Commit 85e2b585 authored by Tails developers's avatar Tails developers
Browse files

Merge branch 'devel' into feature/wheezy

parents f4d7ffb5 623c7d2c
......@@ -2,6 +2,7 @@ keyserver hkps://
keyserver-options ca-cert-file=/etc/ssl/certs/sks-keyservers.netCA.pem
keyserver-options http-proxy= no-honor-keyserver-url
personal-cipher-preferences AES256,AES192,AES,CAST5
personal-digest-preferences SHA512,SHA384,SHA256
cert-digest-algo SHA512
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
......@@ -47,6 +47,9 @@
......@@ -400,6 +403,60 @@
<!-- KeePassX Launcher -->
<entry><key>objects/keepassx_launcher/attached_toplevel_id</key><schema_key>/schemas/apps/panel/objects/attached_toplevel_id</schema_key> </entry>
<!-- Terminal Launcher -->
......@@ -420,7 +477,7 @@
......@@ -259,14 +259,14 @@ msgstr "Vos logiciels additionnels"
#: config/chroot_local-includes/usr/local/sbin/tails-additional-software:119
#: config/chroot_local-includes/usr/local/sbin/tails-additional-software:129
#, fuzzy
msgid ""
"The upgrade failed. This might be due to a network problem. Please check "
"your network connection, try to restart Tails, or read the system log to "
"understand better the problem."
msgstr ""
"La mise à jour a échoué. Cela peut être dû à un problème de réseau. Veuillez "
"vérifier votre connexion au réseau, ou redémarrez Tails."
"vérifier votre connexion au réseau, essayez de redémarrer Tails, ou consultez "
"les journaux système pour obtenir davantage d'informations."
#: config/chroot_local-includes/usr/local/sbin/tails-additional-software:125
msgid "The upgrade was successful."
......@@ -64,16 +64,11 @@ aims to take care of (among other things):
* Support Tor's prop 171 (stream isolation via per-account proxy
* Mixmaster/Mixminion integration.
* Removes User-Agent header.
All these seem terrific, so this is something we definitely want to
Spoof or remove User-Agent header
Maybe done by Torbirdy, see tickets on [[Redmine|todo/Return of
Modified autoconfig wizard
For Tails [[!taglink release/2.0]], we want at least basic UEFI boot
including Mac.
Some hardware ([[bugs/ThinkPad_X220_vs_GPT]], recent Mac) cannot boot
Tails from USB, due to firmware limitations. Making Tails support UEFI
Some hardware (ThinkPad X220, recent Mac) cannot boot
Tails from USB, due to firmware limitations.
Making Tails support UEFI
would fix this problem on such hardware.
* lernstick Grub configuration, implemented as a live-build binary
......@@ -12,6 +14,9 @@ would fix this problem on such hardware.
the [xmlboot]( gfxboot script and
many crazy Grub configuration scripts)
* [hellais' TAILS-OSX scripts](
and the [list of
it was tested on
* [Mac Linux USB Loader](
Doesn't work with Tails at the moment, but that's a frequent request
to upstream. Upstream is working on fixing this. That would allow
......@@ -49,6 +54,9 @@ would fix this problem on such hardware.
allows it to be started directly since the EFI boot menu.
* Running a UEFI firmware for virtual machines:
`qemu-system-x86_64 -bios /usr/share/ovmf/OVMF.fd`
* [Booting a Self-signed Linux
by Greg Kroah-Hartman
Matthew Garrett:
Tickets: [[!tails_ticket 6165]] and [[!tails_ticket 6173]].
<div class="sidebar-intro">
<div class="contribute-roles-1">
<div class="contribute-role" id="user">
<li>Report bugs</li>
<li>Provide needed input to developers</li>
......@@ -15,6 +13,15 @@ Tickets: [[!tails_ticket 6165]] and [[!tails_ticket 6173]].
