Tails 3.9.

  • We have kept working on fixing the EFAIL attacks against encrypted email (#15602). Tails 3.8 fixed most of them and Tails 3.9 should fix the remaining ones.

  • We have worked on detecting earlier changes that would break automatic upgrades (#15419)… and already identified one we need to fix in time for Tails 3.9 (#15695).

  • Chris Lamb prepared a fix for the most infamous rendering issue (raw PO content being inserted in some page) that affects our website (#6907).

User experience

Hot topics on our help desk

  1. Surface Pro users reported having trouble with wireless (#15520).

  2. We still receive emails from several users displayed with the message pointing to https://tails.boum.org/gdm.

Outreach

Upcoming events

  • BitingBird, intrigeri, nodens, and u will be at DebConf18 in Hsinchu, Taiwan from July 29 to August 5.

On-going discussions

Translation

All the website

  • fr: 89% (5169) strings translated, 1% strings fuzzy, 88% words translated
  • es: 58% (3356) strings translated, 1% strings fuzzy, 48% words translated
  • de: 53% (3099) strings translated, 6% strings fuzzy, 47% words translated
  • fa: 36% (2096) strings translated, 9% strings fuzzy, 38% words translated
  • it: 32% (1881) strings translated, 6% strings fuzzy, 28% words translated
  • pt: 28% (1618) strings translated, 7% strings fuzzy, 24% words translated

Total original words: 60692

Core pages of the website

  • fr: 98% (1900) strings translated, 0% strings fuzzy, 99% words translated
  • es: 96% (1862) strings translated, 0% strings fuzzy, 94% words translated
  • de: 79% (1528) strings translated, 11% strings fuzzy, 79% words translated
  • it: 67% (1295) strings translated, 15% strings fuzzy, 66% words translated
  • pt: 45% (879) strings translated, 12% strings fuzzy, 49% words translated
  • fa: 33% (640) strings translated, 11% strings fuzzy, 33% words translated

Total original words: 17447

Metrics

  • Tails has been started more than 666 921 times this month. This makes 22 231 boots a day on average.
  • 8 830 downloads of the OpenPGP signature of Tails ISO from our website.
  • 65 bug reports were received through WhisperBack.

How do we know this?

Posted 2018-07-09

On June 20th 2018, German police searched the homes of board members of our former fiscal sponsor Zwiebelfreunde in a coordinated raid. Zwiebelfreunde (Friends of onions in German) is a non-profit organization that supports privacy and anonymity projects and operates several Tor exit nodes.

They are not accused of a crime but considered to be witnesses in a case: the operators of an anonymous website calling for protest against the far-right AfD (Alternative for Germany) party convention used an email address at Riseup, a privacy-friendly email provider to which Zwiebelfreunde facilitates donations.

During the search, computers, storage media, personal items, bank account records, and paper receipts have been confiscated. This unfortunately means that if you have donated to Tails before October 18th 2017 using our European bank account, your data is now in the hands of the German police (IBAN account number, name of account holder, amount, and date). If you donated after this date, you donated to our new fiscal sponsor CCT and not to Zwiebelfreunde.

According to Moritz Bartl, one of the board members, "there's a long history of police using that kind of data to investigate social structures; who's working where, who's involved in which projects, so we have to assume that they are looking into the social networks of people" (Source).

The raid has been strongly criticized by German media and digital rights activists as being disproportionate.

Please join us in supporting our friends at Zwiebelfreunde. We are very grateful for the support they have provided to Tails.

Read more about the case and find links to international press coverage on Zwiebelfreunde's blog.

Posted 2018-07-05 Tags:

This release fixes many security issues and users should upgrade as soon as possible.

Changes

Upgrades and changes

  • Upgrade Enigmail from 1.9.9 to 2.0.7 which fixes some of the EFAIL attacks on OpenPGP.

Fixed problems

  • Fix importing OpenPGP keys from email attachments. (#15610)

  • Fix the translations of the homepage of the Unsafe Browser. (#15461)

For more details, read our changelog.

Known issues

After upgrading to Tails 3.8, you have to go through the Enigmail Setup Wizard again every time you restart Tails.

Your OpenPGP keys and your per-recipient rules are preserved.

