Tails (operating system)

Last updated

Tails
Tails-logo-flat-inverted.svg
Tails screneshot.png
Tails 6.1 Desktop, with Tor Browser open.
Developer The Tails Project
OS family Linux (Unix-like)
Working stateActive
Source model Open source
Initial releaseJune 23, 2009;15 years ago (2009-06-23)
Latest release 6.9 [1]   OOjs UI icon edit-ltr-progressive.svg / 31 October 2024;6 days ago (31 October 2024)
Repository gitlab.tails.boum.org/tails/tails
Marketing target Personal computers
Available in 33 languages
Update methodTails Upgrader [2]
Package manager APT (front-end), dpkg
Platforms x86-64 [3]
Kernel type Monolithic
Userland GNU
Default
user interface 		GNOME 43
License GNU GPLv3 [4]
Preceded byIncognito
Official website tails.net

Tails, or "The Amnesic Incognito Live System", is a security-focused Debian-based Linux distribution aimed at preserving privacy and anonymity against surveillance. [5] It connects to the Internet exclusively through the anonymity network Tor. [6] The system is designed to be booted as a live DVD or live USB and never writes to the hard drive or SSD, leaving no digital footprint on the machine unless explicitly told to do so. It can also be run as a virtual machine, with some additional security risks. [7]

Contents

The Tor Project provided financial support for Tails' development in the beginnings of the project, [8] and continues to do so alongside numerous corporate and anonymous sponsors.

History

Tails was first released on June 23, 2009. It is the next iteration of development on Incognito, a discontinued Gentoo-based Linux distribution. [9] The original project was called Amnesia. The operating system was born when Amnesia was merged with Incognito. [10] The Tor Project provided financial support for its development in the beginnings of the project. [8] Tails also received funding from the Open Technology Fund, Mozilla, and the Freedom of the Press Foundation. [11]

Laura Poitras, Glenn Greenwald, Bruce Schneier and Barton Gellman have each said that Tails was an important tool they used in their work with National Security Agency whistleblower Edward Snowden. [10] [12] [13] [14]

From release 3.0, in 2017, Tails requires a 64-bit processor to run. [15]

In 2023, the Tails Project approached the Tor Project to merge operations. The merger was completed on September 26, 2024, stating that, "By joining forces, the Tails team can now focus on their core mission of maintaining and improving Tails OS, exploring more and complementary use cases while benefiting from the larger organizational structure of The Tor Project." [16] [17]

Features

Tails's pre-installed desktop environment is GNOME 3. The system includes essential software for functions such as reading and editing documents, image editing, video watching and printing. Other software from Debian can be installed at the user's behest. [18] [19] Despite being open-source, Tails contains non-free firmware blobs. [20]

Tails includes a unique variety of software that handles the encryption of files and internet transmissions, cryptographic signing and hashing, and other functions important to security. It is pre-configured to use Tor with multiple connection options. It tries to force all connections to use Tor and blocks connection attempts outside Tor. For networking, it features a modified version of Tor Browser with the inclusion of uBlock Origin, [21] instant messaging, email, file transmission and monitoring local network connections for security. [19]

By design, Tails is "amnesic". It runs in the computer's random access memory (RAM) and does not write to a hard drive or other storage medium. The user may choose to keep files, applications or some settings on their Tails drive in "Persistent Storage". Though the Persistent Storage is encrypted by default, it is not hidden and detectable by forensic analysis. [22] While shutting down, Tails overwrites most of the used RAM to avoid a cold boot attack. [23]

Security incidents

In 2014, Das Erste reported that the NSA's XKeyscore surveillance system sets threat definitions for people who search for Tails using a search engine or visit the Tails website. A comment in XKeyscore's source code calls Tails "a comsec mechanism advocated by extremists on extremist forums". [24] [25]

In the same year, Der Spiegel published slides from an internal National Security Agency presentation dating to June 2012, in which the NSA deemed Tails on its own as a "major threat" to its mission and in conjunction with other privacy tools as "catastrophic". [26] [27]

In 2017, the FBI used malicious code developed by Facebook, identifying sexual extortionist and Tails user Buster Hernandez through a zero-day vulnerability in the default video player. The exploit was never explained to or discovered by the Tails developers, but it is believed that the vulnerability was patched in a later release of Tails. Hernandez had eluded authorities for a long time; the FBI and Facebook had searched for him with no success, and resorted to developing the custom hacking tool. He was arrested in 2017, and in 2021 he was sentenced to 75 years in prison. [28]

See also

Related Research Articles

A cypherpunk is one who advocates the widespread use of strong cryptography and privacy-enhancing technologies as a means of effecting social and political change. The cypherpunk movement originated with the establishment of an electronic mailing list, through which informal groups sought to achieve privacy and security through proactive use of cryptography. The cypherpunk movement has been active since about 1990 at the latest.

This is a list of operating systems specifically focused on security. Similar concepts include security-evaluated operating systems that have achieved certification from an auditing organization, and trusted operating systems that provide sufficient support for multilevel security and evidence of correctness to meet a particular set of requirements.

Technical variations of Linux distributions include support for different hardware devices and systems or software package configurations. Organizational differences may be motivated by historical reasons. Other criteria include security, including how quickly security upgrades are available; ease of package management; and number of packages available.

<span class="mw-page-title-main">Jacob Appelbaum</span> American computer security researcher (born 1983)

Jacob Appelbaum is an American independent journalist, computer security researcher, artist, hacker and teacher. Appelbaum, who earned his PhD from the Eindhoven University of Technology, first became notable for his work as a core member of the Tor Project, a free software network designed to provide online anonymity. But it was Appelbaum's work with WikiLeaks and his journalism at Der Spiegel based on the NSA documents leaked by Edward Snowden that made him famous, status accentuated by his standing-in for Julian Assange at computer security and hacker forums when Assange could no longer travel to the United States. Under the pseudonym "ioerror", Appelbaum was an active member of the Cult of the Dead Cow hacker collective from 2008 to 2016. He was the co-founder of the San Francisco hackerspace Noisebridge with Mitch Altman. He worked for Kink.com and Greenpeace and volunteered for the Ruckus Society and the Rainforest Action Network. He was on the Technical Advisory Board of the Freedom of the Press Foundation.

<span class="mw-page-title-main">Tor (network)</span> Free and open-source anonymity network based on onion routing

Tor is a free overlay network for enabling anonymous communication. Built on free and open-source software and more than seven thousand volunteer-operated relays worldwide, users can have their Internet traffic routed via a random path through the network.

<span class="mw-page-title-main">Tailored Access Operations</span> Unit of the U.S. National Security Agency

The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997, but was not named or structured as TAO until "the last days of 2000," according to General Michael Hayden.

<span class="mw-page-title-main">Edward Snowden</span> American whistleblower and former NSA contractor (born 1983)

Edward Joseph Snowden, born June 21, 1983) is an American former NSA intelligence contractor and whistleblower who leaked classified documents revealing the existence of global surveillance programs. He became a naturalized Russian citizen in 2022.

<span class="mw-page-title-main">XKeyscore</span> Mass surveillance system

XKeyscore is a secret computer system used by the United States National Security Agency (NSA) for searching and analyzing global Internet data, which it collects in real time. The NSA has shared XKeyscore with other intelligence agencies, including the Australian Signals Directorate, Canada's Communications Security Establishment, New Zealand's Government Communications Security Bureau, Britain's Government Communications Headquarters, Japan's Defense Intelligence Headquarters, and Germany's Bundesnachrichtendienst.

<span class="mw-page-title-main">Whonix</span> Anonymous operating system

Whonix is a Linux distribution, based on Kicksecure OS, claimed to be security hardened by its developers.

<span class="mw-page-title-main">Bullrun (decryption program)</span> Code name of a decryption program run by the NSA

Bullrun is a clandestine, highly classified program to crack encryption of online communications and data, which is run by the United States National Security Agency (NSA). The British Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. According to the Bullrun classification guide published by The Guardian, the program uses multiple methods including computer network exploitation, interdiction, industry relationships, collaboration with other intelligence community entities, and advanced mathematical techniques.

<span class="mw-page-title-main">2010s global surveillance disclosures</span> Disclosures of NSA and related global espionage

During the 2010s, international media reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked by ex-NSA contractor Edward Snowden. The documents consist of intelligence files relating to the U.S. and other Five Eyes countries. In June 2013, the first of Snowden's documents were published, with further selected documents released to various news outlets through the year.

<span class="mw-page-title-main">Global surveillance</span> Mass surveillance across national borders

Global mass surveillance can be defined as the mass surveillance of entire populations across national borders.

<span class="mw-page-title-main">ANT catalog</span> Classified catalog of hacking tools by the NSA

The ANT catalog is a classified product catalog by the U.S. National Security Agency (NSA) of which the version written in 2008–2009 was published by German news magazine Der Spiegel in December 2013. Forty-nine catalog pages with pictures, diagrams and descriptions of espionage devices and spying software were published. The items are available to the Tailored Access Operations unit and are mostly targeted at products from US companies such as Apple, Cisco and Dell. The source is believed to be someone different than Edward Snowden, who is largely responsible for the global surveillance disclosures during the 2010s. Companies whose products could be compromised have denied any collaboration with the NSA in developing these capabilities. In 2014, a project was started to implement the capabilities from the ANT catalog as open-source hardware and software.

<span class="mw-page-title-main">Open Whisper Systems</span> Open source software organization

Open Whisper Systems was a software development group that was founded by Moxie Marlinspike in 2013. The group picked up the open source development of TextSecure and RedPhone, and was later responsible for starting the development of the Signal Protocol and the Signal messaging app. In 2018, Signal Messenger was incorporated as an LLC by Moxie Marlinspike and Brian Acton and then rolled under the independent 501c3 non-profit Signal Technology Foundation. Today, the Signal app is developed by Signal Messenger LLC, which is funded by the Signal Technology Foundation.

<span class="mw-page-title-main">The Tor Project</span> Free and open-source software project for enabling anonymous communication

The Tor Project, Inc. is a 501(c)(3) research-education nonprofit organization based in Winchester, Massachusetts. It is founded by computer scientists Roger Dingledine, Nick Mathewson, and five others. The Tor Project is primarily responsible for maintaining software for the Tor anonymity network.

<i>Citizenfour</i> 2014 film

Citizenfour is a 2014 documentary film directed by Laura Poitras, concerning Edward Snowden and the NSA spying scandal. The film had its US premiere on October 10, 2014, at the New York Film Festival and its UK premiere on October 17, 2014, at the BFI London Film Festival. The film features Snowden and Glenn Greenwald, and was co-produced by Poitras, Mathilde Bonnefoy, and Dirk Wilutzky, with Steven Soderbergh and others serving as executive producers. Citizenfour received critical acclaim upon release, and was the recipient of numerous accolades, including Best Documentary Feature at the 87th Academy Awards. This film is the third part to a 9/11 trilogy following My Country, My Country (2006) and The Oath (2010).

<span class="mw-page-title-main">Parrot OS</span> Debian-based Linux distribution

Parrot OS is a Linux distribution based on Debian with a focus on security, privacy, and development.

<span class="mw-page-title-main">Roger Dingledine</span> American computer scientist

Roger Dingledine is an American computer scientist known for having co-founded the Tor Project. A student of mathematics, computer science, and electrical engineering, Dingledine is also known by the pseudonym arma. As of December 2016, he continues in a leadership role with the Tor Project, as a project Leader, Director, and Research Director.

References

  1. "New Release: Tails 6.9". October 31, 2024. Retrieved October 31, 2024.
  2. "Tails - Incremental upgrades". tails.boum.org. Archived from the original on December 1, 2017. Retrieved June 15, 2017.
  3. "Tails - System requirements". tails.boum.org. Archived from the original on December 1, 2017. Retrieved June 15, 2017.
  4. "Tails 0.11 incognito live system released". The H . April 30, 2012. Archived from the original on March 2, 2019. Retrieved August 12, 2012.
  5. Vervloesem, Koen (April 27, 2011). "The Amnesic Incognito Live System: A live CD for anonymity". LWN.net . Archived from the original on August 21, 2017. Retrieved August 12, 2012.
  6. "Anonym im Netz" [Anonymous on the Net]. TecChannel (in German). February 6, 2012. Archived from the original on April 1, 2016. Retrieved August 12, 2012.
  7. "Running Tails in a virtual machine". tails.boum.org. Archived from the original on June 9, 2023. Retrieved September 20, 2021.
  8. 1 2 "Finances". Tails. April 4, 2013. Archived from the original on March 29, 2019. Retrieved May 13, 2013.
  9. Gray, James (September 16, 2011). "The Tails Project's The Amnesic Incognito Live System (Tails)". Linux Journal . Archived from the original on August 13, 2019. Retrieved August 12, 2012.
  10. 1 2 Finley, Klint (April 14, 2014). "Out in the Open: Inside the Operating System Edward Snowden Used to Evade the NSA". WIRED. Archived from the original on April 19, 2014. Retrieved April 18, 2014.
  11. "Tails report for May, 2014". Tails. June 14, 2014. Archived from the original on July 1, 2014. Retrieved July 6, 2014.
  12. Timm, Trevor (April 2, 2014). "Help Support the Little-Known Privacy Tool That Has Been Critical to Journalists Reporting on the NSA". Freedom of the Press Foundation. Archived from the original on July 20, 2014. Retrieved April 18, 2014.
  13. Condliffe, Jamie (April 15, 2014). "Try the Super-Secure USB Drive OS That Edward Snowden Insists on Using". Gizmodo. Archived from the original on April 15, 2014. Retrieved April 15, 2014.
  14. "Air Gaps - Schneier on Security". www.schneier.com. October 11, 2013. Archived from the original on August 3, 2023. Retrieved August 3, 2023.
  15. "Tails - Tails 3.0 is out". tails.boum.org. Archived from the original on May 22, 2019. Retrieved June 14, 2017.
  16. "Tails - Uniting for Internet Freedom: Tor Project & Tails Join Forces". tails.net. Retrieved September 26, 2024.
  17. Sawers, Paul (September 26, 2024). "The Tor Project merges with Tails, a Linux-based portable OS focused on privacy". TechCrunch . Archived from the original on September 26, 2024. Retrieved September 26, 2024.
  18. "APT repository". tails.boum.org. October 7, 2019. Archived from the original on September 25, 2019. Retrieved October 7, 2019.
  19. 1 2 "Features and included software". tails.boum.org. October 7, 2019. Archived from the original on August 23, 2019. Retrieved October 7, 2019.
  20. "Explaining Why We Don't Endorse Other Systems". www.gnu.org. Archived from the original on June 22, 2023. Retrieved June 23, 2023.
  21. "Browsing the web with Tor Browser". tails.boum.org. Archived from the original on February 8, 2022. Retrieved March 16, 2022.
  22. "Tails - Creating and configuring the Persistent Storage". tails.boum.org. Archived from the original on October 7, 2019. Retrieved October 7, 2019.
  23. "Tails - Memory erasure". tails.boum.org. Archived from the original on June 20, 2023. Retrieved October 8, 2019.
  24. Appelbaum, J.; Gibson, A.; Goetz, J.; Kabisch, V.; Kampf, L.; Ryge, L. (July 3, 2014). "NSA targets the privacy-conscious". DasErste.de. Archived from the original on May 23, 2016. Retrieved July 3, 2014.
  25. Bruce Schneier (July 3, 2014). "NSA Targets Privacy Conscious for Surveillance". Schneier on Security. Archived from the original on June 20, 2023. Retrieved July 3, 2014.
  26. SPIEGEL Staff (December 28, 2014). "Prying Eyes: Inside the NSA's War on Internet Security". Der Spiegel. Archived from the original on January 24, 2015. Retrieved January 23, 2015.
  27. "Presentation from the SIGDEV Conference 2012 explaining which encryption protocols and techniques can be attacked and which not" (PDF). Der Spiegel. December 28, 2014. Archived from the original (PDF) on December 30, 2014. Retrieved January 23, 2015.
  28. Franceschi-Bicchierai, Lorenzo (June 10, 2020). "Facebook Helped the FBI Hack a Child Predator". Vice . Archived from the original on June 13, 2020. Retrieved June 12, 2020.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.