Tails 1.4 polishes up the privacy-obsessed Linux OS trusted by Edward Snowden

Tails, the operating system trusted by Edward Snowden, just released a new version.

Tails, a privacy and anonymity-focused Linux distribution most famously used by Edward Snowden, just released version 1.4.

This Debian-based system is designed to preserve your privacy and anonymity online, providing better protection than just using the Tor browser alone on a typical operating system. How effective is this concealment-centric operating system's tools? Well, in 2012, vulnerabilities for Tails topped the NSA's most-wanted list alongside Tor and TrueCrypt.

Let's dig into Tails' basic capabilities, as well as the new changes.

Why Edward Snowden (and others) choose Tails

Tails stands for "The Amnesiac Incognito Live System," and it's designed to be booted and run entirely from a disc, USB drive, or SD card. This ensures no traces of your activity are written to your PC's hard drive. It also means any malware or other surveillance software running on a computer's normal operating system--Windows, for example--won't be involved with the Tails session.

Even if you're using an untrusted computer, you can reboot it with Tails inserted. Boot up into Tails and you can now trust the computer much more, as you don't have to worry about software running in the background snooping on you. It isn't absolutely foolproof, however--in theory, malicious firmware on the PC's hardware could be sitting in the background and snooping on you.

Tails includes the Tor Browser as well as the I2P anonymizing software. Unlike simply installing the Tor Browser on a typical computer, Tails is designed to route all communications possible over Tor and prevent applications from leaking traffic. The Tor enforcement document explains exactly how the underlying system is configured to force traffic through Tor. Not only does it force browser traffic through the Tor browser, it also routes other applications' traffic over Tor, doing its best to prevent any anonymity-compromising traffic from leaking.

Along with Tor and I2P, Tails ships other privacy software. For example, Pidgin is preinstalled with the Off-the-Record plug-in for encrypted chatting. You'll also find software like the KeePassX password manager, Electrum BitCoin wallet, and disk-wiping and encryption tools.

Not only does this make Tor much more foolproof and isolate anonymous Internet use from a computer's normal operating system, all of the software you'll need is preinstalled along with links to various help pages. It's a single package you can keep on a USB drive in your pocket, so you don't have to hunt down all the software and install it individually.

What's new in Tails 1.4

The latest version of Tails upgrades the Tor Browser to version 4.5. This latest release offers a security slider for restricting browser features even further, potentially offering more security. When you connect to a website, the latest Tor Browser loads all that website's resources through the same Tor circuit. While browsing a website, it keeps using that same Tor circuit. When you go to a different website, it uses a new Tor circuit. This prevents websites from connecting your website visits to you and ensures a website's behavior won't change as you're viewing it.

The new default search engine is "Disconnect." This search engine provides anonymized results from Google, and you won't see the normal CAPTCHAs attempting to confirm you're a human that you would if you were using Google through Tor. A command named Paperkey is also included, allowing you to print a backup of your OpenPGP secret keys to a piece of paper.

Aside from these changes, there are the usual ones you'd expect in a new version of a Linux distribution--version bumps to the Tor and I2P software, support for more printers, and better support for Vietnamese fonts in LibreOffice. Read the Tails 1.4 release notes for more details. If you're actually planning on using Tails, be sure to read the about page and warnings before getting started.

Join the CSO newsletter!

Error: Please check your email address.

Tags Linuxsecuritynsasoftwareoperating systemsprivacydebian

More about DebianGoogleLinuxNSA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Chris Hoffman

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place