To avoid going through the Enigmail Setup Wizard, you can execute the following command in a terminal before starting Thunderbird:

echo 'pref("extensions.enigmail.configuredVersion", "2.0.7");' >> ~/.thunderbird/profile.default/preferences/0000tails.js

This bug will be fixed in the next version of Tails. (#15693)

See the list of long-standing issues.

Get Tails 3.8

What's coming up?

Tails 3.9 is scheduled for September 5.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Posted 2018-06-26 Tags:

Releases

Code

Documentation and website

User experience

  • We did some moderated user testing of the Additional Software beta.

  • We wrote a scope of work together with Simply Secure to work on explaining what it Tails and got it approved by the OTF usability lab. (#9814) It covers:

    • Defining brand attributes for Tails
    • Writing a new tagline
    • Structuring an explanation of the main properties of Tails
    • Ideating on visuals to support the explanation of Tails
    • Reviewing our current introductory pages and proposing more approachable copy samples and tone guidelines
  • We started reviewing collectively the persona skeletons that were defined last August. We started with Kim, the surveilled at home.

  • We documented some resources that we use for user testing.

Hot topics on our help desk

Help desk has seen the same issues than last month:

  1. Users are still affected by a loss of persistence.conf

  2. We received also several reports about keyboard and mouse not working after upgrading

  3. A few users reported the disappearance of a part of their keyring

  4. And some users had trouble with obfs4 bridges

Infrastructure

  • We continued working on the integration of the translation platform with our infrastructure #10034.

  • With the help of our mirror operators we've started to remove rsync.torproject.org from the mirrors synchronization chain #15162.

  • We started working on hosting our website ourselves (#14588): we've identified potential issues, evaluated corresponding solutions, designed a migration plan and started working on it.

  • We made progress on having our automated test suite run on current Debian testing/sid but hit a new, major and concerning blocking issue regarding the state of SikuliX in Debian (#15460, Debian bug #897215, Debian bug #897333). We could definitely use help from Debian package maintainers; bonus points if you know anything about packaging Java code!

Funding

Outreach

Past events

Translation

All the website

  • de: 54% (3097) strings translated, 6% strings fuzzy, 47% words translated
  • es: 59% (3370) strings translated, 1% strings fuzzy, 49% words translated
  • fa: 36% (2096) strings translated, 9% strings fuzzy, 38% words translated
  • fr: 90% (5181) strings translated, 1% strings fuzzy, 89% words translated
  • it: 32% (1879) strings translated, 6% strings fuzzy, 28% words translated
  • pt: 28% (1625) strings translated, 7% strings fuzzy, 24% words translated

Total original words: 60238

Core pages of the website

  • de: 79% (1530) strings translated, 11% strings fuzzy, 78% words translated
  • es: 97% (1872) strings translated, 0% strings fuzzy, 94% words translated
  • fa: 33% (641) strings translated, 11% strings fuzzy, 33% words translated
  • fr: 99% (1910) strings translated, 0% strings fuzzy, 99% words translated
  • it: 67% (1297) strings translated, 15% strings fuzzy, 66% words translated
  • pt: 45% (882) strings translated, 12% strings fuzzy, 49% words translated

Total original words: 17498

Metrics

  • Tails has been started more than 677 422 times this month. This makes 21852 boots a day on average.
  • 8 650 downloads of the OpenPGP signature of Tails ISO from our website.
  • 77 bug reports were received through WhisperBack.

How do we know this?

Posted 2018-06-17

This release fixes many security issues and users should upgrade as soon as possible.

Changes

Upgrades and changes

  • Upgrade Tor Browser to 7.5.5.

    This fixes a critical issue in Firefox announced on June 6.

  • Upgrade Thunderbird to 52.8.0.

    This partly mitigates the infamous EFAIL attack and fixes importing OpenPGP keys from keyservers with Enigmail.

Fixed problems

  • Fix setting a screen locker password with non-ASCII characters. (#15636)

  • Rename the WhisperBack launcher to "WhisperBack Error Reporting" so that users have a better chance to understand what it does. (#6432)

For more details, read our changelog.

Known issues

None specific to this release.

See the list of long-standing issues.

Get Tails 3.7.1

What's coming up?

Tails 3.8 is scheduled for June 26.

Have a look at our roadmap to see where we are heading to.

We need your help and there are many ways to contribute to Tails (donating is only one of them). Come talk to us!

Posted 2018-06-10 Tags: