Commit 8e737921 authored by Tails developers's avatar Tails developers
Browse files

Merge branch 'devel' of ssh://webmasters.boum.org/~/wiki into devel

parents b6d88318 b8c73fa7
This diff is collapsed.
Package: aircrack-ng
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Explanation: sid's aircrack-ng dependancy
Package: libssl1.0.0
Pin: release o=Debian,a=testing
Pin-Priority: 999
Package: eatmydata
Pin: origin backports.debian.org
Pin-Priority: 999
......@@ -27,6 +18,10 @@ Package: libio-socket-ssl-perl
Pin: origin backports.debian.org
Pin-Priority: 999
Package: libregexp-common-perl
Pin: release o=Debian,a=unstable
Pin-Priority: 999
Package: macchanger
Pin: release o=Debian,a=unstable
Pin-Priority: 999
......
testing.chroot
\ No newline at end of file
deb http://ftp.us.debian.org/debian/ testing main
tails (0.8) unstable; urgency=low
* Rebase on the Debian Squeeze 6.0.2.1 point-release.
* Tor
- Update to 0.2.2.33-1.
- Disabled ControlPort in favour of ControlSocket.
- Add port 6523 (Gobby) to Tor's LongLivedPorts list.
* I2P
- Update to 0.8.8.
- Start script now depends on HTP since I2P breaks if the clock jumps or is
too skewed during bootstrap.
* Iceweasel
- Update to 3.5.16-9 (fixes CVE-2011-2374, CVE-2011-2376, CVE-2011-2365,
CVE-2011-2373, CVE-2011-2371, CVE-2011-0083, CVE-2011-2363, CVE-2011-0085,
CVE-2011-2362, CVE-2011-2982, CVE-2011-2981, CVE-2011-2378, CVE-2011-2984,
CVE-2011-2983).
- Enable HTTP pipelining (like TBB).
- Update HTTPS Everywhere extension to 1.0.1-1 from Debian unstable.
- Suppress FoxyProxy update prompts.
- Prevent FoxyProxy from "phoning home" after a detected upgrade.
- Fixed a bunch of buggy regular expressions in FoxyProxy's configuration.
See [[bugs/exploitable_typo_in_url_regex?]] for details. Note that none of
these issues are critical due to the transparent proxy.
- Add DuckDuckGo SSL search engine.
* Torbutton
- Update to torbutton 1.4.3-1 from Debian unstable.
- Don't show Torbutton status in the status bar as it's now displayed in the
toolbar instead.
* Pidgin
- More random looking nicks in pidgin.
- Add IRC account on chat.wikileaks.de:9999.
* HTP
- Upgrade htpdate script (taken from Git 7797fe9) that allows setting wget's
--dns-timeout option.
* Software
- Update Linux to 3.0.0-1. -686 is now deprecated in favour of -486 and
-686-pae; the world is not ready for -pae yet, so we now ship -486.
- Update OpenSSL to 0.9.8o-4squeeze2 (fixes CVE-2011-1945 (revoke
compromised DigiNotar certificates), CVE-2011-1945).
- Update Vidalia to 0.2.14-1+tails1 custom package.
- Install accessibility tools:
- gnome-mag: screen magnifier
- gnome-orca: text-to-speech
- Replace the onBoard virtual keyboard with Florence.
- Install the PiTIVi non-linear audio/video editor.
- Install ttdnsd.
- Install tor-arm.
- Install lzma.
* Arbitrary DNS queries
- Tor can not handle all types of DNS queries, so if the Tor resolver fails
we fallback to ttdnsd. This is now possible with Tor 0.2.2.x, since we
fixed Tor bug #3369.
* Hardware support
- Install ipheth-utils for iPhone tethering.
- Install xserver-xorg-input-vmmouse (for mouse integration with the host OS
in VMWare and KVM).
- Install virtualbox-ose 4.x guest packages from Debian backports.
* Miscellaneous
- Switch gpg to use keys.indymedia.org's hidden service, without SSL.
The keys.indymedia.org SSL certificate is now self-signed. The hidden
service gives a good enough way to authenticate the server and encrypts
the connection, and just removes the certificates management issue.
- The squashfs is now compressed using XZ which reduces the image size quite
drastically.
- Remove Windows autorun.bat and autorun.inf. These files did open a static
copy of our website, which is not accessible any longer.
* Build system
- Use the Git branch instead of the Debian version into the built image's
filename.
- Allow replacing efficient XZ compression with quicker gzip.
- Build and install documentation into the chroot (-> filesystem.squashfs).
Rationale: our static website cannot be copied to a FAT32 filesystem due
to filenames being too long. This means the documentation cannot be
browsed offline from outside Tails. However, our installer creates GPT
hidden partitions, so the doc would not be browseable from outside Tails
anyway. The only usecase we really break by doing so is browsing the
documentation while running a non-Tails system, from a Tails CD.
-- Tails developers <amnesia@boum.org> Thu, 09 Sep 2011 11:31:18 +0200
tails (0.7.2) unstable; urgency=high
* Iceweasel
......
Um, I would be very grateful if you included option for using KDE and TorK ( http://sourceforge.net/projects/tork/ )
Opinions on KDE might ... differ, but TorK is definitely better Vidalia.
......@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2011-04-12 04:25-0600\n"
"POT-Creation-Date: 2011-09-13 03:32-0600\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -105,3 +105,44 @@ msgid ""
"Then try to boot again, and append the end of the boot log (or what seems to "
"be relevant to your problem) to your bug report."
msgstr ""
#. type: Title -
#, no-wrap
msgid "No internet access\n"
msgstr ""
#. type: Plain text
msgid ""
"The WhisperBack bug reporting tool (accessed from the Tails desktop) can of "
"course not send the bug report when there is not internet access. The "
"following steps can be used as a work-around (Note that your bug report will "
"not be anonymous unless you take further steps yourself (e.g. using Tor with "
"a throw-away email account)):"
msgstr ""
#. type: Bullet: '1. '
msgid "In Tails, start the bug reporting tool"
msgstr ""
#. type: Bullet: '2. '
msgid "In the bug report window, expand \"technical details to include\""
msgstr ""
#. type: Bullet: '3. '
msgid "Copy everything in the \"debugging info\" box"
msgstr ""
#. type: Bullet: '4. '
msgid "Paste it to another document (using gedit for instance)"
msgstr ""
#. type: Bullet: '5. '
msgid "Save the document on a USB strick"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"6. Boot into a system with working networking and send the debugging\n"
"info to us.\n"
msgstr ""
......@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2011-04-12 04:25-0600\n"
"POT-Creation-Date: 2011-09-13 03:32-0600\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -105,3 +105,44 @@ msgid ""
"Then try to boot again, and append the end of the boot log (or what seems to "
"be relevant to your problem) to your bug report."
msgstr ""
#. type: Title -
#, no-wrap
msgid "No internet access\n"
msgstr ""
#. type: Plain text
msgid ""
"The WhisperBack bug reporting tool (accessed from the Tails desktop) can of "
"course not send the bug report when there is not internet access. The "
"following steps can be used as a work-around (Note that your bug report will "
"not be anonymous unless you take further steps yourself (e.g. using Tor with "
"a throw-away email account)):"
msgstr ""
#. type: Bullet: '1. '
msgid "In Tails, start the bug reporting tool"
msgstr ""
#. type: Bullet: '2. '
msgid "In the bug report window, expand \"technical details to include\""
msgstr ""
#. type: Bullet: '3. '
msgid "Copy everything in the \"debugging info\" box"
msgstr ""
#. type: Bullet: '4. '
msgid "Paste it to another document (using gedit for instance)"
msgstr ""
#. type: Bullet: '5. '
msgid "Save the document on a USB strick"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"6. Boot into a system with working networking and send the debugging\n"
"info to us.\n"
msgstr ""
......@@ -6,7 +6,7 @@
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2011-04-12 04:25-0600\n"
"POT-Creation-Date: 2011-09-13 03:32-0600\n"
"PO-Revision-Date: 2011-03-25 12:39+0100\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -123,3 +123,44 @@ msgid ""
msgstr ""
"Ensuite, essayez de redémarrer, et ajoutez la fin du journal de démarrage "
"(ou ce qui semble correspondre à votre problème) à votre rapport de bug."
#. type: Title -
#, no-wrap
msgid "No internet access\n"
msgstr ""
#. type: Plain text
msgid ""
"The WhisperBack bug reporting tool (accessed from the Tails desktop) can of "
"course not send the bug report when there is not internet access. The "
"following steps can be used as a work-around (Note that your bug report will "
"not be anonymous unless you take further steps yourself (e.g. using Tor with "
"a throw-away email account)):"
msgstr ""
#. type: Bullet: '1. '
msgid "In Tails, start the bug reporting tool"
msgstr ""
#. type: Bullet: '2. '
msgid "In the bug report window, expand \"technical details to include\""
msgstr ""
#. type: Bullet: '3. '
msgid "Copy everything in the \"debugging info\" box"
msgstr ""
#. type: Bullet: '4. '
msgid "Paste it to another document (using gedit for instance)"
msgstr ""
#. type: Bullet: '5. '
msgid "Save the document on a USB strick"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"6. Boot into a system with working networking and send the debugging\n"
"info to us.\n"
msgstr ""
......@@ -44,3 +44,20 @@ that a bunch of hopefully useful messages are displayed on boot.
Then try to boot again, and append the end of the boot log (or what
seems to be relevant to your problem) to your bug report.
No internet access
------------------
The WhisperBack bug reporting tool (accessed from the Tails desktop)
can of course not send the bug report when there is not internet
access. The following steps can be used as a work-around (Note that
your bug report will not be anonymous unless you take further steps
yourself (e.g. using Tor with a throw-away email account)):
1. In Tails, start the bug reporting tool
2. In the bug report window, expand "technical details to include"
3. Copy everything in the "debugging info" box
4. Paste it to another document (using gedit for instance)
5. Save the document on a USB strick
6. Boot into a system with working networking and send the debugging
info to us.
......@@ -8,5 +8,4 @@ was released. If HTP fails a first time, and if the current time clock
is different by more than 6 (?) months, we start by setting the time
clock to the live system release before attempting HTP once more.
This issue will be fixed when
[[todo/remove_the_htp_user_firewall_exception]] is implemented.
> [[done]] in Tails 0.8
Torbutton's "warning, an external application will be run, you'd be
safer using Tails" dialog should not be displayed when running Tails.
> Fixed in Git stable and devel branches => [[pending]].
> [[done]] in Tails 0.8
......@@ -5,3 +5,5 @@ As of Tails 0.7, it is too easy to shutdown Tails. It shuts down, without waitin
>> I'm against changing this. It's a feature; when necessary, you can
>> just grab your media and run without having any secon thoughts. A
>> confirmation prompt would be dangerious. --anonym
>>> We reached agreement to close this bug as invalid. [[done]]
......@@ -83,8 +83,8 @@ Of course, that still allows requests for invalid names like "http://...---...i2
Many apologies if my English is unclear: please feel free to ask for clarification on any points.
> Thanks! All this was fixed in the devel branch (41ee709)
> => [[!taglink pending]]
> Thanks! All this was fixed in the devel branch (41ee709).
>> [[done]] in Tails 0.8
>> Thanks for the update, and for fixing up my markup - I learned
>> stuff! :D Is the devel branch publicly available on some SVN
......
......@@ -3,4 +3,4 @@ supported method yet), shell syntax errors are spitted out by one of
the scripts supposed to arm the udev sdmem watchdog, which is not
started indeed. Memory is hence not wiped on boot medium removal.
> Fixed in devel branch => [[pending]].
> [[done]] in Tails 0.8
In Tails 0.8-rc2, the msva does not use the configured keyserver but
pool.sks-keyservers.net.
`.xsession-errors` says:
Not a valid keyserver (from gpg config /home/amnesia/.gnupg/gpg.conf):
hkp://2eghzlv2wwcq7u7y.onion
[Reported upstream](https://labs.riseup.net/code/issues/3457).
In Tails 0.8-rc1, sdmem on eject works when booting from USB, but has
no visible effect when booting from CD.
The problems seem to have something to to with udev not sending events
(e.g. the "change" uevent we wait for) until the device is unmounted.
The following was tested on a secondary CD-ROM drive (so not the boot
device which may or may not invalidate this theory):
1. Insert a CD in the seconday CD-ROM drive (say it's /dev/sr1) and
mount it.
2. Run: udev-watchdog <udev path for /dev/sr1> cd
3. Eject the CD.
4. Observe that the watchdog sees nothing and that the device remains
mounted. Trying to access the mounted filesystem will produce I/O
errors.
4. Run: umount /dev/sr1
5. Observe that the watchdog finally sees the "change" action.
Furthermore, in lack of hardware, I tested this in VirtualBox, which
may behave different than real hardware. So YMMV.
When building 0.8-rc1 with the stable kernel (2.6.32-5-486) this issue
does not arise, which suggests that the issue is with the linux kernel
and was introduced somewhere after 2.6.32. Otoh, on my up-to-date
wheezy system (linux 3.0.0-1-amd64, udev 172-1, etc.) I do not have
this issue using udev-watchdog, wich could suggest a compatibility
issue with some other package (we also have i386 vs amd64, of course).
Updating to unstable's udev (172-1) in hope of it playing better with
linux 3.0.0-1 from unstable did not solve the issue either, however.
> Indeed, linux 2.6.38-rc1 [[reworked disk event handling|http://lwn.net/Articles/423619/]]
> and adds block.events_dfl_poll_msecs that can be used to set the
> interval for polling block devices for events. This does not seem
> to work properly though: settings it to 1000 makes it work in
> VirtualBox with its virtual CD-ROM drive, but no value seems to work
> on the one real machine I have available with a CD-ROM drive.
>> This was half-workaround'd for 0.8 => the eject button now triggers
>> shutdown/sdmem sequence, but the CD is not ejected, which is a
>> regression.
>>> Should be fixed in d5353b5 in devel.
......@@ -11,4 +11,4 @@ apt-get install rar unrar
seems to work now.
> Duplicate of [[todo/Add_rar_in_tails]], which is [[pending]].
> Duplicate of [[todo/Add_rar_in_tails]], which is [[done]].
......@@ -959,16 +959,19 @@ stored there), history is disabled (just in case) and many other
things. It is also setup not to automatically check for updates of its
installed extensions. Java support is disabled.
Iceweasel is shipped with some extensions to help users manage
their browsing experience. The
[CS Lite](https://addons.mozilla.org/fr/firefox/addon/5207/)
extension treats all cookies as session cookies by default, and
provides more fine-grained cookie control for users who need it. This
prevents the known leak of browsing informations cookies can lead to.
The [Adblock plus](https://addons.mozilla.org/fr/firefox/addon/1865/)
extension protects against many tracking possibilities by
removing most ads. The [FireGPG](http://getfiregpg.org/) plugin allows
users to use GnuPG inside websites such as webmails.
Iceweasel is shipped with some extensions to help users manage their
browsing experience. The Torbutton settings treat all cookies as
session cookies by default; the [CS
Lite](https://addons.mozilla.org/fr/firefox/addon/5207/)
(until Tails 0.8) (PENDING-FOR-0.9 [Cookie
Monster](https://addons.mozilla.org/en-US/firefox/addon/cookie-monster))
provides more
fine-grained cookie control for users who need it. This prevents the
known leak of browsing informations cookies can lead to. The [Adblock
plus](https://addons.mozilla.org/fr/firefox/addon/1865/) extension
protects against many tracking possibilities by removing most ads. The
[FireGPG](http://getfiregpg.org/) plugin allows users to use GnuPG
inside websites such as webmails.
Tails ships the [HTTPS
Everywhere](https://www.eff.org/https-everywhere) extension that
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment