Tails 1.0 (2014-04-29)

Discussion in 'Linux' started by DNT, Apr 29, 2014.

  1. DNT

    DNT Prominent Member

    Joined:
    Jan 12, 2014
    Messages:
    1,039
    Trophy Points:
    185
    Ratings:
    +234 / 0 / -0
    Changelog
    Download
    https://tails.boum.org/download/index.en.html
     
  2. Networx

    Networx Notable Member

    Joined:
    Jun 15, 2009
    Messages:
    619
    Trophy Points:
    72
    Ratings:
    +31 / 0 / -0
    Nothing new, I guess.
     
  3. DNT

    DNT Prominent Member

    Joined:
    Jan 12, 2014
    Messages:
    1,039
    Trophy Points:
    185
    Ratings:
    +234 / 0 / -0
    Tails, The Amnesic Incognito Live System, version 1.1, is out.

    All users must upgrade as soon as possible: this release fixes numerous security issues.

    Changes
    Notable user-visible changes include:

    • Rebase on Debian Wheezy
      • Upgrade literally thousands of packages.
      • Migrate to GNOME3 fallback mode.
      • Install LibreOffice instead of OpenOffice.
    • Major new features
      • UEFI boot support, which should make Tails boot on modern hardware and Mac computers.
      • Replace the Windows XP camouflage with a Windows 8 camouflage.
      • Bring back VirtualBox guest modules, installed from Wheezy backports. Full functionality is only available when using the 32-bit kernel.
    • Security fixes
      • Fix write access to boot medium via udisks (ticket #6172).
      • Upgrade the web browser to 24.7.0esr-0+tails1~bpo70+1 (Firefox 24.7.0esr + Iceweasel patches + Torbrowser patches).
      • Upgrade to Linux 3.14.12-1 (fixes CVE-2014-4699).
      • Make persistent file permissions safer (ticket #7443).
    • Bugfixes
      • Fix quick search in Tails Greeter's Other languages window (Closes: ticket #5387)
    • Minor improvements
      • Don't install Gobby 0.4 anymore. Gobby 0.5 has been available in Debian since Squeeze, now is a good time to drop the obsolete 0.4 implementation.
      • Require a bit less free memory before checking for upgrades with Tails Upgrader. The general goal is to avoid displaying "Not enough memory available to check for upgrades" too often due to over-cautious memory requirements checked in the wrapper.
      • Whisperback now sanitizes attached logs better with respect to DMI data, IPv6 addresses, and serial numbers (ticket #6797, ticket #6798, ticket #6804).
      • Install the BookletImposer PDF imposition toolkit.
    See the online Changelog for technical details.

    Known issues
    • Users of persistence must log in at least once with persistence enabled read-write after upgrading to 1.1 to see their settings updated.

    • Upgrading from ISO, from Tails 1.1~rc1, Tails 1.0.1 or earlier, is a bit more complicated than usual. Either follow the instructions to upgrade from ISO. Or, burn a DVD, start Tails from it, and use "Clone and Upgrade".

    • The automatic upgrade from Tails 1.1~rc1 is a bit more complicated than usual. Either follow the instructions to apply the automatic upgrade. Or, do a full upgrade.

    • A persistent volume created with Tails 1.1~beta1 cannot be used with Tails 1.1 or later. Worse, trying this may freeze Tails Greeter.

    • Tails 1.1 does not start in some virtualization environments, such as QEMU 0.11.1 and VirtualBox 4.2. This can be corrected by upgrading to QEMU 1.0 or VirtualBox 4.3, or newer (ticket #7232).

    • The web browser's JavaScript performance may be severely degraded (ticket #7127). Please let us know if you are experiencing this to a level where it is problematic.

    • Longstanding known issues.
    Source
     
  4. DNT

    DNT Prominent Member

    Joined:
    Jan 12, 2014
    Messages:
    1,039
    Trophy Points:
    185
    Ratings:
    +234 / 0 / -0
    A security hole affects I2P 0.9.13, that is part of Tails 1.1 and earlier.

    If you are using I2P in Tails 1.1 and earlier, an attacker can de-anonymize you.

    To be able to conduct this attack the attacker must be able to affect the content of a website that you are visiting using the Tor Browser in Tails and the attacker must find out how to exploit this security hole.

    Tails does not start I2P by default.

    You can protect yourself from this security hole until it is corrected.
    Do not start I2P in Tails 1.1 and earlier. You can protect yourself further by removing the i2p package every time you start Tails:
    1. Set an administration password.
    2. Run this command in a Root Terminal:
      Code:
      apt-get purge i2p

    However, if you really need to use I2P in Tails 1.1: before you start I2P, disable JavaScript globally with NoScript in the Tor Browser.
     
  5. DNT

    DNT Prominent Member

    Joined:
    Jan 12, 2014
    Messages:
    1,039
    Trophy Points:
    185
    Ratings:
    +234 / 0 / -0
    Tails 1.1.1 released
     

Share This Page...