TyperTech
Regular Member
- Joined
- Feb 26, 2024
- Posts
- 44
- Reaction score
- 0
- Status
- Offline
- Last Seen
Tails project
What is the relationship between Tor and Tails?
See our explanation about why does Tails use Tor.⚠️
Why is Tails based on Debian and not on another distribution?
We are deeply rooted and involved in Debian. The friendships, relationships, and technical expertise we have in Debian have many benefits for Tails, and we are not ready to build the same relationship with Ubuntu, OpenBSD, or any other distribution. See our statement about our relationship with upstream for details.
See also the article Why there are so many Debian derivatives⚠️ by Stefano Zacchiroli.
Hardware compatibility
System requirements⚠️
Known Issues⚠️
Does Tails work on 32-bit computers?
No. Tails stopped working on 32-bit computer in Tails 3.0(2017
Does Tails work on ARM architecture, Raspberry Pi, tablets, smartphones (mobile phones), or Apple M1?
For the moment, Tails is only available on the x86_64 architecture. The Raspberry Pi, most tablets, and most smartphones (mobile phones) are based on the ARM architecture. Tails does not work on the ARM architecture so far.
For this reason, Tails does not work on Mac models that use the Apple M1 chip.
Installation
Do I need a USB stick dedicated to Tails?
Yes. Tails requires a USB stick dedicated to only running Tails.
To store files in your Tails USB stick, use the encrypted Persistent Storage.⚠️ To exchange files between Tails and another operating system, use a separate USB stick.
Can I install Tails permanently onto my hard disk?
This is not possible using the recommended installation methods. Tails is designed to be a live system running from a removable media: USB stick or DVD.
Can I install Tails with UNetbootin, YUMI, Rufus or my other favorite tool?
No. Those installation methods are unsupported. They might not work at all, or worse: they might seem to work, but produce a USB stick that does not behave like Tails should. Follow the download and installation documentation⚠️ instead.
Should I update Tails using apt upgrade or Synaptic?
No. Tails provides upgrades every six weeks, that are thoroughly tested to make sure that no security feature or configuration gets broken. If you upgrade the system yourself using apt or Synaptic, you might break things. Upgrading when you get a notification from Tails Upgrader⚠️ is enough.
Web browser
Why is JavaScript enabled by default in Tor Browser?
Many websites today require JavaScript to work correctly. As a consequence JavaScript is enabled by default in Tails to avoid confusing many users. But Tor Browser takes care of blocking dangerous JavaScript functionalities.
Tor Browser also includes a security level and the NoScript extension to optionally disable more JavaScript. This might improve security in some cases. However, if you disable JavaScript, then the fingerprint of your Tor Browser differs from most users. This reduces your anonymity.
We think that having JavaScript enabled by default is the best possible compromise between usability and security in this case.
We have plans to allow storing the security level in the Persistent Storage.
gitlab.tails.boum.org
Can I install other add-ons in Tor Browser?
Installing add-ons in Tor Browser might break the security built in Tails.
Add-ons can do many things within the browser, and even if all the networking goes through Tor, some add-ons might interact badly with the rest of the configuration or leak private information.
Warnings about the Persistent Storage⚠️
Browsing the web with Tor Browser⚠️
Should I manually update add-ons included in Tor Browser?
No. Tails provides upgrades every six weeks, that are thoroughly tested to make sure that no security feature or configuration gets broken. Updating add-ons in Tor Browser might break the security built in Tails.
How to analyse the results of online anonymity tests?
Fingerprinting websites, such as https://coveryourtracks.eff.org/⚠️, try to retrieve as much information as possible from your browser to see if it can be used to identify you.
As explained in our documentation about the fingerprint of Tor Browser in Tails⚠️, Tails provides anonymity by making it difficult to distinguish a particular user amongst all the users of Tor Browser (either in Tails or on other operating systems).
So, the information retrieved by such fingerprinting websites is not harmful for anonymity in itself, as long as it is the same for all users of Tor Browser.
For example, the user-agent string of Tor Browser includes Windows NT but this value preserves your anonymity even if you run Windows NT. On the other hand, changing this value makes you distinguishable from other users of Tor Browser and, as a consequence, weakens your anonymity.
Furthermore, we verify the result of those websites before each release, see our test suite.⚠️
Is Java installed in the Tor Browser?
Tails does not include a Java plugin in its browser because it could break your anonymity.
Persistent Storage
Can I save my custom settings?
… like Tor Browser preferences, Tor configuration, desktop background, mouse and touchpad settings, etc.
By default Tails does not save anything from one session to another. Only the Persistent Storage allows you to reuse data across different Tails sessions. See the list of features of the Persistent Storage.⚠️
We are frequently requested to add new features to the Persistent Storage but we are usually busy working on other priorities. See the list of issues about the Persistent Storage.⚠️
How strong is the encryption of the Persistent Storage and LUKS?
Tails uses LUKS to encrypt the Persistent Storage. This is the same technique as the one we recommend for creating and using encrypted volumes⚠️ in general.
LUKS is a very popular standard for disk encryption in Linux. LUKS is the default technique for full-disk encryption proposed by many distributions, including Debian and Ubuntu, when installing a regular system.
The Persistent Storage is created with the default LUKS parameters used by udisks and cryptsetup.
To understand better how the Persistent Storage works, see our design document.⚠️
Is it possible to recover the passphrase of the Persistent Storage?
No. The encryption of the Persistent Storage is very strong and it is impossible to recover the passphrase of the Persistent Storage. If the passphrase is weak enough, an attacker can try many possible passphrases and end up guessing your passphrase. Such an attack is called brute-force attack.
Networking
Can I use Tails with a VPN?
Tails does not work with VPNs.
There are three scenarios where a VPN would be involved in Tails:
Using a VPN instead of Tor.
Using a VPN to connect to Tor (VPN before Tor).
Connecting to a VPN using Tor (VPN after Tor).
For more information, see our blueprint on VPN support.⚠️
Using a VPN instead of Tor
Unlike Tor, using a VPN does not provide anonymity.
Tor provides anonymity by making it impossible for a single point in the network to know both the origin and destination of a connection.
With VPNs, the administrators of the VPN can know both where you are connecting from and where you are connecting to.
It is fundamental to Tails⚠️ that all outgoing traffic be forced through Tor. We have no plans to make it possible to use a VPN instead of Tor in the future.
Using a VPN to connect to Tor (VPN before Tor)
In some situations, you might need to use a VPN to connect to Tor. For example, your Internet Service Provider (ISP) might restrict connections to Tor relays.
In these situations, try using Tor bridges⚠️ to bypass the restrictions imposed by your ISP or local network.
It is currently impossible to use a VPN in Tails to connect to Tor. We might make this possible in the future. (#17843)⚠️
Connecting to a VPN using Tor (VPN after Tor)
In some situations, it can be useful to connect to a VPN through Tor:
To access services that block connections coming from Tor.
To access resources only available inside a VPN, for example, a server at your company or university.
It is currently impossible to connect to a VPN in Tails using Tor. We might make this possible in the future. (#5858)⚠️
Can I choose the country of my exit nodes or further edit the torrc?
Editing the Tor configuration file, also called torrc, to modify how Tor creates circuits can weaken your anonymity in ways that are hard to understand and explain. That is why we don't explain how to modify the Tor configuration file in Tails, for example, to choose the country of your exit nodes or exclude some entry guards.
How does the DNS resolution work in Tails?
See our design document⚠️ on this topic.
Why does Tails automatically connect to several websites when starting?
1. Be able to connect to the Tor network in the first place
The computer clock is fixed a first time, approximately, before connecting to Tor, either automatically⚠️ or manually⚠️.
2. Protect your anonymity while using Tor
The computer clock is fixed a second time, precisely, to prevent a website from identifying you by analyzing minor differences of your computer clock with the correct time.
This second synchronization is made by sending HTTPS queries through Tor to several websites and deducing a correct time from their answers. You can see the list of websites that Tails can connect to in /etc/default/htpdate.pools⚠️.
See also our design document on time synchronization⚠️.
Can I help the Tor network by running a relay or a bridge in Tails?
It is currently impossible to run a Tor relay or bridge in Tails.
Can I run a Tor onion service on Tails?
It is technically possible to use Tails to provide an onion service but it is complicated and not documented yet.
Can I use ping in Tails?
It is impossible to use ping in Tails, because ping uses the ICMP protocol while Tor can only transport TCP connections.
Software not included in Tails
Can my favorite software be included in Tails?
First of all, make sure that this software is already available in Debian, as this is a requirement to be included in Tails. Adding to Tails software which is not in Debian imply an additional workload that could compromise the sustainability of the project. On top of that, being in Debian brings many advantages:
It is included in the Debian process for security updates and new versions.
It is authenticated using OpenPGP signatures.
It is under the scrutiny of the Debian community and its many users and derivatives, including Ubuntu.
To check whether a software is in Debian, search for it on https://packages.debian.org/⚠️. If it is not yet available in Debian, you should ask its developers why it is not the case yet.
Second, this software might not be useful to accomplish our design goals. Refer to our design documents to understand which are the intended use cases, and the assumptions on which Tails is based.
We also try to limit the amount of software included in Tails, and we only add new software with a very good reason to do so:
We try to limit the growth of the images and automatic upgrades.
More software implies more security issues.
We avoid proposing several options to accomplish the same task.
If a package needs to be removed after its inclusion, for example because of security problems, then this might be problematic as users might rely on it.
After considering all this, if you still think that this software is a good candidate to be included in Tails, please explain us your proposal on tails-dev@boum.org.
If a software is not included in Tails, but is included in Debian, you can use the Additional Software⚠️ feature of the Persistent Storage to install it automatically every time you start Tails.
Here is some of the software we are often asked to include in Tails:
Monero: not in Debian, but see #17823⚠️
bitmessage: not in Debian
retroshare: not in Debian
rar/unrar: is not free software⚠️, but you can use the additional software⚠️ feature to install it
How can I use Monero in Tails?
You can install the Feather⚠️ Monero wallet as an AppImage.
Tails currently does not include a Monero wallet. However, we are interested in making it easier to use Monero in Tails in the future. See #17823⚠️ for a list of unofficial guides on how to use Monero in Tails.
Other security issues
Is it safe to use an older version of Tails?
It is not safe to use an older version of Tails. Only the latest version of Tails should be used.
Because it is not safe to use an older version of Tails, we distribute only the latest version of Tails.
Older versions of Tails have security vulnerabilities and other issues that are fixed in the latest version of Tails.
We understand why you might want to use an older version of Tails. For example, the latest version of Tails might not be compatible with your hardware.
If you are experiencing an issue with the latest version of Tails, you can check our list of known issues to find out if there is a workaround for the issue you are experiencing.
If there is no known workaround for the issue you are experiencing, you might want to make a bug report to let us know about the issue.
Why does Tails include old versions of software?
Tails includes the software versions that are found in Debian stable⚠️. Even though the software versions might be old, they receive security fixes through the Debian security team⚠️.
Can I verify the integrity of a Tails USB stick or DVD?
It is impossible to verify the integrity of a Tails USB stick or DVD while running Tails from it. It would be like asking to someone whether they are lying: a true liar would always pretend to tell the truth.
If you worry that your Tails might be corrupted, do a manual upgrade⚠️ from a trusted operating system to upgrade it to a trusted version of Tails.
Can I use the memory wipe feature of Tails on another operating system?
The memory wipe mechanism that Tails uses on shutdown to protect against cold boot attacks⚠️ should be reusable in other Linux distributions.
If you want to implement this feature outside of Tails, have a look at the corresponding design documentation⚠️.
Where is the New Identity button?
There is no New Identity button for Tails as a whole.
The New Identity feature of Tor Browse⚠️ is limited to the browser.
See also our warning about using Tails sessions for only one purpose at a time⚠️.
Does Tails need an antivirus?
No, as other Linux systems, Tails doesn't require an antivirus to protect itself from most malwares, such as viruses, trojans, and worms.
See the Wikipedia page on Linux malware⚠️ for further details.
Source, https://tails.boum.org/
Have a Good Day!