<div class="contribute-roles-1">
<div class="contribute-role" id="donate">
<li>Make a donation</li>
<div class="contribute-roles-3">
<h2>Contribute with your language skills</h2>
<div class="contribute-role" id="content-writer">
......@@ -38,16 +45,6 @@ Tickets: [[!tails_ticket 6165]] and [[!tails_ticket 6173]].
<div class="contribute-roles-1">
<div class="contribute-role" id="donation">
<li>Make a donation</li>
<div class="contribute-roles-3">
<h2>Contribute with your technical skills</h2>
<div class="contribute-role" id="developer">
......@@ -16,10 +16,56 @@ Here's a useful report about crowfunding:
The interesting bit is this table comparing different sites (page 8).
# Candidates to investigate
# Candidates
* Joey's DYI solution:
## Bountysource
Website: <>
After a quick glance this looks very promising, as its model is a bit
more aligned to something suitable for open source projects compated
to general crowdsourcing sites. As far as I understand, Bountysource
has something like the following concepts:
* Fund raiser, same as in other crowdsourcing sites (time-limited, has
a set funding goal (in terms of money)).
* Bounty, unlike fund raisers these don't have a time-limit or funding
goal (in terms of money). They can even be left open, meaning that
other community members can assign themselves to the bounty,
implement it, show it to the parent project and then reap the
bounty, suitable for wish-list tasks.
* Parent project, which can own several bounties. The interesting part
with this is that I think it may encourage continuous contribution
from backers.
I'm not sure, though, what would be most suitable model for funding
development for us. Fund raisers are good since they have a time-limit
and funding goal, which I think encourage backing sooner rather than
later since they're not as open-ended as a bounty. OTOH, if we'd use a
bounty, we could specify such things in the description. One bad thing
with fund raisers is that they cannot be owned by a parent project
(like in other sites, they seem to be thought of more as a way to fund
the creation of a completely new project, not add stuff to an existing
## Fundageek
Website: <>
## Pledgie
Website: <>
## Kickstarter
Website: <>
## Indiegogo
Website: <>
## Joey's DYI solution
Website: <>
- XXX_NICK_XXX in Pidgin might be caused by a lack of RAM
[[!tag todo/documentation]]
The current documentation for translators could be improved:
1. pointers to basic Git usage documentation
See [R. Hertzog's "Contributing to the translation of
for great inspiration.
See also [[todo/update_translation_instructions_for_Transifex]].
Due to various concerns, Trecrypt is about to be replaced in Tails,
either by tcplay or cryptsetup.
This is the blueprint for [[!tails_ticket 5373]] and subtasks.
# Candidate alternatives
## Tc-play
......@@ -16,7 +18,14 @@ replacement of TrueCrypt... once a proper GUI available.
on-disk format](,
so if/when udisks and friends are adapted (if needed), then we could
as well avoid shipping any additional software at all. It is part of
Debian unstable.
Debian Jessie.
Once unlocked on the command-line, the TC volume shows up in Nautilus,
but no udisks / GNOME Disks / Nautilus integration is here to enable
the user to graphically activate a TC volume.
Upstream (udisks) feature request:
## Zulucrypt
For those having difficulty with Tails 0.12 not fully booting to only a Glib Warning halt, this suggestion
does work for me to complete the bootup, though may not be guaranteed in every case.
When the "Booting Tails" applet first appears, simply
hold down keyboard Ctrl and press the left direction arrow.
Lines of bootup text show and then a pause for a
Mb progress timer. Allow this time to process
then suddenly the screen will rapidly fill with
many lines of fast moving code.
The desktop will then appear and attempt made
to synchronize the pc clock with the local
server, followed by the Iceweazel's Tor
congratulations box.
> This shouldn't be necessary in 0.12.1, closing.
Please ship Tails with the Linux Standard Base (lsb) so that certain printer drivers can be installed.
> Tails 0.11 already ships all dependencies of the LSB 3.2 Printing
> Package, so I'm unsure what you mean. Please clarify. (For the
> record, I've added the `lsb-printing` package to the Tails packages
> list so that this remains true.)
>> In Tails 0.11, dpkg states that lsb is not installed which leads to installation failure.
Otherwise, there is no chance to get those printer drivers started.
> Perhaps you should be more specific about what printer?
> In may experience, Tails supports out-of-the-box most printers I've thrown at it.
>> Tails does not support certain all-in-one printers out-of-the-box. But this is not the problem because the required driver could be added manually if the lsb package were included in Tails.
>>> Sorry, it's unclear to me whether you are guessing or reporting
>>> actual facts. Have you experienced the following with a given
>>> printer:
>>> - the printer does not work out-of-the-box on Tails 0.11
>>> - pristine Tails 0.11 does not allow installing the required driver
>>> - Tails 0.11, once the `lsb` Debian package is installed, allows
>>> installing the required driver
>>> ?
>>> If you did, then we have to investigate what exact package Tails
>>> lacks. In Debian, `lsb` is a meta-package (ships nothing, only
>>> dependencies), and it depends on stuff we certainly don't want to
>>> install in Tails. On Tails 0.11, `apt-get install lsb` wants to
>>> install:
>>> alien at cups-bsd debhelper dpkg-dev ed exim4 exim4-base
>>> exim4-config exim4-daemon-light heirloom-mailx html2text
>>> intltool-debian libc-dev-bin libc6-dev libdpkg-perl libelf1
>>> libqt3-mt libqt4-gui libqt4-opengl libqt4-sql-sqlite librpm1
>>> librpmbuild1 librpmio1 linux-libc-dev lsb lsb-core lsb-cxx
>>> lsb-desktop lsb-graphics lsb-release m4 make ncurses-term pax
>>> po-debconf rpm rpm-common rpm2cpio time
>>> ... and it's not obvious to me which one of these packages would
>>> make a difference in the Tails ability to install printer drivers.
>>> The RPM and archive tools, maybe?
>>> If the above scenario is facts, may you please try to install
>>> these packages one after the other, to see which one makes
>>> a difference regarding the ability to install the required driver
>>> for this printer?
>>>> I will test it and tell you about my experiences.
>>>>> No report so far, closing. Feel free to reopen. [[done]]
I was using tcpdump and then wireshark to check for information leakage while
i was running Amnesia.
Amnesia successfully retrieved IP configuration by using local DHCP protocol,
and after that it synchronized with
Both address resolving and NTP requests were plain, unencrypted.
The proposal is to start system with NTPd after starting X. The only drawback here
will be caused by XScreenSaver (if running) when doing big clock adjustments.
Bohdan Turkynewych <tb0hdan[!]>
> Thanks for this bug report and for your debugging effort.
> This compromise was consciously decided. See our design documents
> about [[contribute/design/NTP]], [[contribute/design/HTP]] and
> [[contribute/design/Tor_enforcement]] for details.
> Can you please make it clear what practical attack (caused by this
> behavior) is a problem for you?
>> No answer from the original reporter since august, and this is
>> rather a documented feature than a bug => [[done]].
Just upgraded to .10 and the Archive Manager no longer supports .rar files.
This needs to be [[fixed|todo/have_archive_manager_support_rar_again]].
A workaround is to install `unrar`. After setting an administration password
during the boot sequence, open a terminal an issue:
sudo apt-get update
sudo apt-get install unrar
But this will not support all RAR archives, unfortunately.
[[done]] in Tails 0.13.
The 7 April 2011 iso image is accompanied by a text file giving a "hash" as an integrity check. To prevent malicious tampering, this text file is signed with a key with fingerprint
0D24 B36A A9A2 A651 7878 7645 1202 821C BE2C D9C1
which can be found by searching keyservers for Unfortunately, checking the signature gives:
gpg: Signature made Wed 06 Apr 2011 .... using RSA key ID BE2CD9C1
gpg: BAD signature from "T(A)ILS developers (signing key) <>"
> The detached GnuPG signature (`.asc`) is the **ISO** file's
> signature, not the one for the hash file (`.sha256`). The signature
> can be directly used to check the ISO file's integrity, no need to
> insert an extra step.
I can't get any sound with Tails 0.10.1 on my laptop. It's too low to hear. Had the same problem on my friend's laptop.
> Please use the "report a bug" application from *both* these
> computers so that we get enough information. (Someone already sent
> us a similar bug report over email, but it was lacking much
> necessary information and we had no way to ask for more, so
> unfortunately I deleted it. Maybe another Tails developer could
> resend it?)
Didn't have this issue before 0.10.1 so is it about the linux kernel? (sounds working on Windows 7)
> Can you please confirm Tails **0.10** does not expose this problem?
>> Also, please try with Tails 0.10.2.
>>> It was same on 0.10.2, then I entered Volume Control. The speaker
>>> volume setting was at lowest.
>>>> Ok. Again, may you please use the "report a bug" application to
>>>> provide enough information? Also, using `alsamixer` to tell us
>>>> the *exact* name of the mixer channel that was too low would
>>>> be useful.
>>> Why did you change that, why don't you simply mute the
>>> master volume?
>>>> We did not change anything related to sound volume. The only
>>>> thing that changed recently and I can imagine causing this
>>>> problem is the newer Linux kernel. That's why I asked to confirm
>>>> if 0.10 exposes this problem.
I sent two emails, one over Whisperback, one over an email account. They include technical details and the screenshots.
> Ok, moved to todo, then: [[todo/unmute_Speaker_mixer_channel]]
I'm not sure if it's intentional or not, but you can't use headphones in TAILS. I'm not sure if this is just me or whether this is just not a feature included. If not, might I suggest adding the ability?
> This is not expected and I cannot reproduce it.
> Have you checked the mixer levels were correct?
> Please [[report the bug|support/found_a_problem]] with the
> integrated bug reporting application to give us enough information.
> Else there's barely anything we can do about it.
>> No reply from OP, closing.
Neither System->Preferences->Keyboard nor the keyboard applet enables to change the keyboard layout in 0.5.
However `setxbkmap` does the job.
> Works for me both in Git and 0.5.
> You have to use the keyboard layout switcher applet that you can see
> in the top panel:
> - right click on the applet
> - keyboard preferences
> - add the keyboard layout you want
> - then you can see you cannot choose the default one here, close the
> preferences
> - clicking the applet now switches between keyboard layouts.
> On the other hand some layouts seem more or less buggy, but it might
> be caused by my weird host X config + VirtualBox. It also seems to
> work better with Git builds.
> => [[done]].
HTP connects to HTTPS sites, and fails if it can't verify the certificates.
=> If the system clock is too much wrong, HTP does not fix it and Tor
cannot connect to the network.
Possible kludge that could be setup until Tor is able to tell us the
correct time itself: inside the live system, we can figure out when it
was released. If HTP fails a first time, and if the current time clock
is different by more than 6 (?) months, we start by setting the time
clock to the live system release before attempting HTP once more.
> [[done]] in Tails 0.8
"Ctrl + C" doesn't work for me
> Maybe this could be considered as a feature rather than a bug. If you can't
> stop it, people willing to acces to your ram's data can't too (well, stil they
> can power off your computer).
> If you really want to stop it, at this step of the shutdown process you can
> just halt your computer the hard way by pressing the power button, smem is
> the last step, it shouldn't bring too much troubles.
> The new release will bring enhancement of this feature : it will be a bit
> faster and user friendly, so maybe wait to see it.
>> `Ctrl + C` is not advertised anymore in the Git version, and the
>> memory wipe is blazing fast, so this should not be an issue anymore
>> in next release.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment