[tor-reports] Tails report for December 2013
tails at boum.org
Fri Jan 10 14:08:18 UTC 2014
Tails 0.22 was released on December 11.
Tails 0.22.1 is scheduled for January 21. The schedule for the next
releases is on our calendar.
- Tails has been started more than 218 512 times in December.
This make 7 049 boots a day in average.
- 17 791 downloads of the OpenPGP signature of Tails ISO.
- 103 reports were received through WhisperBack.
- Huge progress was made on the MAC spoofing feature, that can now be
- Experimental UEFI support was completed and is been tested. A bit
more work is needed, though.
- The last mile was basically completed regarding incremental upgrades,
that will be enabled by default starting with Tails 0.22.1.
Work in progress:
- David Wolinsky has started porting
the WiNoN design to Tails: multiple, independent VMs connected to
independent paths through the Tor network in order to wear multiple
hats. Also, as David put it: "There are other benefits of using VMs
as the Whonix folks have recognized".
- We have struggled against a memory wipe
regression on some hardware with recent Linux kernels. No success
- Some progress was made towards the migration to Wheezy (Tails 1.1).
- Early support for Monkeysign was merged, but more work
Bug and regression fixes:
- Disable WebRTC.
- Fix keyboard shortcuts.
- Use the same User-Agent in htpdate as in the Tor Browser.
- Fix the Unsafe Browser configuration.
- Set the browser icon to IE's one in Windows camouflage mode.
Branches pending review:
- Install a 64-bit kernel.
- Install poedit from official backports was proposed.
- Do not create auto-login text consoles.
- Tor 0.2.4 is now stable!
- The Persistent Volume Assistant now displays nicer paths.
Thanks to Andres Gomez!
- Torbutton was upgraded to 22.214.171.124.
- Our Tor Browser build and runtime dependencies were updated.
- We have fixed various NSS security issues in squeeze-backports.
Documentation and website
- A branch to clean up our ikiwiki configuration was started.
- The Mac installation instructions were made a bit safer.
- The links to files and branches in cgit were fixed.
- The tails-support mailing-list is now mentioned on Help other
- The documentation for incremental upgrades was written.
- The documentation for MAC spoofing was drafted.
- The draft FAQ has now more content.
- The Tails automated test suite can now be run on pure Debian Wheezy
This allowed us to update the test suite to match current code,
fix many bugs in it, and improve style a bit. Most of this was
merged, but a few more branches are pending review:
- Our automated test suite was partially ported to the
- Thanks to David Wolinsky and others, our Vagrant setup
was updated to work with newer Vagrant, and
the corresponding basebox updated to include up-to-date Debian
archive keys. While we were at it, a few lurking bugs were fixed.
- Thanks to WinterFairy, it is now easy to import translations from
Transifex into our various Git repositories.
- Tor Browser branding in Tails?
- Risks of enabled/disabled TCP timestamps?
- The Freedom of the Press Foundation launched a campaign to support
encryption tools for journalists. Tails is among
the projects this campaign gathers fund for.
- The proposal we have sent to sponsor Echo was accepted.
- Our grant proposal with sponsor Charlie was rejected.
- We are slowly making progress on our grant proposal with
- We have almost completed a proposal to be sent to sponsor Lima.
- Our contract with sponsor Bravo is now finished.
- Tails will soon accept donations in currencies other than Bitcoin.
- We are now very likely to create a non-profit organization dedicated
- We have almost wrapped-up our bounties program. A report will be
Tails participated in the 30th Chaos Communication Congress. It was
a great opportunity to meet, in person, a few existing and new
contributors, as well as many people we are working with.
A self-organized event called *Tails needs your help* was organized.
It was a success considering the late notice.
See you next year, probably with more space and events dedicated
Press and testimonials
* 2013-12: Bruce Schneier answered to someone asking him what Linux
distribution is its favorite: "I don't use Linux. (Shhh. Don't tell
anyone.) Although I have started using Tails".
* 2013-12-12: In A conversation with Bruce Schneier,
as part of the "Snowden, the NSA and free software" cycle at
Columbia Law School NYC, Bruce Schneier says:
- "I think most of the public domain privacy tools are going to be
safe, yes. I think GPG is going to be safe. I think OTR is going
to be safe. I think that Tails is going to be safe. I do think
that these systems, because they were not -- you know, the NSA has
a big lever when a tool is written closed-source by a for-profit
corporation. There are levers they have that they don't have in
the open source international, altruistic community. And these are
generally written by crypto-paranoids, they're pretty well
designed. We make mistakes, but we find them and we correct them,
and we're getting good at that. I think that if the NSA is going
after these tools, they're going after implementations."
- "What do I trust? I trust, I trust Tails, I trust GPG [...]"
- "We can make it harder, we can make it more expensive, we can make
it more risky. And yes, every time we do something to increase one
of those, we're making ourselves safer. [...] There are tools we
are deploying in countries all over the world, that are keeping
people alive. Tor is one of them. I mean, Tor saves lives. [...]
And every time you use Tor [...] provides cover for everyone else
who uses Tor [...]"
* Jacob Appelbaum stated at the Chaos Communication
"if you are a journalist and you are not using Tails, you should
probably be using Tails, unless you *really* know what
More information about the tor-reports