What is the relationship between Tor and Tails?
See our explanation about why does Tails use Tor.⚠️
Why is Tails based on Debian and not on another distribution?
We are deeply rooted and involved in Debian. The friendships, relationships, and technical expertise we have in Debian have many benefits for Tails, and we are not ready to build the same relationship with Ubuntu, OpenBSD, or any other distribution. See our statement about our relationship with upstream for details.
See also the article Why there are so many Debian derivatives⚠️ by Stefano Zacchiroli.
Hardware compatibility
System requirements⚠️
Known Issues⚠️
Does Tails work on 32-bit computers?
No. Tails stopped working on 32-bit computer in Tails 3.0(2017
Does Tails work on ARM architecture, Raspberry Pi, tablets, smartphones (mobile phones), or Apple M1?
For the moment, Tails is only available on the x86_64 architecture. The Raspberry Pi, most tablets, and most smartphones (mobile phones) are based on the ARM architecture. Tails does not work on the ARM architecture so far.
For this reason, Tails does not work on Mac models that use the Apple M1 chip.
Installation
Do I need a USB stick dedicated to Tails?
Yes. Tails requires a USB stick dedicated to only running Tails.
To store files in your Tails USB stick, use the encrypted Persistent Storage.⚠️ To exchange files between Tails and another operating system, use a separate USB stick.
Can I install Tails permanently onto my hard disk?
This is not possible using the recommended installation methods. Tails is designed to be a live system running from a removable media: USB stick or DVD.
Can I install Tails with UNetbootin, YUMI, Rufus or my other favorite tool?
No. Those installation methods are unsupported. They might not work at all, or worse: they might seem to work, but produce a USB stick that does not behave like Tails should. Follow the download and installation documentation⚠️ instead.
Should I update Tails using apt upgrade or Synaptic?
No. Tails provides upgrades every six weeks, that are thoroughly tested to make sure that no security feature or configuration gets broken. If you upgrade the system yourself using apt or Synaptic, you might break things. Upgrading when you get a notification from Tails Upgrader⚠️ is enough.
Web browser
Why is JavaScript enabled by default in Tor Browser?
Many websites today require JavaScript to work correctly. As a consequence JavaScript is enabled by default in Tails to avoid confusing many users. But Tor Browser takes care of blocking dangerous JavaScript functionalities.
Tor Browser also includes a security level and the NoScript extension to optionally disable more JavaScript. This might improve security in some cases. However, if you disable JavaScript, then the fingerprint of your Tor Browser differs from most users. This reduces your anonymity.
We think that having JavaScript enabled by default is the best possible compromise between usability and security in this case.
We have plans to allow storing the security level in the Persistent Storage.
Persistent Storage feature: Tor Browser security level (#9700) · Issues · tails / tails · GitLab
This was, by far, the most requested feature in the 2020 user survey.
gitlab.tails.boum.org
Can I install other add-ons in Tor Browser?
Installing add-ons in Tor Browser might break the security built in Tails.
Add-ons can do many things within the browser, and even if all the networking goes through Tor, some add-ons might interact badly with the rest of the configuration or leak private information.
Warnings about the Persistent Storage⚠️
Browsing the web with Tor Browser⚠️
Should I manually update add-ons included in Tor Browser?
No. Tails provides upgrades every six weeks, that are thoroughly tested to make sure that no security feature or configuration gets broken. Updating add-ons in Tor Browser might break the security built in Tails.
How to analyse the results of online anonymity tests?
Fingerprinting websites, such as https://coveryourtracks.eff.org/⚠️, try to retrieve as much information as possible from your browser to see if it can be used to identify you.
As explained in our documentation about the fingerprint of Tor Browser in Tails⚠️, Tails provides anonymity by making it difficult to distinguish a particular user amongst all the users of Tor Browser (either in Tails or on other operating systems).
So, the information retrieved by such fingerprinting websites is not harmful for anonymity in itself, as long as it is the same for all users of Tor Browser.
For example, the user-agent string of Tor Browser includes Windows NT but this value preserves your anonymity even if you run Windows NT. On the other hand, changing this value makes you distinguishable from other users of Tor Browser and, as a consequence, weakens your anonymity.
