Commit adc9d0aa authored by intrigeri's avatar intrigeri
Browse files

Add DebConf15 slides.

parent 75137956
% Tails: a technical overview
% BitingBird, kurono, intrigeri
% Debian Conference 2015
<style>
.reveal h1 {
margin-bottom: 0.3em;
}
</style>
About Tails
=============
Who are we
--------
* Tails contributors
What is Tails
-------------
**T**he **A**mnesic **I**ncognito **L**ive **S**ystem
<https://tails.boum.org/>
A Live operating system
-----------------------
* works on (almost) any computer
* boots off a DvD, a USB stick, or a SD card (some of them)
Preserving privacy and anonymity #1
-----------------------------------
* use the Internet anonymously and circumvent censorship:
all connections to the Internet are forced to go through the Tor network
* leave no trace on the computer you are using unless you ask it
explicitly
Preserving privacy and anonymity #2
-----------------------------------
* cryptographic tools:
encrypt your files, emails and instant messaging
* media production tools:
sound, video, office publishing, graphics...
And... it works?
----------------
> * According to the NSA, yes :
> "(S//REL) Tails: Complete Bootable OS on CD for anonymity - includes Tor
> (S//REL) Adds Severe CNE misery to equation"
> (Thanks to a famous Tails user for providing these documents.)
> * Bruce Schneier, December 2013 :
> "What do I trust? I trust, I trust Tails, I trust GPG [...]"
> "I don't use Linux. (Shhh. Don't tell anyone.)
> Although I have started using Tails""
Main project goals
=============================
Usability: a security feature
------------------
* Often usability matters more than "pure" security.
* Make a "baseline" security level (privacy, anonymity) very accessible.
Examples
--------
* GNOME desktop
* desktop cryptographic tools (Seahorse, OpenPGP applet, GNOME Disks)
* integrates the "Spoof MAC address, or not" decision in
a user-friendly way
* documentation
* translations
* warnings
* WhisperBack
A small delta, to avoid drowning
------------------
* Often, specialized distributions die quickly.
* At least in this area.
✝ Haven, Anonym.OS, ParanoidLinux, onionOS, Phantomix and
many others. RIP.
Why?
------------------
* small teams, not organized to grow
* underestimation of the maintenance and user support work
* no long-term commitment
* NIH
Examples: what we're doing upstream
------------------
* AppArmor
* libvirt
* Seahorse
* Debian
* Debian Live
* fix OTR downgrade → v1
Results
---------------
* little Tails-specific code
* glue work
* "social" work:
talk to upstreams
spread the word about our needs
find skilled people to do the work at the best place
* slow rhythm (waiting the next Debian release, and sometimes the one
after), despite backports
* Tails is still alive!*
Implementation
==========
PELD
-----------------------
* <https://tails.boum.org/contribute/design>
* Tails currently based on Debian Wheezy.
* ...migrating to Jessie.
* Core software:
* Tor
* Vidalia (migrating to Tor Monitor <https://labs.riseup.net/code/issues/6841>)
Use the Internet anonymously
-----------------------
* We don't know what software will attempt to contact the network
* ...so we block all outbound Internet traffic except Tor
* (and I2P when enabled)
* Unsafe Browser for captive portals
Tails installer
-----------------------
* Based on Fedora's liveusb-creator
* <https://tails.boum.org/contribute/design/installation/>
* Debian version in progress :)
* Currently PyGTK
Leave no trace on the computer
-----------------------
* Protect against memory recovery such as cold boot attack
* RAM is overwritten when Tails is being shutdown
<https://tails.boum.org/contribute/design/memory_erasure/>
* Actual memory erasure: secure-delete (sdmem)
Tails persistence
-----------------------
* Somewhat tricky topic for a live distro
* User keys, some APT packages...
* LUKS-encrypted GPT partition (TailsData)
* dm-crypt
* ext 3
* Written in Perl (Historical reasons)
Incremental upgrades
-----------------------
* Only possible in USB stick
* Incremental Upgrade Kit (IUK)
Application isolation
-----------------------
* Currently only file system isolation
* AppArmor to isolate applications
* The best supported in Debian
* Hacks to support the Live system
* Web browser in process
Build and Test
-----------------------
* Git repo --> <https://tails.boum.org/contribute/git/#main-repo>
* Building Tails using Vagrant
* Goal: automated build and tests
* Automated test suite
* Sikuli, libvirt, cucumber
Challenges
==========
Cadence & popularity
--------------------
- new release every 6 weeks
- about 10k boots a day, doubles every 6-9 months
Limited resources and time
--------------------------
- mostly volunteer work
- 2000 commits, by ~10 persons, on the last 6 months
Roadmap
=======
Overview
--------
> * welcome more varied contributions
> * ... from more varied people
> * make our life easier
> * make Tails (even) more usable
> * better protect users against targeted attacks
This summer
-----------
> - **Tails 1.1** — July 22: Debian Wheezy, UEFI
And then
--------
- **Tails 2.0**: sustainability and maintainability
Greeter
same-day security updates
mitigate effects of security holes
- **Tails 3.0**: hardening, sandboxing
- More?
<https://labs.riseup.net/code/projects/tails/roadmap>
Tails needs you, for...
=======================
Tests
--------
Early testers help improve Tails quality.
<https://tails.boum.org/contribute/how/testing/>
* &#35;5174: Test Pidgin SSL validation in Debian unstable
* &#35;5709: Test OnionCat unidirectional mode for VoIP
Usability
--------
User interface and user experience experts can make Tails easier to
use and more appealing.
<https://tails.boum.org/contribute/how/user_interface/>
* &#35;7437: Design a progress indicator while establishing a connection to Tor
* &#35;6417: Evaluate Tails Greeter revamp proposals
Code
--------
Software people with very diverse skills can improve Tails.
<https://tails.boum.org/contribute/how/code/>
* &#35;5917: tails-greeter password field : Warn when caps-lock in ON
* &#35;6918: Track hardening status of the binaries shipped in Tails
* &#35;5881: Add reboot button to persistence setup assistant
Infrastructure
--------
System administrators can improve the development and quality
assurance processes.
<https://tails.boum.org/contribute/how/sysadmin/>
* &#35;6295: Evaluate consequences of importing large amounts of packages into reprepro
* &#35;6891: Monitor broken links on our website
Debian
--------
One can improve Tails (and other Debian derivatives, such as
Freepto ;) by contributing to Debian.
<https://tails.boum.org/contribute/how/debian/>
* AppArmor (<https://wiki.debian.org/AppArmor/Contribute>)
* &#35;6507: Package our OpenPGP applet for Debian
* &#35;7352: Backport ruby-libvirt 0.5+ for Wheezy
Where to start?
--------
* <https://tails.boum.org/contribute/>
* "easy" tasks
Contact
=======
## Talk to us
* I'm here.
* Development mailing-list: **<tails-dev@boum.org>**
* Mailing-list for translators: **<tails-l10n@boum.org>**
* Early testers mailing-list: **<tails-testers@boum.org>**
* Private and encrypted mailing-list: **<tails@boum.org>**
* IRC: see <https://tails.boum.org/contribute/>
* Web: **<https://tails.boum.org/>**
% Tails: a technical overview
% BitingBird, kurono, intrigeri
% Debian Conference 2015
<style>
.reveal h1 {
margin-bottom: 0.3em;
}
</style>
About Tails
=============
Who are we
--------
* Tails contributors
What is Tails
-------------
**T**he **A**mnesic **I**ncognito **L**ive **S**ystem
<https://tails.boum.org/>
A Live operating system
-----------------------
* works on (almost) any computer
* boots off a DvD, a USB stick, or a SD card (some of them)
Preserving privacy and anonymity #1
-----------------------------------
* use the Internet anonymously and circumvent censorship:
all connections to the Internet are forced to go through the Tor network
* leave no trace on the computer you are using unless you ask it
explicitly
Preserving privacy and anonymity #2
-----------------------------------
* cryptographic tools:
encrypt your files, emails and instant messaging
* media production tools:
sound, video, office publishing, graphics...
And... it works?
----------------
> * According to the NSA, yes :
> "(S//REL) Tails: Complete Bootable OS on CD for anonymity - includes Tor
> (S//REL) Adds Severe CNE misery to equation"
> (Thanks to a famous Tails user for providing these documents.)
> * Bruce Schneier, December 2013 :
> "What do I trust? I trust, I trust Tails, I trust GPG [...]"
> "I don't use Linux. (Shhh. Don't tell anyone.)
> Although I have started using Tails""
Main project goals
=============================
Usability: a security feature
------------------
* Often usability matters more than "pure" security.
* Make a "baseline" security level (privacy, anonymity) very accessible.
Examples
--------
* GNOME desktop
* desktop cryptographic tools (Seahorse, OpenPGP applet, GNOME Disks)
* integrates the "Spoof MAC address, or not" decision in
a user-friendly way
* documentation
* translations
* warnings
* WhisperBack
A small delta, to avoid drowning
------------------
* Often, specialized distributions die quickly.
* At least in this area.
✝ Haven, Anonym.OS, ParanoidLinux, onionOS, Phantomix and
many others. RIP.
Why?
------------------
* small teams, not organized to grow
* underestimation of the maintenance and user support work
* no long-term commitment
* NIH
Examples: what we're doing upstream
------------------
* AppArmor
* libvirt
* Seahorse
* Debian
* Debian Live
* fix OTR downgrade → v1
Results
---------------
* little Tails-specific code
* glue work
* "social" work:
talk to upstreams
spread the word about our needs
find skilled people to do the work at the best place
* slow rhythm (waiting the next Debian release, and sometimes the one
after), despite backports
* Tails is still alive!*
Implementation
==========
PELD
-----------------------
* <https://tails.boum.org/contribute/design>
* Tails currently based on Debian Wheezy.
* ...migrating to Jessie.
* Core software:
* Tor
* Vidalia (migrating to Tor Monitor <https://labs.riseup.net/code/issues/6841>)
Use the Internet anonymously
-----------------------
* We don't know what software will attempt to contact the network
* ...so we block all outbound Internet traffic except Tor
* (and I2P when enabled)
* Unsafe Browser for captive portals
Tails installer
-----------------------
* Based on Fedora's liveusb-creator
* <https://tails.boum.org/contribute/design/installation/>
* Debian version in progress :)
* Currently PyGTK
Leave no trace on the computer
-----------------------
* Protect against memory recovery such as cold boot attack
* RAM is overwritten when Tails is being shutdown
<https://tails.boum.org/contribute/design/memory_erasure/>
* Actual memory erasure: secure-delete (sdmem)
Tails persistence
-----------------------
* Somewhat tricky topic for a live distro
* User keys, some APT packages...
* LUKS-encrypted GPT partition (TailsData)
* dm-crypt
* ext 3
* Written in Perl (Historical reasons)
Incremental upgrades
-----------------------
* Only possible in USB stick
* Incremental Upgrade Kit (IUK)
Application isolation
-----------------------
* Currently only file system isolation
* AppArmor to isolate applications
* The best supported in Debian
* Hacks to support the Live system
* Web browser in process
Build and Test
-----------------------
* Git repo --> <https://tails.boum.org/contribute/git/#main-repo>
* Building Tails using Vagrant
* Goal: automated build and tests
* Automated test suite
* Sikuli, libvirt, cucumber
Challenges
==========
Cadence & popularity
--------------------
- new release every 6 weeks
- about 10k boots a day, doubles every 6-9 months
Limited resources and time
--------------------------
- mostly volunteer work
- 2000 commits, by ~10 persons, on the last 6 months
Roadmap
=======
Overview
--------
> * welcome more varied contributions
> * ... from more varied people
> * make our life easier
> * make Tails (even) more usable
> * better protect users against targeted attacks
This summer
-----------
> - **Tails 1.1** — July 22: Debian Wheezy, UEFI
And then
--------
- **Tails 2.0**: sustainability and maintainability
Greeter
same-day security updates
mitigate effects of security holes
- **Tails 3.0**: hardening, sandboxing
- More?
<https://labs.riseup.net/code/projects/tails/roadmap>
Tails needs you, for...
=======================
Tests
--------
Early testers help improve Tails quality.
<https://tails.boum.org/contribute/how/testing/>
* &#35;5174: Test Pidgin SSL validation in Debian unstable
* &#35;5709: Test OnionCat unidirectional mode for VoIP
Usability
--------
User interface and user experience experts can make Tails easier to
use and more appealing.
<https://tails.boum.org/contribute/how/user_interface/>
* &#35;7437: Design a progress indicator while establishing a connection to Tor
* &#35;6417: Evaluate Tails Greeter revamp proposals
Code
--------
Software people with very diverse skills can improve Tails.
<https://tails.boum.org/contribute/how/code/>
* &#35;5917: tails-greeter password field : Warn when caps-lock in ON
* &#35;6918: Track hardening status of the binaries shipped in Tails
* &#35;5881: Add reboot button to persistence setup assistant
Infrastructure
--------
System administrators can improve the development and quality
assurance processes.
<https://tails.boum.org/contribute/how/sysadmin/>
* &#35;6295: Evaluate consequences of importing large amounts of packages into reprepro
* &#35;6891: Monitor broken links on our website
Debian
--------
One can improve Tails (and other Debian derivatives, such as
Freepto ;) by contributing to Debian.
<https://tails.boum.org/contribute/how/debian/>
* AppArmor (<https://wiki.debian.org/AppArmor/Contribute>)
* &#35;6507: Package our OpenPGP applet for Debian
* &#35;7352: Backport ruby-libvirt 0.5+ for Wheezy
Where to start?
--------
* <https://tails.boum.org/contribute/>
* "easy" tasks
Contact
=======
## Talk to us
* I'm here.
* Development mailing-list: **<tails-dev@boum.org>**
* Mailing-list for translators: **<tails-l10n@boum.org>**
* Early testers mailing-list: **<tails-testers@boum.org>**
* Private and encrypted mailing-list: **<tails@boum.org>**
* IRC: see <https://tails.boum.org/contribute/>
* Web: **<https://tails.boum.org/>**