Commit 66a47488 authored by Tails developers's avatar Tails developers
Browse files

Merge branch 'master' into testing

parents 4ab5ddbc c6aedc2e
Um, I would be very grateful if you included option for using KDE and TorK ( http://sourceforge.net/projects/tork/ )
Opinions on KDE might ... differ, but TorK is definitely better Vidalia.
......@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2011-04-12 04:25-0600\n"
"POT-Creation-Date: 2011-09-13 03:32-0600\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -105,3 +105,44 @@ msgid ""
"Then try to boot again, and append the end of the boot log (or what seems to "
"be relevant to your problem) to your bug report."
msgstr ""
#. type: Title -
#, no-wrap
msgid "No internet access\n"
msgstr ""
#. type: Plain text
msgid ""
"The WhisperBack bug reporting tool (accessed from the Tails desktop) can of "
"course not send the bug report when there is not internet access. The "
"following steps can be used as a work-around (Note that your bug report will "
"not be anonymous unless you take further steps yourself (e.g. using Tor with "
"a throw-away email account)):"
msgstr ""
#. type: Bullet: '1. '
msgid "In Tails, start the bug reporting tool"
msgstr ""
#. type: Bullet: '2. '
msgid "In the bug report window, expand \"technical details to include\""
msgstr ""
#. type: Bullet: '3. '
msgid "Copy everything in the \"debugging info\" box"
msgstr ""
#. type: Bullet: '4. '
msgid "Paste it to another document (using gedit for instance)"
msgstr ""
#. type: Bullet: '5. '
msgid "Save the document on a USB strick"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"6. Boot into a system with working networking and send the debugging\n"
"info to us.\n"
msgstr ""
......@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2011-04-12 04:25-0600\n"
"POT-Creation-Date: 2011-09-13 03:32-0600\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -105,3 +105,44 @@ msgid ""
"Then try to boot again, and append the end of the boot log (or what seems to "
"be relevant to your problem) to your bug report."
msgstr ""
#. type: Title -
#, no-wrap
msgid "No internet access\n"
msgstr ""
#. type: Plain text
msgid ""
"The WhisperBack bug reporting tool (accessed from the Tails desktop) can of "
"course not send the bug report when there is not internet access. The "
"following steps can be used as a work-around (Note that your bug report will "
"not be anonymous unless you take further steps yourself (e.g. using Tor with "
"a throw-away email account)):"
msgstr ""
#. type: Bullet: '1. '
msgid "In Tails, start the bug reporting tool"
msgstr ""
#. type: Bullet: '2. '
msgid "In the bug report window, expand \"technical details to include\""
msgstr ""
#. type: Bullet: '3. '
msgid "Copy everything in the \"debugging info\" box"
msgstr ""
#. type: Bullet: '4. '
msgid "Paste it to another document (using gedit for instance)"
msgstr ""
#. type: Bullet: '5. '
msgid "Save the document on a USB strick"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"6. Boot into a system with working networking and send the debugging\n"
"info to us.\n"
msgstr ""
......@@ -6,7 +6,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2011-04-12 04:25-0600\n"
"POT-Creation-Date: 2011-09-13 03:32-0600\n"
"PO-Revision-Date: 2011-03-25 12:39+0100\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -123,3 +123,44 @@ msgid ""
msgstr ""
"Ensuite, essayez de redémarrer, et ajoutez la fin du journal de démarrage "
"(ou ce qui semble correspondre à votre problème) à votre rapport de bug."
#. type: Title -
#, no-wrap
msgid "No internet access\n"
msgstr ""
#. type: Plain text
msgid ""
"The WhisperBack bug reporting tool (accessed from the Tails desktop) can of "
"course not send the bug report when there is not internet access. The "
"following steps can be used as a work-around (Note that your bug report will "
"not be anonymous unless you take further steps yourself (e.g. using Tor with "
"a throw-away email account)):"
msgstr ""
#. type: Bullet: '1. '
msgid "In Tails, start the bug reporting tool"
msgstr ""
#. type: Bullet: '2. '
msgid "In the bug report window, expand \"technical details to include\""
msgstr ""
#. type: Bullet: '3. '
msgid "Copy everything in the \"debugging info\" box"
msgstr ""
#. type: Bullet: '4. '
msgid "Paste it to another document (using gedit for instance)"
msgstr ""
#. type: Bullet: '5. '
msgid "Save the document on a USB strick"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"6. Boot into a system with working networking and send the debugging\n"
"info to us.\n"
msgstr ""
......@@ -44,3 +44,20 @@ that a bunch of hopefully useful messages are displayed on boot.
Then try to boot again, and append the end of the boot log (or what
seems to be relevant to your problem) to your bug report.
No internet access
------------------
The WhisperBack bug reporting tool (accessed from the Tails desktop)
can of course not send the bug report when there is not internet
access. The following steps can be used as a work-around (Note that
your bug report will not be anonymous unless you take further steps
yourself (e.g. using Tor with a throw-away email account)):
1. In Tails, start the bug reporting tool
2. In the bug report window, expand "technical details to include"
3. Copy everything in the "debugging info" box
4. Paste it to another document (using gedit for instance)
5. Save the document on a USB strick
6. Boot into a system with working networking and send the debugging
info to us.
......@@ -8,5 +8,4 @@ was released. If HTP fails a first time, and if the current time clock
is different by more than 6 (?) months, we start by setting the time
clock to the live system release before attempting HTP once more.
This issue will be fixed when
[[todo/remove_the_htp_user_firewall_exception]] is implemented.
> [[pending]] for 0.8
......@@ -5,3 +5,5 @@ As of Tails 0.7, it is too easy to shutdown Tails. It shuts down, without waitin
>> I'm against changing this. It's a feature; when necessary, you can
>> just grab your media and run without having any secon thoughts. A
>> confirmation prompt would be dangerious. --anonym
>>> We reached agreement to close this bug as invalid. [[done]]
......@@ -84,7 +84,7 @@ Of course, that still allows requests for invalid names like "http://...---...i2
Many apologies if my English is unclear: please feel free to ask for clarification on any points.
> Thanks! All this was fixed in the devel branch (41ee709)
> => [[!taglink pending]]
> => [[pending]]
>> Thanks for the update, and for fixing up my markup - I learned
>> stuff! :D Is the devel branch publicly available on some SVN
......
In Tails 0.8-rc2, the msva does not use the configured keyserver but
pool.sks-keyservers.net.
`.xsession-errors` says:
Not a valid keyserver (from gpg config /home/amnesia/.gnupg/gpg.conf):
hkp://2eghzlv2wwcq7u7y.onion
[Reported upstream](https://labs.riseup.net/code/issues/3457).
In Tails 0.8-rc1, sdmem on eject works when booting from USB, but has
no visible effect when booting from CD.
The problems seem to have something to to with udev not sending events
(e.g. the "change" uevent we wait for) until the device is unmounted.
The following was tested on a secondary CD-ROM drive (so not the boot
device which may or may not invalidate this theory):
1. Insert a CD in the seconday CD-ROM drive (say it's /dev/sr1) and
mount it.
2. Run: udev-watchdog <udev path for /dev/sr1> cd
3. Eject the CD.
4. Observe that the watchdog sees nothing and that the device remains
mounted. Trying to access the mounted filesystem will produce I/O
errors.
4. Run: umount /dev/sr1
5. Observe that the watchdog finally sees the "change" action.
Furthermore, in lack of hardware, I tested this in VirtualBox, which
may behave different than real hardware. So YMMV.
When building 0.8-rc1 with the stable kernel (2.6.32-5-486) this issue
does not arise, which suggests that the issue is with the linux kernel
and was introduced somewhere after 2.6.32. Otoh, on my up-to-date
wheezy system (linux 3.0.0-1-amd64, udev 172-1, etc.) I do not have
this issue using udev-watchdog, wich could suggest a compatibility
issue with some other package (we also have i386 vs amd64, of course).
Updating to unstable's udev (172-1) in hope of it playing better with
linux 3.0.0-1 from unstable did not solve the issue either, however.
> Indeed, linux 2.6.38-rc1 [[reworked disk event handling|http://lwn.net/Articles/423619/]]
> and adds block.events_dfl_poll_msecs that can be used to set the
> interval for polling block devices for events. This does not seem
> to work properly though: settings it to 1000 makes it work in
> VirtualBox with its virtual CD-ROM drive, but no value seems to work
> on the one real machine I have available with a CD-ROM drive.
>> This was half-workaround'd for 0.8 => the eject button now triggers
>> shutdown/sdmem sequence, but the CD is not ejected, which is a
>> regression.
>>> Should be fixed in d5353b5 in devel.
......@@ -959,16 +959,19 @@ stored there), history is disabled (just in case) and many other
things. It is also setup not to automatically check for updates of its
installed extensions. Java support is disabled.
Iceweasel is shipped with some extensions to help users manage
their browsing experience. The
[CS Lite](https://addons.mozilla.org/fr/firefox/addon/5207/)
extension treats all cookies as session cookies by default, and
provides more fine-grained cookie control for users who need it. This
prevents the known leak of browsing informations cookies can lead to.
