Escolar Documentos
Profissional Documentos
Cultura Documentos
doc
Page 1 of 1
Introduction
English
DE
FR
PT
Introduction
The goal of this documentation is to present The
Amnesic Incognito Live System (Tails) in an easy
to understand and reasonably thorough manner
in hope to give the new user a crash course in
what might be a completely new set of
applications and concepts regarding anonymity
Download
Tails 0.22
About
Getting started
It will not fully document the applications
included in Tails, but rather give an overview of
them and go on details only on the Tails-specific
Documentation
configuration.
Contribute
https://tails.boum.org/doc/introduction/index.en.html
1/17/2014
doc
about
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
Getting started
Documentation
International ).
Without taking any precautions, your Internet
service provider, the State, the police and global
surveillance systems like ECHELON
About
(which is
of
both the sender and receiver, much like an ordinary mail sent through the postal system
contains addresses of both sender and receiver for two-ways communication. IP
addresses can easily be traced back to the physical location of the computers and their
owners, and from that ultimately back to you.
If you do not mind this fact, then more power to you, but if you do mind, then Tails
might be just what you need.
Moreover, just like with a postcard, any information traveling on the Internet can be read
by many computers that relay them.
https://tails.boum.org/doc/about/anonymity/index.en.html
1/17/2014
doc
about
Page 1 of 1
System requirements
English
DE
FR
PT
System requirements
Tails should work on any reasonably recent PC
computer, say manufactured after 2005. Here is
a detailed list of requirements:
Either an internal or external DVD reader
or the possibility to boot from a USB stick
Download
Tails 0.22
About
or SD card.
Tails requires an x86+ compatible processor:
+
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/about/requirements/index.en.html
1/17/2014
Tails - Warning
doc
Page 1 of 7
about
Warning
English
DE
FR
PT
Warning
Even though we're doing our best to offer you
good tools to protect your privacy while using a
computer, there is no magic or perfect
solution to such a complex problem.
Understanding well the limits of such tools is a
crucial step in, first, deciding whether Tails is the
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
4. Confirmation attacks
5. Tails doesn't encrypt your documents by default
6. Tails doesn't clear the metadata of your documents for you and doesn't
encrypt the Subject: and other headers of your encrypted e-mail
messages
7. Tor doesn't protect you from a global adversary
8. Tails doesn't magically separate your different contextual identities
9. Tails doesn't make your crappy passwords stronger
10. Tails is a work in progress
https://tails.boum.org/doc/about/warning/index.en.html
1/17/2014
Tails - Warning
Page 2 of 7
Instead of taking a direct route from source to destination, communications using the
Tor network take a random pathway through several Tor relays that cover your tracks.
So no observer at any single point can tell where the data came from or where it's going.
The last relay on this circuit, called the exit node, is the one that establishes the actual
connection to the destination server. As Tor does not, and by design cannot, encrypt the
traffic between an exit node and the destination server, any exit node is in a position
to capture any traffic passing through it. See Tor FAQ: Can exit nodes eavesdrop
on communications? .
For example, in 2007, a security researcher intercepted thousands of private e-mail
messages sent by foreign embassies and human rights groups around the world by
spying on the connections coming out of an exit node he was running. See Wired: Rogue
Nodes Turn Tor Anonymizer Into Eavesdropper's Paradise. .
To protect yourself from such attacks you should use end-to-end encryption.
Tails includes many tools to help you using strong encryption while browsing,
sending email or chatting, as presented on our about page.
https://tails.boum.org/doc/about/warning/index.en.html
1/17/2014
Tails - Warning
Page 3 of 7
The destination server that you are contacting through Tor can know whether
your communication comes out from a Tor exit node by consulting the publicly available
list of exit nodes that might contact it. For example using the Tor Bulk Exit List tool of
the Tor Project.
So using Tails doesn't make you look like any random Internet user. The
anonymity provided by Tor and Tails works by trying to make all of their users look the
same so it's not possible to identify who is who amongst them.
See also Can I hide the fact that I am using Tails?
Man-in-the-middle attacks
A man-in-the-middle attack (MitM) is a form of active eavesdropping in which the
attacker makes independent connections with the victims and relays messages between
them, making them believe that they are talking directly to each other over a private
connection, when in fact the entire conversation is controlled by the attacker.
While using Tor, man-in-the-middle attacks can still happen between the exit node and
the destination server. The exit node itself can also act as a man-in-the-middle. For an
example of such an attack see MW-Blog: TOR exit-node doing MITM attacks .
Again, to protect yourself from such attacks you should use end-to-end
encryption and while doing so taking extra care at verifying the server authenticity.
Usually, this is automatically done throught SSL certificates checked by your browser
against a given set of recognized certificate authorities ). If you get a security
exception message such as this one you might be victim of a man-in-the-middle attack
https://tails.boum.org/doc/about/warning/index.en.html
1/17/2014
Tails - Warning
Page 4 of 7
and should not bypass it unless you have another trusted way of checking the
certificate's fingerprint with the people running the service.
But on top of that the certificate authorities model of trust on Internet is susceptible to
various methods of compromise.
For example, on March 15, 2011, Comodo, one of the major SSL certificates company,
reported that a user account with an affiliate registration authority had been
compromised. It was then used to create a new user account that issued nine certificate
signing requests for seven domains: mail.google.com, login.live.com, www.google.com,
login.yahoo.com (three certificates), login.skype.com, addons.mozilla.org, and global
trustee. See Comodo: The Recent RA Compromise .
