% Tails: a technical overview
% BitingBird, kurono, intrigeri
% DebConf 15
About Tails
=============
Who are we
--------
* Tails contributors
What is Tails
-------------
**T**he **A**mnesic **I**ncognito **L**ive **S**ystem
A Live operating system
-----------------------
* works on (almost) any computer
* boots off a DVD or a USB stick
Privacy and anonymity #1
------------------------
* use the Internet anonymously and circumvent censorship:
all connections to the Internet are forced to go through the Tor network
* leave no trace on the computer you are using unless you ask it
explicitly
Privacy and anonymity #2
------------------------
* cryptographic tools: encrypt your files, emails and instant messaging
* media production tools: sound, video, office publishing, graphics...
And... it works?
----------------
> * According to the NSA, yes :
> "(S//REL) Tails: Complete Bootable OS on CD for anonymity - includes Tor
> (S//REL) Adds Severe CNE misery to equation"
> (Thanks to a famous Tails user for providing these documents.)
> * Bruce Schneier, December 2013 :
> "What do I trust? I trust, I trust Tails, I trust GPG [...]"
> "I don't use Linux. (Shhh. Don't tell anyone.)
> Although I have started using Tails""
Main project goals
=============================
Usability: a security feature
------------------
* Often usability matters more than "pure" security.
* Make a "baseline" security level (privacy, anonymity) very accessible.
A small delta, to avoid drowning
------------------
* Fact: specialized distributions often die quickly.
* At least in this area: ✝ Liberté Linux, Haven, Anonym.OS,
ParanoidLinux, onionOS, Phantomix and many others. RIP.
Why did they die so quickly?
------------------
* small teams, not organized to grow
* underestimation of the maintenance and user support work
* no long-term commitment
* NIH
E.g. what we're doing upstream
------------------
* AppArmor
* Debian: pkg-apparmor-team, pkg-anonymity-tools,
pkg-otr-team
* libvirt
* Seahorse
* Tor
* Puppet shared modules
Results
---------------
* little Tails-specific code
* glue work
* "social" work:
talk to upstreams
spread the word about our needs
find skilled people to do the work at the best place
* slow rhythm (waiting the next Debian release, and sometimes the one
after), despite backports
* **Tails is still alive!**
Implementation
==========
PELD
-----------------------
*
* Tails currently based on Debian Wheezy.
* ...migrating to Jessie.
* Core software:
Tor
Tor Browser
GNOME
Use the Internet anonymously
-----------------------
* We don't know what software will attempt to contact the network
* ...so we block all outbound Internet traffic except Tor
* (and I2P when enabled)
* Unsafe Browser for captive portals
Tails Installer
---------------
* Initially based on Fedora's liveusb-creator
*
* recently converted to Python + GTK3 + udisks2
* will be uploaded to Debian very soon :)
Leave no trace on the computer
-----------------------
* Protect against memory recovery such as cold boot attacks
* RAM is overwritten when Tails is being shutdown
* Actual memory erasure: secure-delete (sdmem)
Tails persistence
-----------------------
* Somewhat tricky topic for a live distro
* User keys, some APT packages...
* LUKS-encrypted GPT partition (TailsData)
* dm-crypt, ext4
* backend implemented upstream in `live-boot`
* GUI written in Perl + GTK3
Incremental upgrades
-----------------------
*
* Only possible when installed on USB stick
* Incremental Upgrade Kit (IUK)
* SquashFs stacking.
Application isolation
-----------------------
* AppArmor to isolate applications
* Currently only file access isolation
(missing non-mainlined kernel patches)
* The best supported in Debian
* Hacks to support the Live system
* Currently (somewhat) confined: Tor Browser, Tor, Pidgin, Evince,
Totem, Vidalia, etc.
Build and Test
-----------------------
* Git repo
→
* Building Tails using Vagrant
* Automated builds (done!) and tests (WIP) in Jenkins
* Test suite: Sikuli, libvirt, cucumber
→ live demo next Friday
Challenges
==========
Cadence & popularity
--------------------
- new release every 6 weeks
- about 14k boots a day (x 2.8 since 2 years)
Limited resources and time
--------------------------
- small team compared to scope and pressure
- 3,500 commits, by 15+ persons, in the last 6 months
Roadmap
=======
Early 2016
----------
- **Tails 2.0**: Upgrade to Debian Jessie
Hardening
---------
- Persistent Tor state
- Protect against exploitation via external buses
- Stronger HTTPS on our website
- Persistent seed for random number generator
- Robust time syncing
International audience
----------------------
- Persistent Tor configuration (e.g. bridges)
- Web platform for translating our website
Ease adoption
-------------
- Revamp Tails Greeter
- Multi-platform Tails Installer
- Improve Tails Installer
- Explain better what Tails is and what makes it so awesome
- Revamp the website
Better user support
-------------------
- Request tracker for bug reports
- Improve WhisperBack
Polished and reliable platform
------------------------------
- Tor and network progress bar
- Improve additional packages persistence feature
- Localized displayed clock
- Backup system for persistence
- Screen locker
- Full self-upgrades
Sustainability
--------------
- Replace Vidalia with Tor Monitor
- Easier ISO build system
- Reproducible build of the ISO image
- Automated Debian package build infrastructure
- (Even more) automated tests
Fundraising
-----------
- Have more reliable and steady sources of income
- Depend less on grants from governments
Tails needs help
================
## _You_ can help
* User or trainer: early testing, feedback
* User interface / web / UX person
* Software developer / maintainer
* System administrator
* Debian
* Technical writer
* Translator
* Donor
* Starting point:
Contact
=======
## Talk to us
* We are here.
* Development mailing-list: ****
* Mailing-lists for translators, UX, early testers, user support,
non-technical project discussions, etc.
* Core team's encrypted mailing-list: ****
* IRC: see
* Web: ****