Slashdot Mirror

TAILS Linux 1.1.2 is out (September 25th, 2014) by Anonymous Coward · 2014-09-25 22:57 · Score: -1 · on NSF Awards $10 Million To Protect America's Processors

$ Torproject Blog Announcement:
https://blog.torproject.org/bl...

$ TAILS News Announcement:
https://tails.boum.org/news/ve...

$ TAILS Download Site:
https://tails.boum.org/downloa...

#

"TAILS, The Amnesic Incognito Live System, version 1.1.2, is out.

This release fixes numerous security issues[1] and all users must upgrade[2] as soon as possible.

We prepared this release mainly to fix a serious flaw[3] in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates.

Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe itâ(TM)s coming from a trusted site.

( Changes )

-- Notable user-visible changes include:

- Security fixes
- Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
- Install Linux 3.16-1
- Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages

See the online Changelog[4] for technical details."

[1] https://tails.boum.org/securit...
[2] https://tails.boum.org/doc/fir...
[3] https://blog.mozilla.org/secur...
[4] https://git-tails.immerda.ch/t...

#

-((( Direct download )))-

( Latest release: Tails 1.1.2 ISO image )
http://dl.amnesia.boum.org/tai...

( Cryptographic Signature - Tails 1.1.2 signature )
https://tails.boum.org/torrent...

( SHA256 checksum for ISO )

f8a15f7c63662815a7087d36e1f614c9382675dd2424c2cd336aca6b72203ea2

#

-((( BitTorrent download )))-

( Latest release: Tails 1.1.2 torrent )
https://tails.boum.org/torrent...

"The cryptographic signature of the ISO image is also included in the Torrent. Additionally, you can verify the signature of the Torrent file itself before downloading it."

( Cryptographic Signature: )

TAILS Linux 1.1.2 is out (September 25th, 2014) by Anonymous Coward · 2014-09-25 22:57 · Score: -1 · on NSF Awards $10 Million To Protect America's Processors

$ Torproject Blog Announcement:
https://blog.torproject.org/bl...

$ TAILS News Announcement:
https://tails.boum.org/news/ve...

$ TAILS Download Site:
https://tails.boum.org/downloa...

#

"TAILS, The Amnesic Incognito Live System, version 1.1.2, is out.

This release fixes numerous security issues[1] and all users must upgrade[2] as soon as possible.

We prepared this release mainly to fix a serious flaw[3] in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates.

Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe itâ(TM)s coming from a trusted site.

( Changes )

-- Notable user-visible changes include:

- Security fixes
- Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
- Install Linux 3.16-1
- Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages

See the online Changelog[4] for technical details."

[1] https://tails.boum.org/securit...
[2] https://tails.boum.org/doc/fir...
[3] https://blog.mozilla.org/secur...
[4] https://git-tails.immerda.ch/t...

#

-((( Direct download )))-

( Latest release: Tails 1.1.2 ISO image )
http://dl.amnesia.boum.org/tai...

( Cryptographic Signature - Tails 1.1.2 signature )
https://tails.boum.org/torrent...

( SHA256 checksum for ISO )

f8a15f7c63662815a7087d36e1f614c9382675dd2424c2cd336aca6b72203ea2

#

-((( BitTorrent download )))-

( Latest release: Tails 1.1.2 torrent )
https://tails.boum.org/torrent...

"The cryptographic signature of the ISO image is also included in the Torrent. Additionally, you can verify the signature of the Torrent file itself before downloading it."

( Cryptographic Signature: )

TAILS Linux 1.1.2 is out (September 25th, 2014) by Anonymous Coward · 2014-09-25 22:57 · Score: -1 · on NSF Awards $10 Million To Protect America's Processors

$ Torproject Blog Announcement:
https://blog.torproject.org/bl...

$ TAILS News Announcement:
https://tails.boum.org/news/ve...

$ TAILS Download Site:
https://tails.boum.org/downloa...

#

"TAILS, The Amnesic Incognito Live System, version 1.1.2, is out.

This release fixes numerous security issues[1] and all users must upgrade[2] as soon as possible.

We prepared this release mainly to fix a serious flaw[3] in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates.

Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe itâ(TM)s coming from a trusted site.

( Changes )

-- Notable user-visible changes include:

- Security fixes
- Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
- Install Linux 3.16-1
- Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages

See the online Changelog[4] for technical details."