Furthermore, we verify the result of those websites before each release, see our test suite.⚠️
Is Java installed in the Tor Browser?
Tails does not include a Java plugin in its browser because it could break your anonymity.
Persistent Storage
Can I save my custom settings?
… like Tor Browser preferences, Tor configuration, desktop background, mouse and touchpad settings, etc.
By default Tails does not save anything from one session to another. Only the Persistent Storage allows you to reuse data across different Tails sessions. See the list of features of the Persistent Storage.⚠️
We are frequently requested to add new features to the Persistent Storage but we are usually busy working on other priorities. See the list of issues about the Persistent Storage.⚠️
How strong is the encryption of the Persistent Storage and LUKS?
Tails uses LUKS to encrypt the Persistent Storage. This is the same technique as the one we recommend for creating and using encrypted volumes⚠️ in general.
LUKS is a very popular standard for disk encryption in Linux. LUKS is the default technique for full-disk encryption proposed by many distributions, including Debian and Ubuntu, when installing a regular system.
The Persistent Storage is created with the default LUKS parameters used by udisks and cryptsetup.
To understand better how the Persistent Storage works, see our design document.⚠️
Is it possible to recover the passphrase of the Persistent Storage?
No. The encryption of the Persistent Storage is very strong and it is impossible to recover the passphrase of the Persistent Storage. If the passphrase is weak enough, an attacker can try many possible passphrases and end up guessing your passphrase. Such an attack is called brute-force attack.
Networking
Can I use Tails with a VPN?
Tails does not work with VPNs.
There are three scenarios where a VPN would be involved in Tails:
Using a VPN instead of Tor.
Using a VPN to connect to Tor (VPN before Tor).
Connecting to a VPN using Tor (VPN after Tor).
For more information, see our blueprint on VPN support.⚠️
Using a VPN instead of Tor
Unlike Tor, using a VPN does not provide anonymity.
Tor provides anonymity by making it impossible for a single point in the network to know both the origin and destination of a connection.
With VPNs, the administrators of the VPN can know both where you are connecting from and where you are connecting to.
It is fundamental to Tails⚠️ that all outgoing traffic be forced through Tor. We have no plans to make it possible to use a VPN instead of Tor in the future.
Using a VPN to connect to Tor (VPN before Tor)
In some situations, you might need to use a VPN to connect to Tor. For example, your Internet Service Provider (ISP) might restrict connections to Tor relays.
In these situations, try using Tor bridges⚠️ to bypass the restrictions imposed by your ISP or local network.
It is currently impossible to use a VPN in Tails to connect to Tor. We might make this possible in the future. (#17843)⚠️
Connecting to a VPN using Tor (VPN after Tor)
In some situations, it can be useful to connect to a VPN through Tor:
To access services that block connections coming from Tor.
To access resources only available inside a VPN, for example, a server at your company or university.
It is currently impossible to connect to a VPN in Tails using Tor. We might make this possible in the future. (#5858)⚠️
Can I choose the country of my exit nodes or further edit the torrc?
Editing the Tor configuration file, also called torrc, to modify how Tor creates circuits can weaken your anonymity in ways that are hard to understand and explain. That is why we don't explain how to modify the Tor configuration file in Tails, for example, to choose the country of your exit nodes or exclude some entry guards.
How does the DNS resolution work in Tails?
See our design document⚠️ on this topic.
Why does Tails automatically connect to several websites when starting?
1. Be able to connect to the Tor network in the first place
The computer clock is fixed a first time, approximately, before connecting to Tor, either automatically⚠️ or manually⚠️.
2. Protect your anonymity while using Tor
The computer clock is fixed a second time, precisely, to prevent a website from identifying you by analyzing minor differences of your computer clock with the correct time.
This second synchronization is made by sending HTTPS queries through Tor to several websites and deducing a correct time from their answers. You can see the list of websites that Tails can connect to in /etc/default/htpdate.pools⚠️.
See also our design document on time synchronization⚠️.
Can I help the Tor network by running a relay or a bridge in Tails?
It is currently impossible to run a Tor relay or bridge in Tails.
Can I run a Tor onion service on Tails?
It is technically possible to use Tails to provide an onion service but it is complicated and not documented yet.
Can I use ping in Tails?
It is impossible to use ping in Tails, because ping uses the ICMP protocol while Tor can only transport TCP connections.
Software not included in Tails
Can my favorite software be included in Tails?
First of all, make sure that this software is already available in Debian, as this is a requirement to be included in Tails. Adding to Tails software which is not in Debian imply an additional workload that could compromise the sustainability of the project. On top of that, being in Debian brings many advantages:
It is included in the Debian process for security updates and new versions.
It is authenticated using OpenPGP signatures.
It is under the scrutiny of the Debian community and its many users and derivatives, including Ubuntu.
To check whether a software is in Debian, search for it on https://packages.debian.org/⚠️. If it is not yet available in Debian, you should ask its developers why it is not the case yet.
Second, this software might not be useful to accomplish our design goals. Refer to our design documents to understand which are the intended use cases, and the assumptions on which Tails is based.
We also try to limit the amount of software included in Tails, and we only add new software with a very good reason to do so:
We try to limit the growth of the images and automatic upgrades.
More software implies more security issues.
We avoid proposing several options to accomplish the same task.
If a package needs to be removed after its inclusion, for example because of security problems, then this might be problematic as users might rely on it.
After considering all this, if you still think that this software is a good candidate to be included in Tails, please explain us your proposal on tails-dev@boum.org.
If a software is not included in Tails, but is included in Debian, you can use the Additional Software⚠️ feature of the Persistent Storage to install it automatically every time you start Tails.
Here is some of the software we are often asked to include in Tails:
Monero: not in Debian, but see #17823⚠️
bitmessage: not in Debian
retroshare: not in Debian
rar/unrar: is not free software⚠️, but you can use the additional software⚠️ feature to install it
How can I use Monero in Tails?
You can install the Feather⚠️ Monero wallet as an AppImage.
Tails currently does not include a Monero wallet. However, we are interested in making it easier to use Monero in Tails in the future. See #17823⚠️ for a list of unofficial guides on how to use Monero in Tails.
Other security issues
Is it safe to use an older version of Tails?
It is not safe to use an older version of Tails. Only the latest version of Tails should be used.
Because it is not safe to use an older version of Tails, we distribute only the latest version of Tails.
Older versions of Tails have security vulnerabilities and other issues that are fixed in the latest version of Tails.
We understand why you might want to use an older version of Tails. For example, the latest version of Tails might not be compatible with your hardware.
If you are experiencing an issue with the latest version of Tails, you can check our list of known issues to find out if there is a workaround for the issue you are experiencing.
If there is no known workaround for the issue you are experiencing, you might want to make a bug report to let us know about the issue.
Why does Tails include old versions of software?
Tails includes the software versions that are found in Debian stable⚠️. Even though the software versions might be old, they receive security fixes through the Debian security team⚠️.
Can I verify the integrity of a Tails USB stick or DVD?
It is impossible to verify the integrity of a Tails USB stick or DVD while running Tails from it. It would be like asking to someone whether they are lying: a true liar would always pretend to tell the truth.
If you worry that your Tails might be corrupted, do a manual upgrade⚠️ from a trusted operating system to upgrade it to a trusted version of Tails.
Can I use the memory wipe feature of Tails on another operating system?
The memory wipe mechanism that Tails uses on shutdown to protect against cold boot attacks⚠️ should be reusable in other Linux distributions.
If you want to implement this feature outside of Tails, have a look at the corresponding design documentation⚠️.
Where is the New Identity button?
There is no New Identity button for Tails as a whole.
The New Identity feature of Tor Browse⚠️ is limited to the browser.
See also our warning about using Tails sessions for only one purpose at a time⚠️.
Does Tails need an antivirus?
No, as other Linux systems, Tails doesn't require an antivirus to protect itself from most malwares, such as viruses, trojans, and worms.
See the Wikipedia page on Linux malware⚠️ for further details.
Source, https://tails.boum.org/
Have a Good Day!