Later in 2011, DigiNotar, a Dutch SSL certificate company, incorrectly issued certificates
to a malicious party or parties. Later on, it came to light that they were apparently
compromised months before or perhaps even in May of 2009 if not earlier. Rogues
certificates were issued for domains such as google.com, mozilla.org, torproject.org,
login.yahoo.com and many more. See, The Tor Project: The DigiNotar Debacle, and what
you should do about it .
This still leaves open the possibility of a man-in-the-middle attack even when
your browser is trusting an HTTPS connection.
On one hand, by providing anonymity, Tor makes it more difficult to perform a man-inthe-middle attack targeted at one specific person with the blessing of a rogue SSL
certificate. But on the other end, Tor makes it easier for people or organizations running
exit nodes to perform large scale MitM attempts, or attacks targeted at a specific
server, and especially those among its users who happen to use Tor.
https://tails.boum.org/doc/about/warning/index.en.html
1/17/2014
Tails - Warning
Page 5 of 7
Confirmation attacks
The Tor design doesn't try to protect against an attacker who can see or measure both
traffic going into the Tor network and also traffic coming out of the Tor network. That's
because if you can see both flows, some simple statistics let you decide whether they
match up.
That could also be the case if your ISP (or your local network administrator) and the ISP
of the destination server (or the destination server itself) cooperate to attack you.
Tor tries to protect against traffic analysis, where an attacker tries to learn whom to
investigate, but Tor can't protect against traffic confirmation (also known as end-to-end
correlation), where an attacker tries to confirm an hypothesis by monitoring the right
locations in the network and then doing the math.
Quoted from Tor Project: "One cell is enough to break Tor's anonymity" .
https://tails.boum.org/doc/about/warning/index.en.html
1/17/2014
Tails - Warning
Page 6 of 7
on the file format and the software used. Please note also, that the Subject: as well as
the rest of the header lines of your OpenPGP encrypted e-mail messages are not
encrypted. This is not a bug of Tails or the OpenPGP protocol; it's for backwards
compatibility with the original SMTP protocol. Unfortunately no RFC standard exists yet
for Subject encryption.
Images file formats, like TIFF of JPEG, probably take the prize in this field. Those files,
created by digital cameras or mobile phones, contain a metadata format called EXIF
which can include the date, time and sometimes the GPS coordinates of the picture, the
brand and serial number of the device which took it as well as a thumbnail of the original
image. Image processing software tend to keep those data intact. Internet is full of
cropped or blurred images for which the EXIF thumbnail still contains the full original
picture.
Tails doesn't clear the metadata of your files for you. Yet. Still it's in Tails' design
goal to help you do that. For example, Tails already comes with the Metadata
anonymisation toolkit .
https://tails.boum.org/doc/about/warning/index.en.html
1/17/2014
Tails - Warning
Page 7 of 7
First, because Tor tends to reuse the same circuits, for example amongst a same
browsing session. Since the exit node of a circuit knows both the destination server (and
possibly the content of the communication if not encrypted) and the address of the
previous relay it received the communication from, it makes it easier to correlate the
several browsing requests as part of a same circuit and possibly made by a same user. If
you are facing a global adversary as described above, it might then also be in position to
do this correlation.
Second, in case of a security hole or a misuse in using Tails or one of its application,
information about your session could be leaked. That could reveal that the same person
was behind the various actions made during the session.
The solution to both threats is to shutdown and restart Tails every time you're
using a new identity, if you really want to isolate them better.
Vidalia's "New Identity" button forces Tor to use new circuits but only for new
connections: existing connections might stay open. Plus, apart from the Tor circuits,
other kind of information can reveal your past activities, for example the cookies stored
by your browser. So this feature of Vidalia is not a solution to really separate contextual
identities. Shutdown and restart Tails instead.
https://tails.boum.org/doc/about/warning/index.en.html
1/17/2014
doc
about
Page 1 of 3
English
DE
FR
PT
1. Included software
1. Networking
Tails 0.22
2. Desktop Edition
3. Encryption & Privacy
2. Additional features
About
3. Multilingual support
Getting started
Included software
Documentation
Contribute
Networking
Tor
with:
stream isolation
regular and obfsproxy bridges support
the Vidalia graphical frontend
NetworkManager for easy network configuration
Firefox
preconfigured with:
TorBrowser patches
Torbutton
extension
Aircrack-ng
https://tails.boum.org/doc/about/features/index.en.html
1/17/2014
I2P
Page 2 of 3
an anonymizing network
Desktop Edition
OpenOffice.org
Gimp and Inkscape to edit images
Scribus for page layout
Audacity
PiTIVi
Poedit
and Palimpsest
USB sticks
GnuPG , the GNU implementation of OpenPGP for email and data encyption and
signing
TrueCrypt a disk encryption software
PWGen , a strong password generator
Shamir's Secret Sharing
Florence
using gfshare
and ssss
Additional features
can be run as a virtualized guest inside VirtualBox
customization (e.g. to add a given missing piece of software) is relatively easy: one
may build a custom Amnesic Incognito Live System in about one hour on a modern
desktop computer
PAE-enabled kernel with NX-bit and SMP support on hardware that supports it
Some basic accessibility features
To prevent cold-boot attacks and various memory forensics, Tails erases memory on
shutdown and when the boot media is physically removed.
Multilingual support
https://tails.boum.org/doc/about/features/index.en.html
1/17/2014
Page 3 of 3
https://tails.boum.org/doc/about/features/index.en.html
1/17/2014
doc
about
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Contribute
This section explains some issues regarding the fingerprint of Tails and how this could
be used to identify you as a Tails user.
https://tails.boum.org/doc/about/fingerprint/index.en.html
1/17/2014
Page 2 of 2
Apart from that, some of the extensions included in Tails browser are different
than the ones included in the TBB. More sophisticated attacks can use those differences
to distinguish Tails user from TBB users.
For example, Tails includes Adblock Plus which removes advertisements. If an attacker
can determine that you are not downloading the advertisements that are included in a
webpage, that could help identify you as a Tails user.
For the moment, you should consider that no special care is taken regarding the
fingerprint of the Unsafe Browser.
https://tails.boum.org/doc/about/fingerprint/index.en.html
1/17/2014
doc
about
Page 1 of 3
Trusting Tails
English
DE
FR
PT
Trusting Tails
Trust is a very problematic issue, and that's the
essence of why security is difficult in every field,
including computers and Internet
communication. Do you trust Tails and its
developers? Do you think we have planted
backdoors in Tails so we can take control of your
Download
Tails 0.22
About
Getting started
Documentation
Contribute
https://tails.boum.org/doc/about/trust/index.en.html
1/17/2014
Page 2 of 3
possible to build the software, and then compare the result against any version that is
already built and being distributed, like the Tails ISO images you can download from us.
That way it can be determined whether the distributed version actually was built with
the source code, or if any malicious changes have been made.
Of course, most people do not have the knowledge, skills or time required to do this, but
due to public scrutiny anyone can have a certain degree of implicit trust in Free
software, at least if it is popular enough that other developers look into the source code
and do what was described in the previous paragraph. After all, there is a strong
tradition within the Free software community to publicly report serious issues that are
found within software.
Trusting Tor
Tails anonymity is based on Tor, which is developed by The Tor Project . The
development of Tor is under a lot of public scrutiny both academically (research on
attacks and defenses on onion routing) and engineering-wise (Tor's code has gone
through several external audits, and many independent developers have read through
the sources for other reasons). Again, security issues have been reported, but nothing
malicious like a backdoor -- we would argue that it's only uninformed conspiracy
theorists that speculate about deliberate backdoors in Tor these days. Furthermore,
Tor's distributed trust model makes it hard for a single entity to capture an individual's
traffic and effectively identify them.
Trusting Tails
One could say that Tails is the union of Debian and Tor. What we do, essentially, is
gluing it all together. Hence, if you trust Debian and The Tor Project, what remains to
establish trust for Tails is to trust our "glue". As has been mentioned, Tails is Free
software, so its source code is completely open for inspection, and it's mainly comprised
by a specification of which Debian software packages to install, and how they should be
https://tails.boum.org/doc/about/trust/index.en.html
1/17/2014
Page 3 of 3
configured. While Tails surely doesn't get the same amount of attention as Debian or
Tor, we do have some eyes on us from especially the Tor community, and also some of
the general security community (see our audits page). Given that Tails' source code is
comparably small and devoid of complexities, we're in a pretty good spot compared to
many other projects of similar nature. Our specification and design document is a good
starting point to understand how Tails works, by the way.
With all this in light (which you ideally also should try to verify), you should be able to
make an informed decision on whether or not you should trust our software.
https://tails.boum.org/doc/about/trust/index.en.html
1/17/2014
Page 1 of 6
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/download/index.en.html
1/17/2014
Page 2 of 6
Direct download
BitTorrent download
LATEST RELEASE
LATEST RELEASE
image.
SEED BACK!
mirror.
https://tails.boum.org/download/index.en.html
1/17/2014
Page 3 of 6
All Tails ISO image are cryptographically signed by our OpenPGP key. OpenPGP
is a standard for data encryption that provides cryptographic privacy and authentication
through the use of keys owned by its users. Checking this signature is the recommended
way of checking the ISO image integrity.
If you already know how to use an OpenPGP key you can download it straight away:
Installing Tails
You can either burn Tails onto a DVD or install it onto a USB stick or SD card.
BURNING A DVD
DVDs are read-only so your Tails can't be altered by a virus or an attacker.
https://tails.boum.org/download/index.en.html
1/17/2014
Page 4 of 6
DVDs are cheap but you will need to burn a new DVD each time you update your
version of Tails.
You could also use a DVD-RW but those are not read-only.
For detailed instructions on how to burn an ISO image under Linux, Windows or Mac
OSX you can consult the corresponding Ubuntu documentation : just replace the
Ubuntu ISO image by the Tails ISO image you downloaded and ignore the part on
verifying the data integrity since you've already done that.
INSTALLING ONTO A USB STICK OR SD CARD
The content of the device will be lost in the operation.
An attacker with physical access to your device or through a virus could alter your
Tails.
USB sticks and SD cards can be upgraded to future versions of Tails.
You can use persistence and store your documents and configuration in an encrypted
persistent volume on the same device.
USB sticks and SD cards are smaller to fit in your pocket.
Some older computers might not be able to start from a USB stick or SD card.
Some USB sticks, SD cards, or SD card adapters have a read-only switch that can
prevent your Tails from being altered, but be aware that this protection is most
probably not ensured by the device itself: do not rely on untrusted computers to
respect this feature.
See the corresponding documentation.
Stay tuned
It's very important to keep your version of Tails up-to-date, otherwise your
system will be vulnerable to numerous security holes. The development team is
doing its best to release new versions fixing known security holes on a regular basis.
New versions are announced on our news mailing-list . Drop your email address into
this box, then hit the button to subscribe:
Subscribe
There also are RSS and Atom feeds that announce new available BitTorrent files.
Refer to our security announcements feed for more detailed information about the
security holes affecting Tails. Furthermore you will be automatically notified of the
security holes affecting the version you are using at the startup of a new Tails session.
https://tails.boum.org/download/index.en.html
1/17/2014
Page 5 of 6
Since Tails is based on Debian, it takes advantage of all the work done by the Debian
security team. As quoted from (http://security.debian.org/) :
Debian takes security very seriously. We handle all security problems
brought to our attention and ensure that they are corrected within a
reasonable timeframe. Many advisories are coordinated with other free
software vendors and are published the same day a vulnerability is made
public and we also have a Security Audit team that reviews the archive
looking for new or unfixed security bugs.
Experience has shown that "security through obscurity" does not work. Public
disclosure allows for more rapid and better solutions to security problems. In
that vein, this page addresses Debian's status with respect to various known
security holes, which could potentially affect Debian.
Start Tails!
Now that you have a Tails device you can shutdown your computer and start using Tails
without altering your existing operating system.
If you are using a DVD: Put the Tails DVD into the CD/DVD-drive and restart the
computer. You should see a welcome screen prompting you to choose your language.
If you don't get this menu, you can consult the Ubuntu documentation about booting
from the CD
If you are using a USB stick or SD card: Shutdown the computer, plug your device
and start the computer. You should see a welcome screen prompting you to choose your
language.
If your computer does not automatically do so, you might need to edit the BIOS settings.
Restart your computer, and watch for a message telling you which key to press to enter
the BIOS setup. It will usually be one of F1, F2, DEL, ESC or F10. Press this key while your
computer is booting to edit your BIOS settings. You need to edit the Boot Order.
Depending on your computer you should see an entry for 'removable drive' or 'USB
media'. Move this to the top of the list to force the computer to attempt to start from
your device before starting from the internal hard disk. Save your changes and continue.
For more detailed instruction on how to boot from USB you can read About.com: How To
Boot your Computer from a Bootable USB Device
If you have problems accessing the BIOS, try to read pendrivelinux.com: How to Access
BIOS
https://tails.boum.org/download/index.en.html
1/17/2014
doc
Page 1 of 1
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Start Tails
Startup Options
Administration Password
Tor Bridge Mode
Documentation
Help & Support
Windows Camouflage
Introduction to GNOME and the Tails Desktop
Contribute
Accessibility
Persistence
Warnings About Persistence
Create & Configure the Persistent Volume
Enable & Use the Persistent Volume
Delete the Persistent Volume
Manually copy your persistent data to a new device
Upgrade to more secure persistent volume settings
Report an error
Tails does not start
Shutting down Tails
https://tails.boum.org/doc/first_steps/index.en.html
1/17/2014
doc
first steps
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Burn a Tails DVD (recommended).
Use another Tails USB stick or SD card,
for example from a friend.
Documentation
Contribute
Instructions
All the data on the installed device will be lost.
This operation does not securely delete the lost data on the
installed device.
This operation does not copy the persistent volume of the
device which is being cloned.
1. Start Tails from another media than the device, USB stick or SD card, onto which you
want to install Tails.
2. Choose Applications Tails Tails Installer to start Tails Installer.
https://tails.boum.org/doc/first_steps/installation/index.en.html
1/17/2014
Page 2 of 2
3. To install onto a new device, click on the Clone & Install button.
4. Plug the device onto which you want to install Tails.
A new device, which corresponds to the USB stick or SD card, appears in the Target
Device drop-down list.
5. Choose this new device from the Target Device drop-down list.
6. To start the installation, click on the Install Tails button.
7. Read the warning message in the pop-up window. Click on the Yes button to confirm.
After the installation completes, you can start Tails from this new device.
https://tails.boum.org/doc/first_steps/installation/index.en.html
1/17/2014
doc
first steps
installation
Page 1 of 1
English
DE
FR
PT
Download
Tails 0.22
second device.
About
This technique does not allow you to set up
a persistent volume.
Getting started
Documentation
https://tails.boum.org/doc/first_steps/installation/manual/index.en.html
1/17/2014
doc
first steps
installation
Page 1 of 5
manual
English
DE
FR
PT
Download
http://www.pendrivelinux.com/ .
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/first_steps/installation/manual/windows/index.en.html
1/17/2014
Page 2 of 5
https://tails.boum.org/doc/first_steps/installation/manual/windows/index.en.html
1/17/2014
Page 3 of 5
https://tails.boum.org/doc/first_steps/installation/manual/windows/index.en.html
1/17/2014
Page 4 of 5
CLICK 'CREATE'
After the installation completes, you can start Tails from this new USB
stick.
https://tails.boum.org/doc/first_steps/installation/manual/windows/index.en.html
1/17/2014
doc
first steps
installation
Page 1 of 5
manual
English
DE
FR
PT
Download
Tails 0.22
1. Setup rEFInd
2. Find out the device name of the USB stick
3. Unmount the USB drive
4. Run isohybrid.pl on the ISO image
About
5. Do the copy
Getting started
6. Notes
Documentation
Help & Support
Setup rEFInd
You need to have rEFInd
Contribute
installed and working on the Mac.
https://tails.boum.org/doc/first_steps/installation/manual/mac/index.en.html
1/17/2014
Page 2 of 5
diskutil list
This returns a list of all the current storage devices. For example:
$ diskutil list
/dev/disk0
#:
0:
1:
2:
3:
4:
TYPE NAME
GUID_partition_scheme
SIZE
*500.1 GB
EFI
Apple_HFS MacDrive
EFI
Microsoft Basic Data BOOTCAMP
209.7
250.0
134.1
115.5
MB
GB
GB
GB
1. Plug back the USB stick and run the same command as before:
diskutil list
A new device should appear in the list of storage devices. Check that the size of the
device corresponds to the size of your USB stick.
$ diskutil list
/dev/disk0
#:
TYPE
0:
GUID_partition_scheme
1:
EFI
2:
Apple_HFS
3:
EFI
4:
Microsoft Basic Data
/dev/disk1
#:
TYPE
0:
FDisk_partition_scheme
1:
Apple_HFS
NAME
MacDrive
BOOTCAMP
NAME
Untitled 1
SIZE
*500.1
209.7
250.0
134.1
115.5
GB
MB
GB
GB
GB
SIZE
*4.0 GB
4.0 GB
In this example, the USB stick is 4.0 GB and the device name is /dev/disk1. Yours are
probably different.
https://tails.boum.org/doc/first_steps/installation/manual/mac/index.en.html
1/17/2014
Page 3 of 5
If you are not sure about the device name you should stop proceeding or
you risk overwriting any hard drive on the system.
cd Desktop
6. To run isohybrid.pl on the ISO image, execute the following command, replacing
[tails.iso] with the path to the ISO image that you want to install.
perl isohybrid.pl [tails.iso]
Here is an example of the commands to execute, yours are probably different:
If you are not sure about the path to the ISO image or if you get a No such
file or directory error, you can first type `perl isohybrid.pl`, followed by a
https://tails.boum.org/doc/first_steps/installation/manual/mac/index.en.html
1/17/2014
Page 4 of 5
space, and then drag and drop the icon of the ISO image from a file
browser onto Terminal. This should insert the correct path to the ISO image
in Terminal. Then complete the command and execute it.
Do the copy
Execute the following command, replacing [tails.iso] by the path to the ISO image
that you want to copy and [device] by the device name found in step 1.
dd if=[tails.iso] of=[device]
You should get something like this:
dd if=tails-0.17.1.iso of=/dev/disk9
If you don't see any error message, Tails is being copied onto the USB stick. The whole
process might take some time, generally a few minutes.
If you get a "Permission denied" error, try executing the command with
sudo:
sudo if=[tails.iso] of=[device]
Be careful, if the device name is wrong you might overwriting any hard
drive on the system.
Once the command prompt reappears, you can restart your Mac. Wait for
the rEFInd menu and select the USB stick to start Tails.
Notes
This method was successfully tested on the following hardware:
MacBook Pro Model A1150 with OS X 10.6.8, 2006
MacBook Pro Retina 15" Mid-2012 (aka MacBookPro10,1)
The method worked on some hardware but a bug in the video support prevented Tails to
start successfully:
https://tails.boum.org/doc/first_steps/installation/manual/mac/index.en.html
1/17/2014
Page 5 of 5
https://tails.boum.org/doc/first_steps/installation/manual/mac/index.en.html
1/17/2014
doc
first steps
Page 1 of 1
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/first_steps/reset/index.en.html
1/17/2014
doc
first steps
reset
Page 1 of 2
English
DE
FR
PT
Using Diskpart
Download
Tails 0.22
About
Getting started
Documentation
Contribute
1. Make sure that the USB stick or SD card that
you want to reset is unplugged.
2. Click on the Start button, and choose All Programs Accessories Command
Prompt, to open the Command Prompt ,
More help on how to start the Command Prompt
3. Execute the diskpart command, to start Diskpart.
4. Execute the list disk command to obtain information about each disk in the
computer.
For example:
https://tails.boum.org/doc/first_steps/reset/windows/index.en.html
1/17/2014
Page 2 of 2
Disk ###
Status
Size
Free
Dyn
Gpt
-------Disk 0
---------Online
------80 GB
------0 B
---
---
5. Plug the USB stick or SD card that you want to reset. Run the list disk command
again.
A new disk, which corresponds to that device, appears in the list.
For example:
Status
Size
Free
Dyn
Gpt
-------Disk 0
Disk 1
---------Online
Online
------80 GB
4 GB
------0 B
0 B
---
---
Make sure that its size corresponds to the size of the device that you want to reset.
Note down the disk number assigned by Diskpart to the device.
6. To select the device, execute the following command: select disk=number .
Replace number by the disk number of the device that you want to reset.
7. Execute the clean command to delete the partition table from the device.
8. Execute the convert mbr command to create a new partition table on the device.
9. Execute the create partition primary command to create a new primary
partition on the device.
Troubleshooting
See the Diskpart documentation from Microsoft Support .
https://tails.boum.org/doc/first_steps/reset/windows/index.en.html
1/17/2014
Formatting a USB Drive Back to MBR after GUID | Robert Douglas Bingham
Page 1 of 2
Method
1. Plug the pendrive in, and dont click format or anything
2. Run Command Prompt
3. Type the following commands (where x = your disk number. This will make sense soon):
diskpart
list disk
select disk x
clean
create partition primary
select partition 1
active
format fs=fat32 quick
assign
http://robertbingham.wordpress.com/2011/05/18/formatting-a-usb-drive-back-to-mbr-after-guid/
1/13/2014
Formatting a USB Drive Back to MBR after GUID | Robert Douglas Bingham
Page 2 of 2
This filesystem is pretty solid. From there you can do whatever you want with it, as it should be legible
by any machine.
About these ads (http://en.wordpress.com/abouttheseads/)
This entry was posted on Wednesday, May 18th, 2011 at 9:54 am and posted in Tech. You can follow any
responses to this entry through the RSS 2.0 feed.
Subscribe RSS
Blog at WordPress.com. The Elegant Grunge Theme.
Follow
http://robertbingham.wordpress.com/2011/05/18/formatting-a-usb-drive-back-to-mbr-after-guid/
1/13/2014
doc
first steps
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
version of Tails
As for the installation, you need to start Tails
Contribute
https://tails.boum.org/doc/first_steps/upgrade/index.en.html
1/17/2014
Page 2 of 2
7. Read the warning message in the pop-up window. Click on the Yes button to confirm.
https://tails.boum.org/doc/first_steps/upgrade/index.en.html
1/17/2014
doc
first steps
Page 1 of 3
Startup Options
English
DE
FR
PT
Startup Options
When starting Tails, you can specify startup
options to alter some of its basic functioning.
The two ways of specifying startup options are
the following:
Download
Tails 0.22
About
Getting started
Documentation
The failsafe mode disables some features of the kernel and might work
better on some computers. You can try this option if you think you are
experiencing errors related to hardware compatibility while starting Tails.
1. To add a boot option, press Tab when the boot menu appears. A list of boot options
appears at the bottom of the screen.
https://tails.boum.org/doc/first_steps/startup_options/index.en.html
1/17/2014
Page 2 of 3
1. Press Space, and type the boot option that you want to add.
2. If you want to add more than one boot option, type them one after the other, and
separate them by a Space.
3. Then press Enter to start Tails.
Here is a list of options that you can add to the boot menu:
bridge , to activate the Tor Bridge Mode
truecrypt , to enable TrueCrypt
https://tails.boum.org/doc/first_steps/startup_options/index.en.html
1/17/2014
Page 3 of 3
To start Tails without options, click on the Login button, or just press Enter.
To set more options, click on the Yes button. Then click on the Forward button.
Here is a list of options that you can set using Tails Greeter:
Set an administration password
Activate Windows Camouflage
https://tails.boum.org/doc/first_steps/startup_options/index.en.html
1/17/2014
doc
first steps
startup options
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
computer
To execute commands with sudo
By default, the administration password is
disabled for better security. This can prevent
an attacker with physical or remote access to
your Tails system to gain administration
privileges and perform administration tasks
against your will.
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/first_steps/startup_options/administration_password/index.en.html 1/17/2014
doc
first steps
Page 1 of 3
startup options
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
This may be an issue if you are in a country where the following applies:
1. Using Tor is blocked by censorship: since all connections to the Internet are
forced to go through Tor, this would render Tails useless for everything except for
working offline on documents, etc.
2. Using Tor is dangerous or considered suspicious: in this case starting Tails in its
default configuration might get you into serious trouble.
Tor bridges, also called Tor bridge relays, are alternative entry points to the Tor network
that are not all listed publicly. Using a bridge makes it harder, but not impossible, for
your Internet Service Provider to know that you are using Tor.
If you are in one of the situations described above you might want to use Tor bridges in
Tails. Please also read The Tor Project's dedicated page about bridges
to get a general
https://tails.boum.org/doc/first_steps/startup_options/bridge_mode/index.en.html
1/17/2014
Page 2 of 3
In order to use bridges, you must know in advance the address of at least one bridge.
The Tor Project distributes bridge addresses in several ways, for example from their
website and via email.
Bridges are less reliable and tend to have lower performance than other
entry points.
3. The less publicly known the bridges are, the better. Unfortunately, since some bridge
addresses can be obtained by anyone from the Tor website or by email, it is also
possible for an adversary to get the same bridge information by the same means. The
Tor Project has some protection against that, but they are far from being perfect.
So the best is if you can find a trusted friend or an organisation in a different country
who runs a "private" obfuscated bridge for you. In this case "private" means that the
bridge is configured with the option PublishServerDescriptor 0. Without this
option The Tor Project can learn about the bridge and may distribute its address to
others and so it could end up in the hands of your adversary.
https://tails.boum.org/doc/first_steps/startup_options/bridge_mode/index.en.html
1/17/2014
doc
first steps
Page 1 of 2
startup options
Windows Camouflage
English
DE
FR
PT
Windows Camouflage
If you are using a computer in public you may
want to avoid attracting unwanted attention by
changing the way Tails looks into something that
resembles Microsoft Windows XP.
When Tails is starting up the Windows
Download
Tails 0.22
About
Getting started
Documentation
https://tails.boum.org/doc/first_steps/startup_options/windows_camouflage/index.en.html
1/17/2014
Page 2 of 2
https://tails.boum.org/doc/first_steps/startup_options/windows_camouflage/index.en.html
1/17/2014
doc
first steps
Page 1 of 5
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
Applications menu
The Applications menu is where you will find shortcuts to the installed applications.
Please explore the different categories and try out those that seem interesting.
https://tails.boum.org/doc/first_steps/introduction_to_gnome_and_the_tails_desktop/index.... 1/17/2014
Page 2 of 5
Places menu
The Places menu is here to make it easy to access storage medias.
System menu
The System menu allows to customize the GNOME desktop or the system.
https://tails.boum.org/doc/first_steps/introduction_to_gnome_and_the_tails_desktop/index.... 1/17/2014
Page 3 of 5
Applications Shortcuts
On the right of these three menu entries, a few shortcuts allow to launch the most
frequently used applications.
Notification area
In the upper right corner you will find a couple of icons, each of which offers an interface
for some system feature or running application. You are encouraged to check these icons
out with the left and right mouse buttons.
https://tails.boum.org/doc/first_steps/introduction_to_gnome_and_the_tails_desktop/index.... 1/17/2014
Page 4 of 5
Power Manager: information about your battery, if you are using a laptop
Bottom panel
On the bottom of the screen is another panel.
Desktop shortcut: allows to minimize all open windows to show the desktop.
Then come the buttons for open windows and on the right, a set of four similar rectangle
icons gives access to four different workspaces.
Desktop shortcuts
Computer: access storage media
https://tails.boum.org/doc/first_steps/introduction_to_gnome_and_the_tails_desktop/index.... 1/17/2014
Page 5 of 5
To manage local files, follow links on the desktop or from the Places menu at top right
corner of the screen. To move files or folders, you can drag them from one window and
drop them to another.
To connect to remote FTP or SFTP server, go to Places Connect to Server....
https://tails.boum.org/doc/first_steps/introduction_to_gnome_and_the_tails_desktop/index.... 1/17/2014
Tails - Accessibility
doc
first steps
Page 1 of 2
Accessibility
English
DE
FR
PT
Accessibility
Tails uses the GNOME Desktop that provides
many accessibility features as documented in
the GNOME Access Guide . For a summary of
those features, read the quick reference
Download
Tails 0.22
About
To hear screen elements spoken to you or
magnify the screen, see the GNOME Orca
Getting started
Documentation
The screen reading functionality of
GNOME Orca does not work neither
with the Tor Browser nor with the
Unsafe Web Browser.
If you prefer a pointing device over the keyboard, you can use the Florence virtual
keyboard, instead of the GNOME On-Screen Keyboard.
If you are operating a computer one-handed (by joystick, touchscreen, or mouse) or
zero-handed (by head-mouse or eyetracker), you can use the Dasher graphical
predictive text entry application.
If you prefer high contrast, large print or inversed colors, you can change the
default theme:
1. Choose System Preferences Appearance.
2. Select one of the theme to apply it. The following themes are available:
High Contrast
High Contrast Inverse
High Contrast Large Print
High Contrast Large Print Inverse
Large Print
https://tails.boum.org/doc/first_steps/accessibility/index.en.html
1/17/2014
Tails - Accessibility
Page 2 of 2
Low Contrast
Low Contrast Large Print
3. For large print themes, click the Apply Font to change the font size.
4. Click Close.
https://tails.boum.org/doc/first_steps/accessibility/index.en.html
1/17/2014
Tails - Persistence
doc
first steps
Page 1 of 2
Persistence
English
DE
FR
PT
Persistence
If you start Tails from a USB stick or SD card, you
can create a persistent volume in the free space
left on the device by Tails Installer. The files in
the persistent volume are saved and remain
Download
Tails 0.22
About
You can use this persistent volume to store
different kinds of files:
your personal files and working documents
the software packages that you download and
install in Tails
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/first_steps/persistence/index.en.html
1/17/2014
doc
first steps
persistence
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
4. Browser Plugins
5. Use to the Minimum
About
Getting started
Storing Sensitive
Documents
The persistent volume is not hidden. An
attacker in possession of the device can know
that there is a persistent volume on it. Take into
Documentation
Help & Support
Contribute
consideration that you can be forced or tricked to give out its passphrase.
Note also that secure deletion does not work as expected on USB sticks.
See the corresponding documentation. Read also how to delete the persistent volume.
Overwriting Configurations
The programs included in Tails are carefully configured with security in mind. If you use
the persistence volume to overwrite the configuration of the programs included in Tails,
it can break this security or render these programs unusable.
Be especially careful when using the Dotfiles feature.
Furthermore, the anonymity of Tor and Tails relies on making it harder to distinguish one
Tails user from another. Changing the default configurations can break your
anonymity.
https://tails.boum.org/doc/first_steps/persistence/warnings/index.en.html
1/17/2014
Page 2 of 2
Browser Plugins
The web browser is a central part in a system like Tails. The plugins included in the
browser are carefully chosen and configured with security in mind. If you install other
plugins or change their configuration, you can break your anonymity.
https://tails.boum.org/doc/first_steps/persistence/warnings/index.en.html
1/17/2014
doc
first steps
persistence
Page 1 of 7
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
5. Claws Mail
6. GNOME Keyring
7. Network Connections
8. APT Packages
9. APT Lists
10. Browser bookmarks
11. Printers
12. Dotfiles
13. Additional software packages
https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html
1/17/2014
Page 2 of 7
The error message Error, Persistence partition is not unlocked. means that
the persistent volume was not enabled from Tails greeter. So you can not
configure it but you can delete it and create a new one.
Personal Data
When this feature is activated, you can save your personal files and working documents
in the Persistent folder.
https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html
1/17/2014
Page 3 of 7
To open the Persistent folder, choose Places Home Folder, and open the Persistent
folder.
GnuPG
When this feature is activated, the OpenPGP keys that you create or import are saved in
the persistent volume.
If you manually edit or overwrite the ~/.gnupg/gpg.conf configuration file
you may lessen your anonymity, weaken the encryption defaults or render
GnuPG unusable.
SSH Client
When this feature is activated, all the files related to the secure-shell client are saved in
the persistent volume:
The SSH keys that you create or import
The public keys of the hosts you connect to
The SSH configuration file in ~/.ssh/config
If you manually edit the ~/.ssh/config configuration file, make sure not to
overwrite the default configuration from the /etc/ssh/ssh_config file.
Otherwise, you may weaken the encryption defaults or render SSH
unusable.
Pidgin
When this feature is activated, all the configuration files of the Pidgin Internet
messenger are saved in the persistent volume:
The configuration of your accounts, buddies and chats.
Your OTR encryption keys and keyring.
The content of the discussions is not saved unless you configure Pidgin to do so.
https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html
1/17/2014
Page 4 of 7
All the configuration options are available from the graphical interface. There is no need
to manually edit or overwrite the configuration files.
Claws Mail
When this feature is activated, the configuration and emails stored locally by the Claws
Mail email client are saved in the persistent volume.
All the configuration options are available from the graphical interface. There is no need
to manually edit or overwrite the configuration files.