[1] https://tails.boum.org/securit...
[2] https://tails.boum.org/doc/fir...
[3] https://blog.mozilla.org/secur...
[4] https://git-tails.immerda.ch/t...

#

-((( Direct download )))-

( Latest release: Tails 1.1.2 ISO image )
http://dl.amnesia.boum.org/tai...

( Cryptographic Signature - Tails 1.1.2 signature )
https://tails.boum.org/torrent...

( SHA256 checksum for ISO )

f8a15f7c63662815a7087d36e1f614c9382675dd2424c2cd336aca6b72203ea2

#

-((( BitTorrent download )))-

( Latest release: Tails 1.1.2 torrent )
https://tails.boum.org/torrent...

"The cryptographic signature of the ISO image is also included in the Torrent. Additionally, you can verify the signature of the Torrent file itself before downloading it."

( Cryptographic Signature: )

TAILS Linux 1.1.2 is out (September 25th, 2014) by Anonymous Coward · 2014-09-25 22:57 · Score: -1 · on NSF Awards $10 Million To Protect America's Processors

$ Torproject Blog Announcement:
https://blog.torproject.org/bl...

$ TAILS News Announcement:
https://tails.boum.org/news/ve...

$ TAILS Download Site:
https://tails.boum.org/downloa...

#

"TAILS, The Amnesic Incognito Live System, version 1.1.2, is out.

This release fixes numerous security issues[1] and all users must upgrade[2] as soon as possible.

We prepared this release mainly to fix a serious flaw[3] in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates.

Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe itâ(TM)s coming from a trusted site.

( Changes )

-- Notable user-visible changes include:

- Security fixes
- Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
- Install Linux 3.16-1
- Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages

See the online Changelog[4] for technical details."

[1] https://tails.boum.org/securit...
[2] https://tails.boum.org/doc/fir...
[3] https://blog.mozilla.org/secur...
[4] https://git-tails.immerda.ch/t...

#

-((( Direct download )))-

( Latest release: Tails 1.1.2 ISO image )
http://dl.amnesia.boum.org/tai...

( Cryptographic Signature - Tails 1.1.2 signature )
https://tails.boum.org/torrent...

( SHA256 checksum for ISO )

f8a15f7c63662815a7087d36e1f614c9382675dd2424c2cd336aca6b72203ea2

#

-((( BitTorrent download )))-

( Latest release: Tails 1.1.2 torrent )
https://tails.boum.org/torrent...

"The cryptographic signature of the ISO image is also included in the Torrent. Additionally, you can verify the signature of the Torrent file itself before downloading it."

( Cryptographic Signature: )

TAILS Linux 1.1.2 is out (September 25th, 2014) by Anonymous Coward · 2014-09-25 22:57 · Score: -1 · on NSF Awards $10 Million To Protect America's Processors

$ Torproject Blog Announcement:
https://blog.torproject.org/bl...

$ TAILS News Announcement:
https://tails.boum.org/news/ve...

$ TAILS Download Site:
https://tails.boum.org/downloa...

#

"TAILS, The Amnesic Incognito Live System, version 1.1.2, is out.

This release fixes numerous security issues[1] and all users must upgrade[2] as soon as possible.

We prepared this release mainly to fix a serious flaw[3] in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates.

Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe itâ(TM)s coming from a trusted site.

( Changes )

-- Notable user-visible changes include:

- Security fixes
- Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
- Install Linux 3.16-1
- Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages

See the online Changelog[4] for technical details."

[1] https://tails.boum.org/securit...
[2] https://tails.boum.org/doc/fir...
[3] https://blog.mozilla.org/secur...
[4] https://git-tails.immerda.ch/t...

#

-((( Direct download )))-

( Latest release: Tails 1.1.2 ISO image )
http://dl.amnesia.boum.org/tai...

( Cryptographic Signature - Tails 1.1.2 signature )
https://tails.boum.org/torrent...

( SHA256 checksum for ISO )

f8a15f7c63662815a7087d36e1f614c9382675dd2424c2cd336aca6b72203ea2

#

-((( BitTorrent download )))-

( Latest release: Tails 1.1.2 torrent )
https://tails.boum.org/torrent...

"The cryptographic signature of the ISO image is also included in the Torrent. Additionally, you can verify the signature of the Torrent file itself before downloading it."

( Cryptographic Signature: )

TAILS Linux 1.1.2 is out (September 25th, 2014) by Anonymous Coward · 2014-09-25 22:57 · Score: -1 · on NSF Awards $10 Million To Protect America's Processors

$ Torproject Blog Announcement:
https://blog.torproject.org/bl...

$ TAILS News Announcement:
https://tails.boum.org/news/ve...

$ TAILS Download Site:
https://tails.boum.org/downloa...

#

"TAILS, The Amnesic Incognito Live System, version 1.1.2, is out.

This release fixes numerous security issues[1] and all users must upgrade[2] as soon as possible.

We prepared this release mainly to fix a serious flaw[3] in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates.

Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe itâ(TM)s coming from a trusted site.

( Changes )

-- Notable user-visible changes include:

- Security fixes
- Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
- Install Linux 3.16-1
- Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages

See the online Changelog[4] for technical details."

[1] https://tails.boum.org/securit...
[2] https://tails.boum.org/doc/fir...
[3] https://blog.mozilla.org/secur...
[4] https://git-tails.immerda.ch/t...

#

-((( Direct download )))-

( Latest release: Tails 1.1.2 ISO image )
http://dl.amnesia.boum.org/tai...

( Cryptographic Signature - Tails 1.1.2 signature )
https://tails.boum.org/torrent...

( SHA256 checksum for ISO )

f8a15f7c63662815a7087d36e1f614c9382675dd2424c2cd336aca6b72203ea2

#

-((( BitTorrent download )))-

( Latest release: Tails 1.1.2 torrent )
https://tails.boum.org/torrent...

"The cryptographic signature of the ISO image is also included in the Torrent. Additionally, you can verify the signature of the Torrent file itself before downloading it."

( Cryptographic Signature: )

TAILS Linux 1.1.2 is out (September 25th, 2014) by Anonymous Coward · 2014-09-25 22:57 · Score: -1 · on NSF Awards $10 Million To Protect America's Processors

$ Torproject Blog Announcement:
https://blog.torproject.org/bl...

$ TAILS News Announcement:
https://tails.boum.org/news/ve...

$ TAILS Download Site:
https://tails.boum.org/downloa...

#

"TAILS, The Amnesic Incognito Live System, version 1.1.2, is out.

This release fixes numerous security issues[1] and all users must upgrade[2] as soon as possible.

We prepared this release mainly to fix a serious flaw[3] in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates.

Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe itâ(TM)s coming from a trusted site.

( Changes )

-- Notable user-visible changes include:

- Security fixes
- Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
- Install Linux 3.16-1
- Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages

See the online Changelog[4] for technical details."

[1] https://tails.boum.org/securit...
[2] https://tails.boum.org/doc/fir...
[3] https://blog.mozilla.org/secur...
[4] https://git-tails.immerda.ch/t...

#

-((( Direct download )))-

( Latest release: Tails 1.1.2 ISO image )
http://dl.amnesia.boum.org/tai...

( Cryptographic Signature - Tails 1.1.2 signature )
https://tails.boum.org/torrent...

( SHA256 checksum for ISO )

f8a15f7c63662815a7087d36e1f614c9382675dd2424c2cd336aca6b72203ea2

#

-((( BitTorrent download )))-

( Latest release: Tails 1.1.2 torrent )
https://tails.boum.org/torrent...

"The cryptographic signature of the ISO image is also included in the Torrent. Additionally, you can verify the signature of the Torrent file itself before downloading it."

( Cryptographic Signature: )

Tails - The amnesic, incognito, live system by PhunkySchtuff · 2014-09-24 21:35 · Score: 2 · on Australian Senate Introduces Laws To Allow Total Internet Surveillance

Just putting this out there for fellow Aussies. Fire this up in a VM and you're good to go.
https://tails.boum.org/

Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to:
use the Internet anonymously and circumvent censorship;
all connections to the Internet are forced to go through the Tor network;
leave no trace on the computer you are using unless you ask it explicitly;
use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.

Yes, I know it's not perfect and possibly contains bugs, but against the proposed Aus Govt surveillance, it's a very quick and easy workaround.

TAILS opens an official public mailing list !!!! by Anonymous Coward · 2014-08-31 01:51 · Score: -1 · on Iceland Raises Volcano Aviation Alert Again

TAILS opens an official public mailing list with archives!

o Announcement:

o New mailing lists

tails-project@boum.org: public, archived mailing-list[1] to talk about the non-technical decisions regarding the project.