The [Adblock plus](https://addons.mozilla.org/fr/firefox/addon/1865/)
extension protects against many tracking possibilities by
removing most ads. The [FireGPG](http://getfiregpg.org/) plugin allows
users to use GnuPG inside websites such as webmails.
Iceweasel is shipped with some extensions to help users manage their
browsing experience. The Torbutton settings treat all cookies as
session cookies by default; the [CS
Lite](https://addons.mozilla.org/fr/firefox/addon/5207/)
(until Tails 0.8) (PENDING-FOR-0.9 [Cookie
Monster](https://addons.mozilla.org/en-US/firefox/addon/cookie-monster))
provides more
fine-grained cookie control for users who need it. This prevents the
known leak of browsing informations cookies can lead to. The [Adblock
plus](https://addons.mozilla.org/fr/firefox/addon/1865/) extension
protects against many tracking possibilities by removing most ads. The
[FireGPG](http://getfiregpg.org/) plugin allows users to use GnuPG
inside websites such as webmails.
Tails ships the [HTTPS
Everywhere](https://www.eff.org/https-everywhere) extension that
......
......@@ -17,9 +17,9 @@ Merge the `master` branch into the one used to build the release.
### version number
In the branch used to build the release, update the `inc/*` files to match the
version number of the new release. Don't update `/inc/stable_i386_hash.html`
since the hash can't be computed yet.
In the branch used to build the release, update the `inc/*` files to
match the *version number* and *date* of the new release. Don't update
`/inc/stable_i386_hash.html` since the hash can't be computed yet.
### design documentation
......
......@@ -93,6 +93,13 @@ Check the output for:
EHLO/HELO SMTP messages it sends). Send an email using Claws and a
non-anonymizing SMTP relay. Then check that email's headers once
received, especially the `Received:` and `Message-ID:` ones.
* Also check that the EHLO/HELO SMTP message is not leaking anything
with a packet sniffer: Disable SSL/TLS for SMTP in Claws (so take
recations for not leaking you password in plaintext by either
chaning it temporarily or using a disposable account). Then run
"sudo tcpdump -i lo -w dump" so we capture the packet before Tor
encrypts it, and check the dump for the HELO/EHLO message and
verify that it only contains "localhost".
# Whisperback
......@@ -104,17 +111,16 @@ Check the output for:
Those tests shall be run using GnuPG on the command-line, the
Seahorse GUI and FireGPG:
* key search/receive: torified? going to the configured hkps://
server?
* key search/receive: torified? going to the configured keyserver?
- `gpg --search` tells what server it is connecting to
- the IP of the configured keyserver must appear in Vidalia's list
of connections
- the connection to the configured keyserver must appear in Vidalia's
list of connections
- if you run a keyserver, have a look there.
# Monkeysphere
* Monkeysphere validation agent key search/receive: torified?
(the MSVA is simply not working currently, ignore this.)
* Monkeysphere validation agent key search/receive: torified? uses
configured keyserver?
# HTP
......@@ -127,11 +133,7 @@ Seahorse GUI and FireGPG:
4. connect the network cable
=> the date should be corrected and Tor/Vidalia should start
correctly. Except it does not work currently as the queried servers'
SSL certificates are invalid if the date is too much wrong
=> also test with a slightly less wrong date, which is supposed to
work already.
correctly.
# erase memory on shutdown
......@@ -144,6 +146,11 @@ Testing that the needed files are really mapped in memory, and the
erasing process actually works, involves slightly more complicated
steps that are worth [[a dedicated page|test/erase_memory_on_shutdown]].
# Virtualization support
* `modinfo vboxguest` should work
* test in VirtualBox
# Misc
* Check that links to the online website (`Mirror:`) at the bottom of
......@@ -159,3 +166,5 @@ steps that are worth [[a dedicated page|test/erase_memory_on_shutdown]].
* Boot and check basic functionality is working for every supported language.
* Try to start with the `truecrypt` option on boot, see if it can be found in
the Application -> Accessories menu and that it runs correctly
* Virtual keyboard must work and be auto-configured to use the same
keyboard layout as the X session.
......@@ -33,6 +33,8 @@ Next things to do:
may not support the video formats broadcasted by YouTube, and
might not be robust enough; `mozilla-plugin-vlc` (15MB compressed
.deb files) might be safer bet.
* Native YouTube client, such as [[!debpts minitube]] (6MB compressed
.deb files).
* If we decide to go the Gnash way, we'll need to research the
privacy/anonymity issues it may have.
......
......@@ -14,7 +14,8 @@ Some of our extensions are not marked as compatible with FF5:
compatible with FF5; tracked by [[!debbug 634071]]
- Monkeysphere 0.6 is not marked as compatible with FF5; it mostly
works with FF5, though, as we [reported to
upstream](https://labs.riseup.net/code/issues/3314).
upstream](https://labs.riseup.net/code/issues/3314) and to Debian
([[!debbugs 638585]])
Some other extensions are in a much worse state wrt. FF4+:
......
......@@ -16,9 +16,10 @@ Early September 2011: the popcon reports approx. 180 users,
the PTS ([[!debpts msn-pecan]]) reports a still unpackaged 3-months
old new upstream version, the BTS reports no bug.
Upstream [bug
#299](https://code.google.com/p/msn-pecan/issues/detail?id=299)
and [[!debbug 624733]] indicate that the current Debian Squeeze
version (0.1.2-1) is completely broken due to protocol changes. We
need to [[!taglink todo/test]] this: if true, it greatly deserves an
upload to `squeeze-update`.
The current Debian Squeeze version (0.1.1-1) is completely broken due
to protocol changes ([upstream bug
299](https://code.google.com/p/msn-pecan/issues/detail?id=299),
[[!debbug 624733]]). A backported 0.1.2-1 works nicely => let's ship
that.
[[!tag todo/code]]
[[!tag todo/research]]
Which CTCP replies should Pidgin reply to over IRC? In 0.8-rc2 it
responds to PING and VERSION (with "Purple IRC"), but before that it
didn't respond to any CTCP query. We need to assess which ones are
safe or even desireable w.r.t. fingerprintability (e.g vs. "normal"
Pidgin users) and other leaks.
[[!tag todo/research]]
Splashy was removed from testing and won't be part of the Squeeze
release. The reasons for this removal (see [[!debbug 599245]]) are not
of the kind we can afford ignoring (incompatible with KMS, progress
......@@ -13,5 +11,33 @@ We then need to choose amongst the following solutions:
- forget the boot splash thing until a maintainable solution arises
(could be affordable as GDM now starts quite earlier)
We could [[!taglink todo/test]] plymouth with various hardware, some
that uses KMS by default on Squeeze and some that does not.
The [[todo/windows_theme]] task would be improved by a graphical
Windows splash screen.
Update: according to dba, the simple Plymouth blue progress bar
(ascii, no drm) is working absolutely everwhere, he's not found one
machine not supporting it, yet. For squeeze-based systems,
progress-linux just installs the [[!debpkg plymouth]] package and
that's all. Once the level of broken hardware has dropped
significantly, which probably is when wheezy is due, a clean looking
graphical splash can be shipped with DRM support.
Quickly implemented in `feature/plymouth`.
Left to do
==========
Testing
-------
[[!tag todo/test]]
We now need to test it with various hardware, some that uses KMS by
default on Squeeze and some that does not.
Works on:
- Thinkpad X32 (radeon, kms enabled)
Does not work on:
......@@ -6,9 +6,20 @@ This page contains installation and testing instructions and hints.
The login with given language (locale) and setting password for amnesia should work. Note that original greeter is disabled upon installation so you'll not be able to login via gdm if something is broken in tails-greeter - you've been warned.
## Git repositories
Core Tails developers repo:
git://git.immerda.ch/max/tails-greeter.git
ssh://git@git.immerda.ch/tails/tails-greeter.git
Max' repo:
git://git.immerda.ch/max/tails-greeter.git
## Build package from git
0. git clone git://git.immerda.ch/max/tails-greeter.git
0. git clone git://git.immerda.ch/tails/tails-greeter.git
0. cd tails-greeter
0. git-buildpackage
......
[[!tag todo/discuss]]
In Tails <=0.7.2 (with Torbutton <1.4) we allowed toggling Torbutton
to enable full javascript for pages it breaks etc. We made it more
difficult to toggle by mistake by setting torbutton.locked_mode=true,
which makes the panel require a right-click -> Toggle instead of just
a left-click, which is good. In Torbutton 1.4 the behaviour changed:
torbutton.locked_mode=true makes it impossible to toggle, and false
enabled toggling only through the Torbutton menu, which essentually
is our old bahaviour.
The question is, do we even want to support toggling at all at this
point, i.e. Tails 0.8 and on? That might just confuse our users as
Tor really can't be disabled thanks to our
[[firewall|contribute/design/Tor_enforcement]].
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment