The volunteers who developed Tails, the open source operating system used by whistleblower Edward Snowden, this week released v1.0.
This is the 36th stable release of the OS since the first public version, then called “Amnesia,” was released in June 2009.
Various security and bug fixes have been incorporated into v1.0. They include a Web browser upgrade, a Tor upgrade, and client-side blacklists for all Tor directory authority keys vulnerable to the OpenSSL Heartbleed flaw.
Tails “is a nicely packaged distribution of common security tools like Tor and PGP,” Daniel Castro, senior analyst at The Information Technology & Innovation Foundation, told LinuxInsider. “All of this is available today.”
In fact, the developers admit Tails 1.0 “does not bring a lot of effective changes for the user.”
Tails 1.1 is scheduled for release in June. It will be based on Wheezy, aka Debian 7.
Tails 2.0 will focus on sustainability and maintainability, and Tails 3.0 will focus on making Tails more secure.
Tails is funded by donations collected by the Freedom of the Press Foundation.
Tails vs. the OS World
Like some Linux distros that can be run off USB flash drives, Tails, which is based on Debian GNU, can be run off a DVD, a USB stick or an SD card.
Tails is configured to use only a computer’s RAM for storage. That memory should be automatically erased when the computer is shut down.
Tails comes with various security tools, including Linux Unified Key Setup disk encryption, HTTPS Everywhere, OpenPGP to encrypt and sign emails and documents, and Off-the-Record messaging.
Problems With Tails
However, Tails is not a panacea. There is a list of known issues with the OS.
On some hardware, the memory wipe procedure fails to complete, and the computer does not completely shut down or restart, for example.
It’s not possible to connect to FTP servers; Tails fails to connect to certain WiFi networks; accessing YouTube videos requires a bit of work; and Tails has very limited support on Macs.
Tails also has problems with some hardware, including the ASUS VivoBook X202E, a number of Dell devices, the Samsung Series 7 Chronos, two Toshiba Satellite models, and USB sticks configured by the manufacturer as a fixed disk, such as the SanDisk Cruzer line and the Staples Relay USB 2.0 16-GB version.
On some systems, Tails does not consistently erase all system memory as it should.
No Cure for the Masses
“Not everybody can use it because it requires some knowledge about its components,” Sorin Mustaca, IT security expert at Avira, told LinuxInsider.
Further, the average person does not care overmuch about their privacy, contended Mustaca, because otherwise Facebook wouldn’t have so many users.
Still, Tails would be handy for the average user. For example, it would protect against keyloggers installed by cybercriminals in computers in hotel business centers, or malware that hijacks browsers, Castro suggested.
What About the Bad Guys?
Tor has been used by cybercriminals and pedophiles to mask their activities.
The NSA and its UK equivalent, GCHQ, repeatedly have tried to crack the service, as have repressive governments concerned about its use by investigative journalists.
“Masking online activities is a critical capability in locales where political repression is common,” said Charles King, principal analyst at Pund-IT. As for bad actors, “I wouldn’t qualify Tails as being any more dangerous than other common devices used by criminals, including cars and guns, or the digital still and video cameras favored by pedophiles.”
Tails “is a technology that can be used by almost anyone,” said King, and “denigrating it because of the actions of a few criminals is a fool’s errand.”