In addition the page mentions two other new mailing lists, but they are not aimed directly at TAILS users, but for promotion and web/soft/UI.

Click on the "mailing list" [1] link to browse the TAILS USERS Mailing List archives!

Remember to subscribe!!!

[1] https://mailman.boum.org/listinfo/tails-project

###

o What is TAILS?

TAILS opens an official public mailing list !!!! by Anonymous Coward · 2014-08-31 01:51 · Score: -1 · on Iceland Raises Volcano Aviation Alert Again

TAILS opens an official public mailing list with archives!

o Announcement:

o New mailing lists

tails-project@boum.org: public, archived mailing-list[1] to talk about the non-technical decisions regarding the project.

In addition the page mentions two other new mailing lists, but they are not aimed directly at TAILS users, but for promotion and web/soft/UI.

Click on the "mailing list" [1] link to browse the TAILS USERS Mailing List archives!

Remember to subscribe!!!

[1] https://mailman.boum.org/listinfo/tails-project

###

o What is TAILS?

TAILS opens an official public mailing list by Anonymous Coward · 2014-08-31 00:33 · Score: -1 · on Battle of the Heavy Lift Rockets

TAILS opens an official public mailing list with archives!

o Announcement:

o New mailing lists

tails-project@boum.org: public, archived mailing-list[1] to talk about the non-technical decisions regarding the project.

In addition the page mentions two other new mailing lists, but they are not aimed directly at TAILS users, but for promotion and web/soft/UI.

Click on the "mailing list" [1] link to browse the TAILS USERS Mailing List archives!

Remember to subscribe!!!

[1] https://mailman.boum.org/listi...

###

o What is TAILS?

TAILS opens an official public mailing list by Anonymous Coward · 2014-08-31 00:33 · Score: -1 · on Battle of the Heavy Lift Rockets

TAILS opens an official public mailing list with archives!

o Announcement:

o New mailing lists

tails-project@boum.org: public, archived mailing-list[1] to talk about the non-technical decisions regarding the project.

In addition the page mentions two other new mailing lists, but they are not aimed directly at TAILS users, but for promotion and web/soft/UI.

Click on the "mailing list" [1] link to browse the TAILS USERS Mailing List archives!

Remember to subscribe!!!

[1] https://mailman.boum.org/listi...

###

o What is TAILS?

TAILS opens an official public mailing list by Anonymous Coward · 2014-08-31 00:33 · Score: -1 · on Battle of the Heavy Lift Rockets

TAILS opens an official public mailing list with archives!

o Announcement:

o New mailing lists

tails-project@boum.org: public, archived mailing-list[1] to talk about the non-technical decisions regarding the project.

In addition the page mentions two other new mailing lists, but they are not aimed directly at TAILS users, but for promotion and web/soft/UI.

Click on the "mailing list" [1] link to browse the TAILS USERS Mailing List archives!

Remember to subscribe!!!

[1] https://mailman.boum.org/listi...

###

o What is TAILS?

http://www.forbes.com/sites/th...

Earlier Submission by Anonymous Coward · 2014-07-22 07:30 · Score: 0 · on Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

"We're happy to see that TAILS 1.1 is being released tomorrow. Our multiple RCE/de-anonymization zero-days are still effective."

via @ExodusIntel: https://twitter.com/ExodusInte...

#$%#

"Exploit Dealer: Snowden's Favourite OS TAILS Has Zero-Day Vulnerabilities Lurking Inside"

Thomas Brewster | Security | 7/21/2014 @ 2:14PM

#$%#

"The flaws work on the latest version of TAILS and allow for the ability to exploit a targeted user, both for de-anonymisation and remote code execution," said Loc Nguyen a researcher at Exodus. Remote code execution means a hacker can do almost anything they want to the victimâ(TM)s system, such as installing malware or siphoning off files.

"Considering that the purpose of TAILS is to provide a secure non-attributable platform for communications, users are verifiably at-risk due to these flaws. For the TAILS platform, privacy is contingent on maintaining anonymity and ensuring their actions and communications are not attributable. Thus, any violation of those foundational pillars should be considering highly critical," added Nguyen. This affects every user of TAILS, who should all "diversify security platforms so as not to put all your eggs in one basket", he added.

All users, including Snowden, should be wary of using TAILS with a false sense of security, though itâ(TM)s still more likely to protect anonymity than Windows. Exodus sells to private and public businesses hoping to use the findings for either offensive or defensive means. Those unconcerned about governments targeting their systems might not be concerned about the TAILS zero-days. Others will likely be anxious one of their trusted tools to avoid government hackers contains vulnerabilities that could be exploited to spy on any user of the OS."

#$%#

Don't look, Snowden: Security biz chases TAILS with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS

By Iain Thomson | 21 Jul 2014

http://www.theregister.co.uk/2...

#$%#

RE: TAILS: https://tails.boum.org/

Re:Kinda Like Mega by mspohr · 2014-07-21 03:52 · Score: 3, Informative · on Snowden Seeks To Develop Anti-Surveillance Technologies

An app won't give you much anonymity. You need to start from the ground up with an OS that leaves no trace on the hardware and has good encryption and anonymity tools built in.
Here's a good start: TAILS
https://tails.boum.org/

Re:Well, If the NSA Can't Crack It, Ya Right by CanHasDIY · 2014-04-15 07:53 · Score: 3, Insightful · on Snowden Used the Linux Distro Designed For Internet Anonymity

https://tails.boum.org/downloa...

Why buy a box for this? by hAckz0r · 2013-11-22 08:40 · Score: 2 · on Tor Now Comes In a Box

When you can just pop in a TAILS LiveCD why do you need to buy hardware?

https://www.torproject.org/

Re:How about the nodes by Burz · 2013-10-05 06:01 · Score: 1 · on How The NSA Targets Tor

Keep in mind that if they decide your node IS worthy of being attacked, you won't have the resources to defend against every known and currently-unknown exploit, so you should assume you've already been compromised and mitigate accordingly.

If they think your node is worthy of attack, even a moderate defense will simply cause them to take it down or busy it up, such that users of interest move to another node.

That could ultimately be the thing that finally sends the rest of Tor's users to I2P: With Tor's opt-in relays, a P2P ethic does not take hold. With I2P there is more spreading of the network load, and someone wanting to DOS a node would have to at least contribute a lot more bandwidth back to the rest of the network (which has the side-effect of freeing up bandwidth for the node being attacked). Not contributing bandwith back creates the risk that other nodes will stonewall you... its not unlike bittorrent in that respect (and is the main reason why bittorrent works fully on I2P).

Re:duh.. by Anonymous Coward · 2013-10-04 05:44 · Score: 0 · on How The NSA Targets Tor

A good first step would be to put Tails OS on a bootable USB drive and only use that to access tor services.

Re:Is anybody surprised? by Anonymous Coward · 2013-08-28 13:13 · Score: 0 · on Bitcoin Perfectly Anonymous — Until You Spend It

Use an old MSI wind or Asus EEPC netbook or something else you buy cheap off eBay with no harddrive, boot tails ( https://tails.boum.org/ ) from a thumbdrive.

That's your spending PC.

What would make it slightly more convenient would be a bitcoin addon to import the private keys from the webcam, so you don't have to type it in from your printed wallet.

Re:Very poor advice by CAIMLAS · 2013-08-06 02:45 · Score: 3, Informative · on TOR Wants You To Stop Using Windows, Disable JavaScript

It's trivial to use Tor in a secure fashion. In fact, if you need the security provided by Tor, chances are you're better off doing it this way instead:

1) Download Tails
2) Burn to CD
3) Boot disk
4) Use Tor

How hard was that?

(Personally, I use IE5 and Windows 2000 for Tor. Nobody's going to try to exploit that... and yes, I'm kidding.)

Re:Be smarter by BenEnglishAtHome · 2013-08-05 18:32 · Score: 1 · on Half of Tor Sites Compromised, Including TORMail

Good lord, it's not that difficult! Use The Amnesiac Incognito Live System (TAILS), a live CD from: https://tails.boum.org/. When Iceweasel (the browser in TAILS) fires up, turn off Javascript and cookies. Then surf over TOR without worries from this exploit.

If you need Javascript and cookies, you can still be secure with only a bit more work.

Whonix, a new profile, and a VPN are overkill. The folks (not here) saying you need to run it all inside a VM have simply gone round the bend.

Tor Browser Bundle (TBB) R/O system by Anonymous Coward · 2013-06-22 18:27 · Score: 5, Interesting · on Ask Slashdot: Most Secure Browser In an Age of Surveillance?

A LiveCD with TBB:

for LiveDVD/USB preconfigured not to leak try TAILS: