Tails (operating system)

Last updated

Tails
Tails-logo-flat-inverted.svg
Tails screneshot.png
Tails 6.1 Desktop, with Tor Browser open.
Developer The Tails Project
OS family Linux (Unix-like)
Working stateActive
Source model Open source
Initial releaseJune 23, 2009;14 years ago (2009-06-23)
Latest release 6.1 [1]   OOjs UI icon edit-ltr-progressive.svg / 27 March 2024;15 days ago (27 March 2024)
Repository gitlab.tails.boum.org/tails/tails
Marketing target Personal computers
Available in 33 languages
Update methodTails Upgrader [2]
Package manager APT (front-end), dpkg
Platforms x86-64 [3]
Kernel type Monolithic
Userland GNU
Default
user interface 		GNOME 3
License GNU GPLv3 [4]
Preceded by Incognito
Official website tails.net

Tails, or "The Amnesic Incognito Live System", is a security-focused Debian-based Linux distribution aimed at preserving Internet privacy and anonymity. [5] It connects to the Internet exclusively through the anonymity network Tor. [6] The system is designed to be booted as a live DVD or live USB and never writes to the hard drive or SSD, leaving no digital footprint on the machine unless explicitly told to do so. It can also be run as a virtual machine, with some additional security risks. [7]

Contents

The Tor Project provided financial support for Tails' development in the beginnings of the project, [8] and continues to do so alongside numerous corporate and anonymous sponsors.

History

Tails was first released on June 23, 2009. It is the next iteration of development on Incognito, a discontinued Gentoo-based Linux distribution. [9] The original project was called Amnesia. The operating system was born when Amnesia was merged with Incognito. [10] The Tor Project provided financial support for its development in the beginnings of the project. [8] Tails also received funding from the Open Technology Fund, Mozilla, and the Freedom of the Press Foundation. [11]

Laura Poitras, Glenn Greenwald, Bruce Schneier and Barton Gellman have each said that Tails was an important tool they used in their work with National Security Agency whistleblower Edward Snowden. [10] [12] [13] [14]

From release 3.0, in 2017, Tails requires a 64-bit processor to run. [15]

Features

Tails's pre-installed desktop environment is GNOME 3. The system includes essential software for functions such as reading and editing documents, image editing, video watching and printing. Other software from Debian can be installed at the user's behest. [16] [17] Despite being open-source, Tails contains non-free firmware blobs. [18]

Tails includes a unique variety of software that handles the encryption of files and internet transmissions, cryptographic signing and hashing, and other functions important to security. It is pre-configured to use Tor with multiple connection options. It tries to force all connections to use Tor and blocks connection attempts outside Tor. For networking, it features a modified version of Tor Browser with the inclusion of uBlock Origin, [19] instant messaging, email, file transmission and monitoring local network connections for security. [17]

By design, Tails is "amnesic". It runs in the computer's random access memory (RAM) and does not write to a hard drive or other storage medium. The user may choose to keep files, applications or some settings on their Tails drive in "Persistent Storage". Though the Persistent Storage is encrypted by default, it is not hidden and detectable by forensic analysis. [20] While shutting down, Tails overwrites most of the used RAM to avoid a cold boot attack. [21]

Security incidents

In 2014 Das Erste reported that the NSA's XKeyscore surveillance system sets threat definitions for people who search for Tails using a search engine or visit the Tails website. A comment in XKeyscore's source code calls Tails "a comsec mechanism advocated by extremists on extremist forums". [22] [23]

In the same year, Der Spiegel published slides from an internal National Security Agency presentation dating to June 2012, in which the NSA deemed Tails on its own as a "major threat" to its mission and in conjunction with other privacy tools as "catastrophic". [24] [25]

In 2017, the FBI used malicious code developed by Facebook, identifying sexual extortionist and Tails user Buster Hernandez through a zero-day vulnerability in the default video player. The exploit was never explained to or discovered by the Tails developers, but it is believed that the vulnerability was patched in a later release of Tails. Hernandez had eluded authorities for a long time; the FBI and Facebook had searched for him with no success, and resorted to developing the custom hacking tool. He was arrested in 2017 and in 2021 he was sentenced to 75 years in prison. [26]

See also

Related Research Articles

<span class="mw-page-title-main">Live CD</span> Complete, bootable computer installation that runs directly from a CD-ROM

A live CD is a complete bootable computer installation including operating system which runs directly from a CD-ROM or similar storage device into a computer's memory, rather than loading from a hard disk drive. A live CD allows users to run an operating system for any purpose without installing it or making any changes to the computer's configuration. Live CDs can run on a computer without secondary storage, such as a hard disk drive, or with a corrupted hard disk drive or file system, allowing data recovery.

This is a list of operating systems specifically focused on security. Similar concepts include security-evaluated operating systems that have achieved certification from an auditing organization, and trusted operating systems that provide sufficient support for multilevel security and evidence of correctness to meet a particular set of requirements.

<span class="mw-page-title-main">Jacob Appelbaum</span> American computer security researcher and journalist (born 1 April 1983)

Jacob Appelbaum is an American independent journalist, computer security researcher, artist, and hacker.

Incognito was a Linux distribution based on Gentoo Linux. Its main feature was the inclusion of anonymity and security tools such as Tor by default and being able to be used as a Live CD or Live USB.

<span class="mw-page-title-main">Tor (network)</span> Free and open-source anonymity network based on onion routing

Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It directs Internet traffic via a free, worldwide volunteer overlay network that consists of more than seven thousand relays.

<span class="mw-page-title-main">Pinwale</span>

Pinwale is the code name for a National Security Agency (NSA) collection and retrieval system for so-called "Digital Network Intelligence", including internet e-mail. It is searchable by monitored NSA analysts.

CryptoParty (Crypto-Party) is a grassroots global endeavour to introduce the basics of practical cryptography such as the Tor anonymity network, I2P, Freenet, key signing parties, disk encryption and virtual private networks to the general public. The project primarily consists of a series of free public workshops.

<span class="mw-page-title-main">Tailored Access Operations</span> Unit of the U.S. National Security Agency

The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997, but was not named or structured as TAO until "the last days of 2000," according to General Michael Hayden.

<span class="mw-page-title-main">Tempora</span> GCHQ-operated Internet and telephone surveillance system

Tempora is the codeword for a formerly-secret computer system that is used by the British Government Communications Headquarters (GCHQ). This system is used to buffer most Internet communications that are extracted from fibre-optic cables, so these can be processed and searched at a later time. It was tested from 2008 and became operational in late 2011.

<span class="mw-page-title-main">XKeyscore</span> Mass surveillance system

XKeyscore is a secret computer system used by the United States National Security Agency (NSA) for searching and analyzing global Internet data, which it collects in real time. The NSA has shared XKeyscore with other intelligence agencies, including the Australian Signals Directorate, Canada's Communications Security Establishment, New Zealand's Government Communications Security Bureau, Britain's Government Communications Headquarters, Japan's Defense Intelligence Headquarters, and Germany's Bundesnachrichtendienst.

<span class="mw-page-title-main">Whonix</span> Anonymous operating system

Whonix is a Linux distribution, based on Kicksecure OS, claimed to be security hardened by its developers. Its main goals are to provide strong privacy and anonymity on the Internet. The operating system consists of two virtual machines, a workstation and a Tor gateway running Debian. All communications are forced through Tor.

<span class="mw-page-title-main">Bullrun (decryption program)</span> Code name of a decryption program run by the NSA

Bullrun is a clandestine, highly classified program to crack encryption of online communications and data, which is run by the United States National Security Agency (NSA). The British Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. According to the Bullrun classification guide published by The Guardian, the program uses multiple methods including computer network exploitation, interdiction, industry relationships, collaboration with other intelligence community entities, and advanced mathematical techniques.

<span class="mw-page-title-main">2010s global surveillance disclosures</span> Disclosures of NSA and related global espionage

During the 2010s, international media news reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked by ex-NSA contractor Edward Snowden. The documents consist of intelligence files relating to the U.S. and other Five Eyes countries. In June 2013, the first of Snowden's documents were published, with further selected documents released to various news outlets through the year.

<span class="mw-page-title-main">Global surveillance</span> Mass surveillance across national borders

Global mass surveillance can be defined as the mass surveillance of entire populations across national borders.

<span class="mw-page-title-main">ANT catalog</span> Classified catalog of hacking tools by the NSA

The ANT catalog is a classified product catalog by the U.S. National Security Agency (NSA) of which the version written in 2008–2009 was published by German news magazine Der Spiegel in December 2013. Forty-nine catalog pages with pictures, diagrams and descriptions of espionage devices and spying software were published. The items are available to the Tailored Access Operations unit and are mostly targeted at products from US companies such as Apple, Cisco and Dell. The source is believed to be someone different than Edward Snowden, who is largely responsible for the global surveillance disclosures since 2013. Companies whose products could be compromised have denied any collaboration with the NSA in developing these capabilities. In 2014, a project was started to implement the capabilities from the ANT catalog as open-source hardware and software.

<span class="mw-page-title-main">Timeline of global surveillance disclosures (2013–present)</span>

This timeline of global surveillance disclosures from 2013 to the present day is a chronological list of the global surveillance disclosures that began in 2013. The disclosures have been largely instigated by revelations from the former American National Security Agency contractor Edward Snowden.

<span class="mw-page-title-main">The Tor Project</span> Free and open-source software project for enabling anonymous communication

The Tor Project, Inc. is a 501(c)(3) research-education nonprofit organization based in Winchester, New Hampshire. It is founded by computer scientists Roger Dingledine, Nick Mathewson, and five others. The Tor Project is primarily responsible for maintaining software for the Tor anonymity network.

<span class="mw-page-title-main">Roger Dingledine</span> American computer scientist

Roger Dingledine is an American computer scientist known for having co-founded the Tor Project. A student of mathematics, computer science, and electrical engineering, Dingledine is also known by the pseudonym arma. As of December 2016, he continues in a leadership role with the Tor Project, as a project Leader, Director, and Research Director.

Targeted surveillance is a form of surveillance, such as wiretapping, that is directed towards specific persons of interest, and is distinguishable from mass surveillance. Both untargeted and targeted surveillance is routinely accused of treating innocent people as suspects in ways that are unfair, of violating human rights, international treaties and conventions as well as national laws, and of failing to pursue security effectively.

References

  1. "Tails 6.1". March 27, 2024. Retrieved March 27, 2024.
  2. "Tails - Incremental upgrades". tails.boum.org. Archived from the original on December 1, 2017. Retrieved June 15, 2017.
  3. "Tails - System requirements". tails.boum.org.
  4. "Tails 0.11 incognito live system released". The H . April 30, 2012. Retrieved August 12, 2012.
  5. Vervloesem, Koen (April 27, 2011). "The Amnesic Incognito Live System: A live CD for anonymity". LWN.net . Retrieved August 12, 2012.
  6. "Anonym im Netz" [Anonymous on the Net]. TecChannel (in German). February 6, 2012. Retrieved August 12, 2012.
  7. "Running Tails in a virtual machine". tails.boum.org. Retrieved September 20, 2021.
  8. 1 2 "Finances". Tails. April 4, 2013. Retrieved May 13, 2013.
  9. Gray, James (September 16, 2011). "The Tails Project's The Amnesic Incognito Live System (Tails)". Linux Journal . Retrieved August 12, 2012.
  10. 1 2 Finley, Klint (April 14, 2014). "Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA". WIRED. Retrieved April 18, 2014.
  11. "Tails report for May, 2014". Tails. June 14, 2014. Archived from the original on July 1, 2014. Retrieved July 6, 2014.
  12. Timm, Trevor (April 2, 2014). "Help Support the Little-Known Privacy Tool That Has Been Critical to Journalists Reporting on the NSA". Freedom of the Press Foundation. Retrieved April 18, 2014.
  13. Condliffe, Jamie (April 15, 2014). "Try the Super-Secure USB Drive OS That Edward Snowden Insists on Using". Gizmodo. Retrieved April 15, 2014.
  14. "Air Gaps - Schneier on Security". www.schneier.com. Retrieved August 3, 2023.
  15. "Tails - Tails 3.0 is out". tails.boum.org. Archived from the original on May 22, 2019. Retrieved June 14, 2017.
  16. "APT repository". tails.boum.org. October 7, 2019. Archived from the original on September 25, 2019. Retrieved October 7, 2019.
  17. 1 2 "Features and included software". tails.boum.org. October 7, 2019. Archived from the original on August 23, 2019. Retrieved October 7, 2019.
  18. "Explaining Why We Don't Endorse Other Systems". www.gnu.org. Archived from the original on June 22, 2023. Retrieved June 23, 2023.
  19. "Browsing the web with Tor Browser". tails.boum.org. Archived from the original on February 8, 2022. Retrieved March 16, 2022.
  20. "Tails - Creating and configuring the Persistent Storage". tails.boum.org. Archived from the original on October 7, 2019. Retrieved October 7, 2019.
  21. "Tails - Memory erasure". tails.boum.org.
  22. Appelbaum, J.; Gibson, A.; Goetz, J.; Kabisch, V.; Kampf, L.; Ryge, L. (July 3, 2014). "NSA targets the privacy-conscious". DasErste.de.
  23. Bruce Schneier (July 3, 2014). "NSA Targets Privacy Conscious for Surveillance". Schneier on Security.
  24. SPIEGEL Staff (December 28, 2014). "Prying Eyes: Inside the NSA's War on Internet Security". Der Spiegel. Retrieved January 23, 2015.
  25. "Presentation from the SIGDEV Conference 2012 explaining which encryption protocols and techniques can be attacked and which not" (PDF). Der Spiegel. December 28, 2014. Archived from the original (PDF) on December 30, 2014. Retrieved January 23, 2015.
  26. Franceschi-Bicchierai, Lorenzo (June 10, 2020). "Facebook Helped the FBI Hack a Child Predator". Vice .
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.