Install an intermediary Tails. Планшет tails


Tails - Frequently asked questions

  • For hardware compatibility issues, refer to our known issues.
  • To learn what you can do with Tails, refer to our documentation.

What is the relationship between Tor and Tails?

See our explanation about why does Tails use Tor.

Why is Tails based on Debian and not on another distribution?

We are deeply rooted and involved in Debian. The friendships, relationships, and technical expertise we have in Debian have many benefits for Tails, and we are not ready to build the same relationship with Ubuntu, OpenBSD, or any other distribution. See our statement about our relationship with upstream for details.

See also the article Why there are so many Debian derivatives by Stefano Zacchiroli.

Why isn't Tails based on Ubuntu?

First, see the answer to the previous question.

  1. The rapid development cycle of Ubuntu would be too fast for Tails.
  2. Ubuntu adds features in ways that we find dangerous for privacy. For example Ubuntu One (partly discontinued) and the Amazon ads and data leaks.
  3. Ubuntu is led by a company that takes most of the important decisions and has the power to make them happen.
  4. We usually ship kernels and video drivers from Debian backports. The result is comparable to Ubuntu in terms of support for recent hardware.
  5. We think that the general quality of the maintenance work being done on packages matters from a security perspective. Debian maintainers generally are experts in the fields their packages deal with; while it is generally not the case outside of the limited number of packages Ubuntu officially supports.
  6. We are actively working on improving AppArmor support in Tails; a security framework that is already used in a few Ubuntu applications.
  7. We are also working on adding compiler hardening options to more Debian packages included in Tails; another security feature that Ubuntu already provides.

Why does Tails ship the GNOME Desktop?

We had users ask for LXDE, XFCE, MATE, KDE, and so on, but we are not going to change desktop. According to us, the main drawback of GNOME is that it requires quite a lot of resources to work properly, but it has many advantages. The GNOME Desktop is:

  • Well integrated, especially for new Linux users.
  • Very well translated and documented.
  • Doing relatively good regarding accessibility features.
  • Actively developed.
  • Well maintained in Debian, where it is the default desktop environment.

We invested quite some time in acquiring GNOME knowledge, and switching our desktop environment would require going through that process again.

We are not proposing several desktop environments to choose from because we want to limit the amount of software included in Tails.

Does Tails work on ARM architecture, Raspberry Pi, tablets, or phones?

For the moment, Tails is only available on the x86_64 architecture. The Raspberry Pi and most tablets and phones are based on the ARM architecture. Tails does not work on the ARM architecture so far.

Look for a tablet with an AMD or Intel processor. Try to verify its compatibility with Debian beforehand, for example make sure that the Wi-Fi interface is supported.

To get more information about the progress of Tails on handheld devices, see #6064.

Can I install Tails permanently onto my hard disk?

This is not possible using the recommended installation methods. Tails is designed to be a live system running from a removable media: USB stick or DVD.

This is a conscious decision as this mode of operation is better for what we want to provide to Tails users: amnesia, the fact that Tails leaves no traces on the computer after a session is closed.

Can I install Tails with UNetbootin, YUMI, Rufus or my other favorite tool?

No. Those installation methods are unsupported. They might not work at all, or worse: they might seem to work, but produce a USB stick that does not behave like Tails should. Follow the download and installation documentation instead.

Should I update Tails using apt or Synaptic?

No. Tails provides upgrades every six weeks, that are thoroughly tested to make sure that no security feature or configuration gets broken. If you upgrade the system yourself using apt or Synaptic, you might break things. Upgrading when you get a notification from Tails Upgrader is enough.

Can I buy a preinstalled Tails USB stick or DVD?

No, we don't sell preinstalled Tails devices.

Selling preinstalled devices would in fact be a pretty bad idea:

  • If burned on a DVD, then this DVD would be outdated on the next release. This means after 6 weeks at most.
  • If installed onto a USB stick, then it would be impossible to verify that the Tails on the USB stick is genuine. Trusting that a Tails USB stick is genuine should be based either on cryptographic verification or on personal trust (if you know someone you trust who can clone a Tails USB stick for you). But once Tails is installed on a USB stick it is not possible to use our cryptographic verification techniques anymore. Being able to trust your Tails USB stick is something that we really care about.

Why is JavaScript enabled by default in Tor Browser?

Many websites today require JavaScript to work correctly. As a consequence JavaScript is enabled by default in Tails to avoid confusing many users. But the Torbutton extension, included in Tails, takes care of blocking dangerous JavaScript functionalities.

Tor Browser also includes a security slider and the NoScript extension to optionally disable more JavaScript. This might improve security in some cases. However, if you disable JavaScript, then the fingerprint of your browser will differ from most Tor users. This might break your anonymity.

We think that having JavaScript enabled by default is the best possible compromise between usability and security in this case.

Can I install other add-ons in Tor Browser?

Installing add-ons in Tor Browser might break the security built in Tails.

Add-ons can do many things within the browser, and even if all the networking goes through Tor, some add-ons might interact badly with the rest of the configuration or leak private information.

  1. They can track and reveal information about your browsing behaviour, browsing history, or system information, either on purpose or by mistake.

  2. They can have bugs and security holes that can be remotely exploited by an attacker.

  3. They can have bugs breaking the security offered by other add-ons, for example Torbutton, and break your anonymity.

  4. They can break your anonymity by making your browsing behaviour distinguishable amongst other Tails users.

Unless proven otherwise, no add-on, apart from the ones already included in Tails, have been seriously audited and should be considered safe to use in this context.

Should I manually update add-ons included in Tor Browser?

No. Tails provides upgrades every six weeks, that are thoroughly tested to make sure that no security feature or configuration gets broken. Updating add-ons in Tor Browser might break the security built in Tails.

Can I view websites using Adobe Flash with Tails?

Adobe Flash Player is not included in Tails for several reasons:

  • It is proprietary software which prevents us from legally including it in Tails.
  • It is closed source and so we have no idea of what it really does.
  • It has a very long history of serious security vulnerabilities.
  • It is known to favor privacy invasive technologies such as Local shared object.
  • Adobe only maintains their GNU/Linux Flash plugin for Google Chrome.

We have considered including open-source alternative software to Adobe Flash, such as Gnash, but it is not the case yet, see #5363.

But you can already watch HTML5 videos with Tor Browser.

How to analyse the results of online anonymity tests?

Fingerprinting websites such as https://panopticlick.eff.org/ or https://ip-check.info/ try to retrieve as much information as possible from your browser to see if it can be used to identify you.

As explained in our documentation about fingerprinting, Tails provides anonymity on the web by making it difficult to distinguish a particular user amongst all the users of Tor Browser (either in Tails or on other operating systems).

So, the information retrieved by such fingerprinting websites is not harmful for anonymity in itself, as long as it is the same for all users of Tor Browser.

For example, the user-agent property of the browser was set to Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3, as of Tails 0.21 and Tor Browser 2.3.25-13. This value preserves your anonymity even if the operating system installed on the computer is Windows NT and you usually run Firefox. On the other hand, changing this value makes you distinguishable from others users of Tor Browser and breaks your anonymity.

Furthermore, we verify the result of those websites before each release, see our test suite.

Is Java installed in the Tor Browser?

Tails does not include a Java plugin in its browser because it could break your anonymity.

Can I save my custom settings?

… like language, keyboard layout, background image, toolbar position, browser settings, touchpad preferences, etc.

By default Tails does not save anything from one working session to another. Only the persistent volume allows you to reuse data across different working sessions. See the list of existing persistent features.

We are frequently requested to add new persistent features but we are usually busy working on other priorities. See our open tickets about persistence. Any bit of help is welcome.

How strong is the encryption of the persistent volume and LUKS?

Tails uses LUKS to encrypt the persistent volume. This is the same technique as the one we recommend for creating and using encrypted volumes in general.

LUKS is a very popular standard for disk encryption in Linux. LUKS is the default technique for full-disk encryption proposed by many distributions, including Debian and Ubuntu, when installing a regular system.

Currently the default cipher is aes-cbc-essiv:sha256 with a key size of 256 bits.

To understand better how persistence works, see our design document.

Is it possible to recover the passphrase of the persistent volume?

No. The encryption of the persistent volume is very strong and it is not possible to recover the passphrase of the persistent volume. If the passphrase is weak enough, an attacker, using a brute force attack, could try many possible passphrases and end up guessing your passphrase.

Can I use Tails with a VPN?

Three possible scenarios need to be distinguished:

  • Using a VPN instead of Tor
  • Using a VPN to connect to Tor (VPN before Tor)
  • Connecting to a VPN using Tor (VPN after Tor)

For more information, see our blueprint on VPN support.

Using a VPN instead of Tor

It is a very fundamental assumption of Tails to force all outgoing traffic to anonymity networks such as Tor. VPN are not anonymity networks, because the administrators of the VPN can know both where you are connecting from and where you are connecting to. Tor provides anonymity by making it impossible for a single point in the network to know both the origin and the destination of a connection.

Using a VPN to connect to Tor (VPN before Tor)

In some situations, you might be forced to use a VPN to connect to the Internet, for example by your ISP. This is currently not possible using Tails. See #5858.

Tor bridges can also be useful to bypass the limitations imposed by your ISP.

Connecting to a VPN using Tor (VPN after Tor)

In some situtations, it can be useful to connect to a VPN through Tor:

  • To access services that block connections coming from Tor.
  • To access ressources only available inside a VPN, for example at your company or University.

This is currently not possible easily using Tails.

Can I choose the country of my exit nodes or further edit the torrc?

It is possible to edit the Tor configuration file (torrc) with administration rights but you should not do so as it might break your anonymity.

For example, as mentioned in the Tor Browser FAQ, using ExcludeExitNodes is not recommended because "overriding the exit nodes can mess up your anonymity in ways we don't understand".

How does the DNS resolution work in Tails?

See our design document on this topic.

Why does Tails automatically connect to several websites when starting?

Tor requires the system clock to be well synchronized in order to work properly. When starting Tails, a notification is displayed while the clock is being synchronized.

This synchronization is made by sending HTTPS queries through Tor to severals websites and deducing a correct time from their answers. The list of websites that could be queried in this process can be found in /etc/default/htpdate.

See also our design document on this topic.

Can I help the Tor network by running a relay or a bridge in Tails?

It is currently impossible to run a Tor relay or bridge in Tails. See #5418.

Can I run a Tor hidden service on Tails?

It is technically possible to use Tails to provide a hidden service but it is complicated and not documented yet.

For example, some people have been working on how to run a web server behind a hidden service on Tails. See #7879.

Can I use ping in Tails?

It is impossible to use ping in Tails, because ping uses the ICMP protocol while Tor can only transport TCP connections.

Can my favourite software be included in Tails?

First of all, make sure that this software is already available in Debian, as this is a requirement to be included in Tails. Adding to Tails software which is not in Debian imply an additional workload that could compromise the sustainability of the project. On top of that, being in Debian brings many advantages:

  • It is included in the Debian process for security updates and new versions.
  • It is authenticated using OpenPGP signatures.
  • It is under the scrutiny of the Debian community and its many users and derivatives, including Ubuntu.

