You can help Tails! The first release candidate for the upcoming version 2.12 is out. Please test it and report any issue. We are particularly interested in feedback relating to whether Tor's startup works better or worse.

How to test Tails 2.12~rc1?

Keep in mind that this is a test image. We tested that it is not broken in obvious ways, but it might still contain undiscovered issues.

But test wildly!

If you find anything that is not working as it should, please report to us! Bonus points if you first check if it is a known issue of this release or a longstanding known issue.

Download and install

Tails 2.12~rc1 ISO image ?OpenPGP signature

To install 2.12~rc1, follow our usual installation instructions, skipping the Download and verify step.

Upgrade from 2.10 or 2.11

  1. Start Tails 2.10 or 2.11 on a USB stick installed using Tails Installer and set an administration password.

  2. Run this command in a Root Terminal to select the "alpha" upgrade channel and start the upgrade:

    echo TAILS_CHANNEL=\"alpha\" >> /etc/os-release && \
         tails-upgrade-frontend-wrapper
    
  3. After the upgrade is installed, restart Tails and choose Applications ▸ Tails ▸ About Tails to verify that you are running Tails 2.12~rc1.

What's new since 2.11?

Changes since Tails 2.11 are:

  • Major changes

    • Completely remove I2P. :( We have decided to remove I2P (see #11276) due to our failure of finding someone interested in maintaining it in Tails (Closes: #12263).
    • Upgrade the Linux kernel to 4.9.0-0.bpo.2 (Closes: #12122).
  • Security fixes

    • Mount a dedicated filesystem on /var/tmp, to mitigate the hardlinks permissions open by the user-tmp abstraction. See https://labs.riseup.net/code/issues/9949#note-23 for details (Closes: #12125).
    • Protect against CVE-2017-2636 by disabling the n-hdlc kernel module (Closes: #12315).
    • Ensure /etc/resolv.conf is owned by root:root in the SquashFS. lb_chroot_resolv will "cp -a" it from the source tree, so it inherits its ownership from the whoever cloned the Git repository. This has two problems. First, this results in unsafe permissions on this file (e.g. a Vagrant build results in the 'amnesia' user having write access to it).
  • Minor improvements

    • Don't add the live user to the "audio" group. This should not be needed on a modern Linux desktop system anymore (Closes: #12209).
    • Install virtualbox-* 5.1.14-dfsg-3~bpo8+1 from our custom APT repository (Closes: #12307).
    • Install virtualbox-guest-* from sid. The version currently in jessie-backports is not compatible with Linux 4.9, and there's basically no chance that it gets updated (the maintainer asked for them to be removed from jessie-backports) (Closes: #12298).
    • Pull ttdnsd from our custom APT repository. It's gone from the TorProject one. We removed ttdnsd on feature/stretch already, so we'll need to pull it from our custom APT repository only for the next 3 months.
    • Clean up libdvd-pkg build files, again. This cleanup operation was mistakenly removed in commit c4e8744 (Closes: #11273).
    • Install gnome-sound-recorder (Closes #10950). Thanks to Austin English austinenglish@gmail.com for the patch!
    • Stop restarting tor if bootstrapping stalls. It seems tor might have fixed the issues we used (see: #10238, #9516) to experience with the bootstrap process stalling and requiring a restart to kickstart it (Closes: #12411).
    • tor.sh: communicate via the UNIX socket instead of TCP port. This makes the library usable when run inside systemd units that have PrivateNetwork=yes set.
    • Get tor's bootstrap progress via GETINFO instead of log grep:ing.
  • Bugfixes

    • mirror-pool-dispatcher: bump maximum expected mirrors.json size to 32 KiB. This fixes an error where Tails Upgrader would complain with "cannot choose a download server" (Closes: #11735).

For more details, see also our changelog.

Known issues in 2.12~rc1

  • In Tails Greeter, selecting the This computer's Internet connection is censored, filtered, or proxied is broken. Using it will start Tor Launcher but it will fail to connect to tor, so it's unusable, and tor itself will not be able to bootstrap. If you need this option, skip this release candidate; this issue will be fixed in the final 2.12 release.

  • Longstanding known issues