To check whether a software is in Debian, search for it on https://packages.debian.org/. If it is not yet available in Debian, you should ask its developers why it is not the case yet.

Second, this software might not be useful to accomplish our design goals. Refer to our design documents to understand which are the intended use cases, and the assumptions on which Tails is based.

We also try to limit the amount of software included in Tails, and we only add new software with a very good reason to do so:

  • We try to limit the growth of the ISO image and automatic upgrades.
  • More software implies more security issues.
  • We avoid proposing several options to accomplish the same task.
  • If a package needs to be removed after its inclusion, for example because of security problems, then this might be problematic as users might rely on it.

After considering all this, if you still think that this software is a good candidate to be included in Tails, please explain us your proposal on [email protected]

If a software is not included in Tails, but is included in Debian, you can use the additional software feature of the persistent volume to install it automatically at the beginning of each working session.

Here is some of the software we are often asked to include in Tails:

Can I download using BitTorrent with Tails?

Tails does not ship any BitTorrent software and is unlikely to do so in the future.

The problem with using BitTorrent over Tor is double:

We had relatively vague plans to improve on this situation.

Can I download videos from websites?

You can install youtube-dl as an additional package. youtube-dl allows downloading videos from more than 700 websites.

For example, to download a YouTube video, execute the following command in a terminal:

torsocks youtube-dl "https://www.youtube.com/watch?v=JWII85UlzKw"

For more information, refer to the official youtube-dl documentation.

Why is the time set wrong?

When Tails starts, the system timezone is set to UTC (Greenwich time). So, this time might be a few hours in the future if you are west of the United Kingdom, or in the past if you are east of the UK. The minutes should be accurate.

We do this for anonymity reasons: if some application reveals your actual timezone, it might help identifying who you are.

Having all Tails users set to the same timezone, makes it more difficult to distinguish you amongst all the other Tails users.

We are working on a custom clock applet with configurable timezone. See #6284.

Is it safe to use Tails on a compromised system?

Tails runs independently from the operating system installed on the computer. So, if the computer has only been compromised by software, running from inside your regular operating system (virus, trojan, etc.), then it is safe to use Tails. This is true as long as Tails itself has been installed using a trusted system.

If the computer has been compromised by someone having physical access to it and who installed untrusted pieces of hardware, then it might be unsafe to use Tails.

If the BIOS of the computer has been compromised, then it might also be unsafe to use Tails.

See our warning page for more details.

Can I verify the integrity of a Tails USB stick or DVD?

It is not possible to verify the integrity of a Tails device, USB stick or DVD, when running Tails from this same device. This would be like asking to someone whether she is a liar; the answer of a true liar would always be "no".

  • To verify the integrity of a DVD from a separate trusted system, you can verify the signature of the ISO image as documented in verify the ISO image using OpenPGP against the DVD itself.

  • There is no documented method of verifying the integrity of a Tails USB stick installed using Tails Installer. However, if you have another trusted Tails USB stick, you can clone it onto the untrusted USB stick to reset it to a trusted state.

Can I use the memory wipe feature of Tails on another operating system?

The memory wipe mechanism that Tails uses on shutdown to protect against cold boot attacks should be reusable in other Linux distributions.

If you want to implement this feature outside of Tails, have a look at the corresponding design documentation.

Where is the New Identity button?

In our warning page we advice to restart Tails every time that you want to use a different contextual identity.

The New Identity feature of Tor Browser is limited to the browser.

Tails used to provide a New Identity feature, but this feature was not a good solution to separate contextual identities, as it was dangerous:

  • Already existing connections could stay open.
  • Other sources of information could reveal your past activities, for example the cookies stored in Tor Browser or the random nick in Pidgin.

Tails is a full operating system, so a new identity should be thought on a broader level. Restart Tails instead.

Can I use TrueCrypt with Tails?

No, TrueCrypt was removed in Tails 1.2.1. But you can still open TrueCrypt volumes using cryptsetup.

Furthermore, TrueCrypt is now discontinued and its development team recommends against using it. We recommend using other encryption tools such as LUKS.

Does Tails collect information about its users?

When Tails starts, two HTTPS requests are made automatically to our website through Tor:

  • A security check is performed to know if security issues have been announced for this version of Tails. The language of the working session is passed along with this request to display the notification in the preferred language of the user.
  • Tails Upgrader checks for newer versions. The version of the running Tails is passed along with this request.

We believe it is important to notify the user of known security issues and newer versions. We calculate statistics based on the security check to know how many times Tails has been started and connected to Tor. Those statistics are published in our monthly reports.

Does Tails need an antivirus?

No, as other Linux systems, Tails doesn't require an antivirus to protect itself from most malwares, such as viruses, trojans, and worms. There are various reasons why Linux operating systems generally don't need antivirus softwares, including the permission design of Linux systems.

See the Wikipedia page on Linux malware for further details.

tails.boum.org

Tails - Download and verify

If you know OpenPGP, you can also verify your download using an OpenPGP signature instead of, or in addition to, our browser extension or BitTorrent.

This section provides simplified instructions:

In Windows with Gpg4win

See the Gpg4win documentation on verifying signatures.

Verify that the date of the signature is at most five days earlier than the latest version: 2018-01-23.

If the following warning appears:

Not enough information to check the signature validity. Signed on ... by [email protected] (Key ID: 0x58ACD84F The validity of the signature cannot be verified.

Then the ISO image is still correct according to the signing key that you downloaded. To remove this warning you need to authenticate the signing key through the OpenPGP Web of Trust.

In macOS using GPGTools

  1. Open Finder and navigate to the folder where you saved the ISO image and the signature.
  2. Right-click on the ISO image and choose .

In Tails

  1. Open the file browser and navigate to the folder where you saved the ISO image and the signature.
  2. Right-click on the signature and choose .
  3. The verification of the ISO image starts automatically:

  4. After the verification finishes, you should see a notification that the signature is good:

    Verify that the date of the signature is at most five days earlier than the latest version: 2018-01-23.

Using the command line

  1. Open a terminal and navigate to the folder where you saved the ISO image and the signature.
  2. Execute:

    gpg --keyid-format 0xlong --verify tails-amd64-3.5.iso.sig tails-amd64-3.5.iso

    The output of this command should be the following:

    gpg: Signature made Tue Jan 23 00:28:44 2018 UTCgpg:                using RSA key 05469FB85EAD6589B43D41D3D21DAD38AF281C0Bgpg: Good signature from "Tails developers <[email protected]>" [full]gpg:                 aka "Tails developers (offline long-term identity key) <[email protected]>" [full]

    Verify that the date of the signature is at most five days earlier than the latest version: 2018-01-23.

    If the output also includes:

    gpg: WARNING: This key is not certified with a trusted signature!gpg: There is no indication that the signature belongs to the owner.

    Then the ISO image is still correct according to the signing key that you downloaded. To remove this warning you need to authenticate the signing key through the OpenPGP Web of Trust.

Authenticating our signing key through the OpenPGP Web of Trust is the only way that you can be protected in case our website is compromised or if you are a victim of a man-in-the-middle attack. However, it is complicated to do and it might not be possible for everyone because it relies on trust relationships between individuals.

The verification techniques that we present (browser extension, BitTorrent, or OpenPGP verification) all rely on some information being securely downloaded using HTTPS from our website:

  • The checksum for the Firefox extension
  • The Torrent file for BitTorrent
  • The Tails signing key for OpenPGP verification

It is possible that you could download malicious information if our website is compromised or if you are a victim of a man-in-the-middle attack.

OpenPGP verification is the only technique that protects you if our website is compromised or if you are a victim of a man-in-the-middle attack. But, for that you need to authenticate the Tails signing key through the OpenPGP Web of Trust.

If you are verifying an ISO image from inside Tails, for example, to do a manual upgrade, then you already have the Tails signing key. You can trust this signing key as much as you already trust your Tails installation since this signing key is included in your Tails installation.

One of the inherent problems of standard HTTPS is that the trust put in a website is defined by certificate authorities: a hierarchical and closed set of companies and governmental institutions approved by your web browser vendor. This model of trust has long been criticized and proved several times to be vulnerable to attacks as explained on our warning page.

We believe that, instead, users should be given the final say when trusting a website, and that designation of trust should be done on the basis of human interactions.

The OpenPGP Web of Trust is a decentralized trust model based on OpenPGP keys that can help with solving this problem. Let's see this with an example:

  1. You are friends with Alice and you really trust her way of making sure that OpenPGP keys actually belong to their owners.
  2. Alice met Bob, a Tails developer, in a conference and certified Bob's key as actually belonging to Bob.
  3. Bob is a Tails developer who directly owns the Tails signing key. So, Bob has certified the Tails signing key as actually belonging to Tails.

In this scenario, you found, through Alice and Bob, a path to trust the Tails signing key without the need to rely on certificate authorities.

If you are on Debian, Ubuntu, or Linux Mint, you can install the debian-keyring package which contains the OpenPGP keys of all Debian developers. Some Debian developers have certified the Tails signing key and you can use these certifications to build a trust path. This technique is explained in detail in our instructions on installing Tails from Debian, Ubuntu, or Linux Mint using the command line.

Relying on the Web of Trust requires both caution and intelligent supervision by the users. The technical details are outside of the scope of this document.

Since the Web of Trust is based on actual human relationships and real-life interactions, it is best to get in touch with people knowledgeable about OpenPGP and build trust relationships in order to find your own trust path to the Tails signing key.

For example, you can start by contacting a local Linux User Group, an organization offering Tails training, or other Tails enthusiasts near you and exchange about their OpenPGP practices.

After you build a trust path, you can certify the Tails signing key by signing it with your own key to get rid of some warnings during the verification process.

tails.boum.org

Tails - Install from Windows

Start in Windows.

In this step, you will install an intermediary Tails by copying the Tails ISO image on the first USB stick using a program called Universal USB Installer. the command line. a program called GNOME Disks.

On this intermediary Tails you won't benefit from important features like automatic security upgrades or the possibility to store some of your documents and configuration in an encrypted storage.

All the data on this USB stick will be lost.

  1. Plug the first USB stick in the computer.

  2. Click on the following link to download Universal USB Installer:

    Download Universal USB Installer

  3. At the Windows security warning, confirm that you want to run the program.

  4. Read the license agreement and click I Agree to continue and start Universal USB Installer.

  5. Select Tails from the drop-down list.

  6. Click Browse and choose the ISO image that you downloaded earlier.

  7. Use the drop-down list to specify the USB stick on which you want to install the ISO image.

    If the USB stick does not appear in the drop-down list, make sure that it is plugged in correctly and restart Universal USB Installer.

  8. Select the Fat32 Format option.

    If you forget to select the Fat32 Format you will not be able to install the final Tails in step 4.

  9. Click Create.

  10. A warning appears. Click Yes to start the installation. The installation takes a few minutes.

  11. After the installation is finished, click Close to quit Universal USB Installer.

Cool, you now have an intermediary Tails on your first USB stick. You will soon have to restart your computer on this USB stick. It can be a bit tricky, so good luck! But it might not work on your Mac model, so good luck!

In the next step, you will shut down the computer. To be able to follow the rest of the instructions afterwards, we recommend you either:

  • Open this page on your smartphone, tablet, or another computer (recommended).

  • Print the rest of the instructions on paper.

  • Take note of the URL of this page to be able to come back later:

    https://tails.boum.org/install/clone/#back https://tails.boum.org/install/win/usb/#back https://tails.boum.org/install/mac/usb/#back https://tails.boum.org/install/mac/clone/#back https://tails.boum.org/install/mac/dvd/#back https://tails.boum.org/install/debian/usb/#back https://tails.boum.org/install/expert/usb/#back https://tails.boum.org/install/linux/usb/#back https://tails.boum.org/upgrade/clone/#back https://tails.boum.org/upgrade/tails/#back

The following instructions assume that the other Tails that you are installing upgrading from is on a USB stick. You can also install upgrade from a Tails DVD in a similar way.

  1. Make sure that the DVD is inserted in the computer. Shut down the computer while leaving the first USB stick plugged in.

    Shut down the computer.

    Plug in the other Tails USB stick that you want to install upgrade from.

    Unplug your Tails USB stick while leaving the intermediary USB stick plugged in.

  2. Switch on the computer.

    Immediately press-and-hold the Option key (Alt key) until a list of possible startup disks appears.

    Choose the DVD and press Enter. The DVD might be labeled Windows like in the following screenshot:

    Immediately press-and-hold the Option key (Alt key) until a list of possible startup disks appears.

    Choose the USB stick and press Enter. The USB stick appears as an external hard disk and might be labeled EFI Boot or Windows like in the following screenshot:

    If only your Macintosh hard drive appears, you can try reinstalling an intermediary Tails from Windows using Universal USB Installer.

  3. If the computer starts on Tails, the Boot Loader Menu appears and Tails starts automatically after 4 seconds.

    Troubleshooting

    Tails does not start at all

    The following section applies if the Boot Loader Menu does not appear when starting on a USB stick.

    It is quite common for computers not to start automatically on a USB stick with Tails installed. Here are some troubleshooting techniques. You should try them one after the other.

    Getting to the boot menu

    On most computers, you can press a boot menu key to display a list of possible devices to start from. The following instructions explain how to display the boot menu and start on the USB stick. The following screenshot is an example of such boot menu:

    1. Shut down the computer.

    2. Make sure that the first USB stick is plugged in the computer.

    3. Identify the potential boot menu keys for the computer depending on the computer manufacturer in the following list:

      ManufacturerKey
      AcerEsc, F12, F9
      AsusEsc, F8
      DellF12
      FujitsuF12, Esc
      HPEsc, F9
      LenovoF12, Novo, F8, F10
      SamsungEsc, F12, F2
      SonyF11, Esc, F10
      ToshibaF12
      others…F12, Esc
    4. Switch on the computer.

      Immediately press several times the first potential boot menu key identified in step 3.

      1. If a boot menu with a list of devices appears, select your USB stick and press Enter.

      2. If the computer starts on another operating system, then:

        1. Shut down the computer.

        2. Press-and-hold the potential boot menu key identified in step 3.

        3. Switch on the computer again while holding the potential boot menu key pressed.

          1. If a boot menu with a list of devices appears, select your USB stick and press Enter.

          2. If the computer starts on another operating system or returns an error message, then shut down the computer again and repeat step 4 for all the potential boot menu keys identified in step 3.

    If none of the potential boot menu keys identified in step 3 work or if the USB stick does not appear in the list, then try the second troubleshooting technique described below.

    Check our list of known issues

    Similar problems might have been reported already for your model of computer in our list of known issues.

    Edit the BIOS settings

    You might need to edit the BIOS settings of the computer.

    Search for the user manual of the computer on the website of its manufacturer to learn how to edit the BIOS settings:

    In the BIOS settings, try to apply the following changes one by one and restart the computer after each change. Some changes might not apply to certain computer models.

    Take note of the changes that you apply to the BIOS settings, to be able to revert them if they prevent the computer to start on its usual operating system.

    1. Edit the Boot Order. Depending on the computer model you might see an entry for removable devices or USB media. Move this entry to the top of the list to force the computer to try to start from the first USB stick before starting from the internal hard disk.

    2. Disable Fast boot.

    3. If the computer is configured to start with legacy BIOS, try to configure it to start with UEFI. Else, if the computer is configured to start with UEFI, try to configure it to start with legacy BIOS. To do so, try any of the following options if available:

      • Enable Legacy mode
      • Disable Secure boot
      • Enable CSM boot
      • Disable UEFI
    4. Try to upgrade the BIOS to the latest version provided by the manufacturer.

    Report the problem to our support team

    If none of these options work, we are sorry but you might not be able to use Tails on this computer.

    Please, send an email to our support team, including the following information:

    1. Which version of Tails are you trying to start?

    2. How did you verify the ISO image?

    3. Which is the brand and model of the computer?

    4. What exactly happens when trying to start? Report the complete error message that appears on the screen, if any.

    5. Are you trying to start Tails on a USB stick or a DVD?

    6. If you are trying to start on a USB stick, which program did you use to install it:

      • Universal USB Installer,
      • GNOME Disks,
      • Tails Installer, or
      • dd on the command line?

      Note that these are the only supported installation methods.

    7. Have you been able to start Tails successfully on this computer before, from another USB stick or DVD, or with another version of Tails? If so, which ones?

    8. Does the same USB stick or DVD start successfully on other computers?

    If your computer fails to start on the intermediary Tails, you can try these other two methods:

    If you tried them already but failed as well, then it might currently be impossible to start Tails on your Mac model.

    If your computer fails to start on the Tails DVD, then it might currently be impossible to start Tails on your Mac model.

  4. After 30–60 seconds, another screen called Tails Greeter appears.

    Troubleshooting

    Tails does not start entirely

    The following section applies if the Boot Loader Menu appears but not Tails Greeter when starting Tails.

    1. Restart the computer on the first USB stick.

    2. In the Boot Loader Menu, choose the Troubleshooting Mode which might work better on some computers.

    3. If the Troubleshooting Mode does not work better, restart the computer again on the first USB stick.

    4. In the Boot Loader Menu, press TAB. A command line with a list of boot options appears at the bottom of the screen.

    5. Press the Backspace key several times to remove the quiet option from the command line.

    6. If Tails previously failed to start and displayed the Probing EDD (edd=off to disable)... error, then type edd=off to add this option to the command line.

    7. Type debug nosplash to add these options to the command line.

    8. To start Tails, press Enter.

    9. Hopefully, error messages now appear when starting Tails. You can send them to our support team by email, for example by taking a picture of the last screen and error messages.

    10. If the error message is /bin/sh: can't access tty; job control turned off followed by (initramfs), then try removing the live-media=removable option from the boot command line.

      If removing live-media=removable allows you to start Tails, please report the problem to our support team. This contributes to improving the list of problematic USB sticks. Then try installing Tails on another USB stick.

    Removing the live-media=removable option might be dangerous. If an adversary had access to the computer and installed a malicious Tails on an internal hard disk, the computer might start on the malicious Tails instead of on the USB stick.

  5. In Tails Greeter, select your language and keyboard layout in the Language & Region section. Click Start Tails.

  6. After 15–30 seconds, the Tails desktop appears.

The most difficult part is over! Now grab your second USB stick as it is time to install the final Tails on it.

It is important to install the final Tails as it allows you to store some of your documents and configuration and benefit from automatic security upgrades.

This was a first but important step! Now grab the USB stick on which you want to install Tails.

In this step, you will install the final Tails on a second new USB stick using Tails Installer.

In this step, you will upgrade your Tails from the other intermediary Tails using Tails Installer one last time.

All the data on this USB stick will be lost.

The persistent storage of your Tails USB stick will be preserved.

The persistent storage of the other Tails will not be copied.

  1. Plug the second the new your Tails the USB stick in the computer.

  2. Choose to start Tails Installer.

    Start Tails Installer:

  3. Click Browse and choose the ISO image that you downloaded earlier.

    Choose the second the new your USB stick in the Target USB stick drop-down list.

  4. To start the installation, click on the Install button. upgrade, click on the Upgrade button.

    If your Tails USB stick was not installed using Tails Installer, click on the Install button instead.

    If the Install button is unavailable, maybe you forgot to select the Format Fat32 option in Universal USB Installer in step 2.

    Restart on Windows and go back to Step 2: Install an intermediary Tails.

  5. Read the warning message in the confirmation dialog. Click Yes to confirm.

    The installation upgrade takes a few minutes.

    At the end of the installation, you are asked for your administration password twice.

    The progress bar usually freezes for some time while synchronizing data on disk.

  6. After the installation finishes, close Tails Installer.

You are done upgrading Tails. You can now shutdown and restart on your Tails USB stick.

Thank you for staying safe!

  1. Shut down the computer.

  2. Unplug the first other USB stick and leave the second new USB stick plugged in.

    Eject the DVD and leave the USB stick plugged in.

  3. Switch on the computer.

    Immediately press-and-hold the Option key (Alt key) until a list of possible startup disks appears.

    Choose the USB stick and press Enter. The USB stick appears as an external hard disk and might be labeled EFI Boot or Windows like in the following screenshot:

    Troubleshooting

    Tails does not start at all

    The following section applies if the Boot Loader Menu does not appear when starting on a USB stick.

    It is quite common for computers not to start automatically on a USB stick with Tails installed. Here are some troubleshooting techniques. You should try them one after the other.

    Getting to the boot menu

    On most computers, you can press a boot menu key to display a list of possible devices to start from. The following instructions explain how to display the boot menu and start on the USB stick. The following screenshot is an example of such boot menu:

    1. Shut down the computer.

    2. Make sure that the first USB stick is plugged in the computer.

    3. Identify the potential boot menu keys for the computer depending on the computer manufacturer in the following list:

      ManufacturerKey
      AcerEsc, F12, F9
      AsusEsc, F8
      DellF12
      FujitsuF12, Esc
      HPEsc, F9
      LenovoF12, Novo, F8, F10
      SamsungEsc, F12, F2
      SonyF11, Esc, F10
      ToshibaF12
      others…F12, Esc
    4. Switch on the computer.

      Immediately press several times the first potential boot menu key identified in step 3.

      1. If a boot menu with a list of devices appears, select your USB stick and press Enter.

      2. If the computer starts on another operating system, then:

        1. Shut down the computer.

        2. Press-and-hold the potential boot menu key identified in step 3.

        3. Switch on the computer again while holding the potential boot menu key pressed.

          1. If a boot menu with a list of devices appears, select your USB stick and press Enter.

          2. If the computer starts on another operating system or returns an error message, then shut down the computer again and repeat step 4 for all the potential boot menu keys identified in step 3.

    If none of the potential boot menu keys identified in step 3 work or if the USB stick does not appear in the list, then try the second troubleshooting technique described below.

    Check our list of known issues

    Similar problems might have been reported already for your model of computer in our list of known issues.

    Edit the BIOS settings

    You might need to edit the BIOS settings of the computer.

    Search for the user manual of the computer on the website of its manufacturer to learn how to edit the BIOS settings:

    In the BIOS settings, try to apply the following changes one by one and restart the computer after each change. Some changes might not apply to certain computer models.

    Take note of the changes that you apply to the BIOS settings, to be able to revert them if they prevent the computer to start on its usual operating system.

    1. Edit the Boot Order. Depending on the computer model you might see an entry for removable devices or USB media. Move this entry to the top of the list to force the computer to try to start from the first USB stick before starting from the internal hard disk.

    2. Disable Fast boot.

    3. If the computer is configured to start with legacy BIOS, try to configure it to start with UEFI. Else, if the computer is configured to start with UEFI, try to configure it to start with legacy BIOS. To do so, try any of the following options if available:

      • Enable Legacy mode
      • Disable Secure boot
      • Enable CSM boot
      • Disable UEFI
    4. Try to upgrade the BIOS to the latest version provided by the manufacturer.

    Report the problem to our support team

    If none of these options work, we are sorry but you might not be able to use Tails on this computer.

    Please, send an email to our support team, including the following information:

    1. Which version of Tails are you trying to start?

    2. How did you verify the ISO image?

    3. Which is the brand and model of the computer?

    4. What exactly happens when trying to start? Report the complete error message that appears on the screen, if any.

    5. Are you trying to start Tails on a USB stick or a DVD?

    6. If you are trying to start on a USB stick, which program did you use to install it:

      • Universal USB Installer,
      • GNOME Disks,
      • Tails Installer, or
      • dd on the command line?

      Note that these are the only supported installation methods.

    7. Have you been able to start Tails successfully on this computer before, from another USB stick or DVD, or with another version of Tails? If so, which ones?

    8. Does the same USB stick or DVD start successfully on other computers?

    If your computer fails to start on the final Tails, Tails USB stick, you can continue using the intermediary Tails Tails DVD. On this intermediary Tails you cannot benefit from automatic upgrades or create an encrypted persistent storage.

    You should still have a look at our final recommendations. final recommendations.

  4. The Boot Loader Menu appears and Tails starts automatically after 4 seconds.

  5. After 30–60 seconds, Tails Greeter appears.

  6. In Tails Greeter, select your language and keyboard layout in the Language & Region section. Click Start Tails.

  7. After 15–30 seconds, the Tails desktop appears.

You can optionally create an encrypted persistent storage in the remaining free space on the final new Tails USB stick to store any of the following:

  • Your personal files and working documents
  • Some of your settings
  • Your encryption keys

The data in the encrypted persistent storage:

  • Remains available across separate working sessions.
  • Is encrypted using a passphrase of your choice.

The encrypted persistent storage is not hidden. An attacker in possession of the USB stick can know whether it has an encrypted persistent storage. Take into consideration that you can be forced or tricked to give out its passphrase.

It is possible to open the encrypted persistent storage from other operating systems. But, doing so might compromise the security provided by Tails.

For example, image thumbnails might be created and saved by the other operating system. Or, the contents of files might be indexed by the other operating system.

Other operating systems should probably not be trusted to handle sensitive information or leave no trace.

Create the persistent storage

  1. Choose .

  2. Specify a passphrase of your choice in both the Passphrase and Verify Passphrase text boxes.

    We recommend choosing a long passphrase made of five to seven random words. Learn more.

  3. Click on the Create button.

  4. Wait for the creation to finish.

  5. The assistant shows a list of the possible persistence features. Each feature corresponds to a set of files or settings to be saved in the encrypted persistent storage.

    We recommend you to only activate the Personal Data persistence feature for the time being. You can activate more features later on according to your needs.

  6. Click Save.

Restart and activate the persistent storage

  1. Shut down the computer and restart on the final new Tails USB stick.

  2. In Tails Greeter:

    • Select your language and keyboard layout in the Language & Region section.
    • In the Encrypted Persistent Storage section, enter your passphrase and click Unlock to activate the encrypted persistent storage for the current working session.
    • Click Start Tails.
  3. After 15–30 seconds, the Tails desktop appears.

  4. You can now save your personal files and working documents in the Persistent folder. To open the Persistent folder choose .

tails.boum.org

Upgrading a Tails USB stick

Tails includes an automatic mechanism to upgrade a USB stick to a newer version. In some cases, it is impossible to do an automatic upgrade and you might have to do a manual upgrade. This page describes both techniques.

Our upgrades always fix important security issues so it is important to do them as soon as possible.

Both techniques only work if the upgraded USB stick, was installed using Tails Installer. The persistent storage on the USB stick will be preserved.

If you use Tails from a DVD, you need to burn a new DVD.

If you use Tails from a USB stick installed from macOS using the command line, you need to reinstall.

After starting Tails and connecting to Tor, Tails Upgrader automatically checks if upgrades are available and then proposes you to upgrade your USB stick. The upgrades are checked for and downloaded through Tor.

The advantages of this technique are the following:

  • You only need a single Tails USB stick. The upgrade is done on the fly from a running Tails. After upgrading, you can restart and use the new version.
  • The upgrade is much smaller to download than a full ISO image.
  • The upgrade mechanism includes cryptographic verification of the upgrade. You don't have to verify the ISO image yourself anymore.

Requirements:

  • A Tails USB stick, installed using Tails Installer.
  • An Internet connection.

After connecting to Tor, if an upgrade is available, a dialog appears and proposes you to upgrade your USB stick.

  • It is recommended to close all the open applications during the upgrade.
  • Downloading the upgrade might take a long time, from several minutes to a few hours.
  • The networking will be disabled after downloading the upgrade.

If you decide to do the upgrade, click on Upgrade now, and follow the assistant through the upgrade process.

If you missed an upgrade, each upgrade will be installed one after the other. For exemple, if you have a Tails 1.3 and the current version is 1.3.2, then the upgrade to 1.3.1 will be installed, and after you restart Tails, the upgrade to 1.3.2 will be installed.

If you cannot upgrade at startup (for example if you have no network connection by then), you can start Tails Upgrader later by opening a terminal and executing the following command:

tails-upgrade-frontend-wrapper

We recommend you read the release notes for the latest version. They document all the changes in this new version:

  • new features
  • problems that were solved
  • known issues that have already been identified

They might also contain special instructions for upgrading.

If an error occurs, the assistant proposes you to read one of the following pages:

We recommend you read the release notes for the latest version. They document all the changes in this new version:

  • new features
  • problems that were solved
  • known issues that have already been identified

They might also contain special instructions for upgrading.

It might not always be possible to do an automatic upgrade as described above. For example, when:

  • No automatic upgrade is available from our website for this version.
  • The automatic upgrade is impossible for technical reasons (not enough memory, not enough free space on the USB stick, etc.).
  • You want to upgrade from another Tails USB stick which already has a newer version installed, for example when working offline.
  • The automatic upgrade failed and you need to repair a Tails USB stick.

After connecting to Tor, a dialog informs you if you have to upgrade your USB stick using Tails Installer to a newer version of Tails. To do so, follow our manual upgrade instructions.

To know your version of Tails, choose

tails.boum.org

Tails 3.5 Download - TechSpot

Tails helps you to:

  • use the Internet anonymously and circumvent censorship
  • all connections to the Internet are forced to go through the Tor network
  • leave no trace on the computer you are using unless you ask it explicitly
  • use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging

Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly.

It is a complete operating system designed to be used from a DVD, USB stick, or SD card independently of the computer's original operating system.

Tails comes with several built-in applications pre-configured with security in mind: web browser, instant messaging client, email client, office suite, image and sound editor, etc.

If you are interested in giving Tails a try on your current computer without running any risk, please check out our Guide: Running Linux From a USB Drive As a Virtual Machine or Bootable Disk.

Online anonymity and censorship circumvention with Tor

Tails relies on the Tor anonymity network to protect your privacy online:

  • all software is configured to connect to the Internet through Tor
  • if an application tries to connect to the Internet directly, the connection is automatically blocked for security.

Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.

Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.

Using Tor you can:

  • be anonymous online by hiding your location
  • connect to services that would be censored otherwise
  • resist attacks that block the usage of Tor using circumvention tools such as bridges

What's New:

New features

  • Tor redesigned Tor Launcher, the application to configure a Tor bridge or a local proxy.

Upgrades and changes

  • Update Tor Browser to 7.5.
  • Update Linux to 4.14.13 and the microcode firmware for AMD to mitigate Spectre.
  • Update Thunderbird to 52.5.

Fixed problems

  • Fix printing to a PDF in Tor Browser. (#13403 and #15024)
  • Fix the opening of the Applications menu when the time synchronization changed the clock in the past. (#14250)
  • Fix the opening of the documentation included in Tails for many non-English languages. (#15160)
  • Fix translations of the time synchronization and "Tor is ready" notifications. (#13437)
  • Remove the code to migrate from Claws Mail that was preventing Thunderbird to start in some cases. (#12734)

For more details, read our changelog.

Known issues

  • Debug and error messages appear when starting Tails, including an alarming message about a kernel BUG.
  • In Tails Installer, it is only possible to select an ISO image when choose Use a downloaded Tails ISO image when running Tails in English. For other language, the file chooser button remains inactive:
  • The documentation shipped in Tails doesn't open in Tor Browser anymore. The warning page of the Unsafe Browser also lacks graphical design. (#14962 and Tor #24243)

What's New in Tails 3.0:

We are especially proud to present you Tails 3.0, the first version of Tails based on Debian 9 (Stretch). It brings a completely new startup and shutdown experience, a lot of polishing to the desktop, security improvements in depth, and major upgrades to a lot of the included software.

Debian 9 (Stretch) will be released on June 17. It is the first time that we are releasing a new version of Tails almost at the same time as the version of Debian it is based upon. This was an important objective for us as it is beneficial to both our users and users of Debian in general and strengthens our relationship with upstream:

  • Our users can benefit from the cool changes in Debian earlier.
  • We can detect and fix issues in the new version of Debian while it is still in development so that our work also benefits Debian earlier.

This release also fixes many security issues and users should upgrade as soon as possible.

New startup and shutdown experience

  • Tails Greeter, the application to configure Tails at startup, has been completely redesigned for ease of use:
  • All options are available from a single window.
  • Language and region settings are displayed first to benefit our international audience.
  • Accessibility features can be enabled from the start.

This has been a long process, started three years ago with the UX team of NUMA Paris and lead only by volunteers. Join us on [email protected] to participate in future designs.

The shutdown experience has also been redesigned in order to be:

  • More reliable. It was crashing on various computers with unpredictable results.
  • More discrete. The screen is now totally black to look less suspicious.

Technically speaking, it is now using the freed memory poisoning feature of the Linux kernel.

Polishing the desktop

We switched to the default black theme of GNOME which has a more modern and discrete look:

  • Tails 3.0 benefits from many other small improvements to the GNOME desktop:
  • Files has been redesigned to reduce clutter and make the interface easier to use. Several new features have been added, such as the ability to rename multiple files at the same time and the ability to extract compressed files without needing a separate application.
  • The notification area has been improved to allow easy access to previous notifications. Notification popups have also been repositioned to make them more noticeable.
  • Shortcut windows have been added to help you discover keyboard shortcuts in GNOME applications.
  • For example, press Ctrl+F1 in Files to display its shortcut window.

Complete release notes can be found here.

Previous versions:

www.techspot.com


Смотрите также