The emails of a POP3 account created without using the configuration
assistant are not stored in the persistent volume by default. For example,
when configuring a second email account.
To make it persistent choose File Add Mailbox MH... and change the
location of the mailbox from Mail to .claws-mail/Mail.
GNOME Keyring
When this feature is activated, the secrets of GNOME Keyring are saved in the persistent
volume.
GNOME Keyring is a collection of components in GNOME that store secrets, passwords,
keys, certificates and make them available to applications. For more information about
GNOME Keyring see the official documentation .
Network Connections
When this feature is activated, the configuration of the network devices and connections
is saved in the persistent volume.
To save passwords, for example the passwords of encrypted wireless connections, the
GNOME Keyring persistence feature must also be activated.
https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html
1/17/2014
Page 5 of 7
APT Packages
When this feature is activated, the packages that you install using the Synaptic package
manager or the apt-get command are saved in the persistent volume.
If you install additional programs, this feature allows you to download them once and
reinstall them during future working sessions, even offline. Note that those packages are
not automatically installed when restarting Tails.
If you activate this feature, it is recommended to activate the APT Lists feature as well.
APT Lists
When this feature is activated, the lists of all the software packages available for
installation are saved in the persistent volume.
Those so called APT lists correspond to the files downloaded while doing Reload from
the Synaptic package manager or issuing the apt-get update command.
The APT lists are needed to install additional programs or explore the list of available
software packages. This feature allows you to reuse them during future working
sessions, even offline.
Browser bookmarks
When this feature is activated, changes to the bookmarks in the Tor Browser are saved
in the persistent volume. This does not apply to the Unsafe web browser.
Printers
When this feature is activated, the configuration of the printers is saved in the persistent
volume.
https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html
1/17/2014
Page 6 of 7
Dotfiles
When this feature is enabled, a list of additional software of your choice is automatically
installed at the beginning of every working session. The corresponding software
packages are stored in the persistent volume. They are automatically upgraded for
security after a network connection is established.
To use this feature you need to enable both the APT Lists and APT Packages features.
If you are offline and your additional software packages don't install, it
might be caused by outdated APT Lists. The issue will be fixed next time
you connect Tails to Internet with persistence activated.
To choose the list of additional software, start Tails with an administrator password and
edit (as an administrator) the file
called /live/persistence/TailsData_unlocked/live-additional-software.conf.
Each line of this file must contain the name of a Debian package to be installed as an
additional software package.
For example, to automatically install the dia software, a diagram editor, and the
https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html
1/17/2014
Page 7 of 7
https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html
1/17/2014
doc
first steps
persistence
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Volume
Contribute
1. When starting Tails, in the Use persistence? dialog of Tails Greeter, choose Yes to
enable the persistent volume for the current working session.
2. Enter the passphrase of the persistent volume in the Passphrase text box.
3. If you select the Read-Only check box, the content of persistent volume will be
available and you will be able to modify it but the changes will not be saved.
https://tails.boum.org/doc/first_steps/persistence/use/index.en.html
1/17/2014
doc
first steps
persistence
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/first_steps/persistence/delete/index.en.html
1/17/2014
doc
first steps
Page 1 of 2
persistence
DE
FR
PT
Download
Tails 0.22
be extra careful.
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/first_steps/persistence/copy/index.en.html
1/17/2014
Page 2 of 2
5. Click on Unlock Volume to unlock the old persistent volume. Enter the passphrase
of the old persistent volume and click Unlock.
6. Click on the TailsData partition that appears below the Encrypted Volume
partition.
7. Click on Mount Volume. The old persistent volume is now mounted as
/media/TailsData.
8. Choose Places TailsData from the top navigation bar to open the old persistent
volume.
9. In the file browser, choose File New Tab and navigate to
/live/persistence/TailsData_unlocked in this new tab.
10. Click on the TailsData tab.
11. To import a folder containing persistent data from the old persistent volume to the
new one, drag and drop that folder from the TailsDataonto the TailsData_unlocked
tab. When importing a folder, choose to Merge All the folder, and Replace All files.
Do not import a folder if you do not know what it is used for.
The apt folder corresponds to the APT Packages and APT Lists persistence
features. But it requires administration rights to be imported and this goes beyond
the scope of these instructions. Note that this folder does not contain personal
data.
The bookmarks folder corresponds to the Browser bookmarks persistence
feature.
The claws-mail folder corresponds to the Claws Mail persistence feature.
The dotfiles folder corresponds to the Dotfiles persistence feature.
The gnome-keyring folder corresponds to the GNOME Keyring persistence
feature.
The gnupg folder corresponds to the GnuPG persistence feature.
The nm-connections folder corresponds to the Network Connections persistence
feature.
The openssh-client folder corresponds to the SSH Client persistence feature.
The Persistent folder corresponds to the Personal Data persistence feature.
The pidgin folder corresponds to the Pidgin persistence feature.
https://tails.boum.org/doc/first_steps/persistence/copy/index.en.html
1/17/2014
doc
first steps
persistence
Page 1 of 4
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
1. Automatic upgrade
Contribute
Automatic upgrade
We designed a migration mechanism that allows, in most cases, to upgrade
automatically to those more secure persistent volume settings. To do this upgrade, once
and for all:
1. Start Tails 0.21.
2. Enable persistence without the read-only option. Activating the read-only option
prevents Tails from starting correctly until the upgrade is made.
3. If the upgrade is successful, Tails starts as usual and no notification appears.
But this automatic upgrade might not be sufficient in some cases.
https://tails.boum.org/doc/first_steps/persistence/upgrade/index.en.html
1/17/2014
Page 2 of 4
a. If you skipped the upgrade to Tails 0.21 and upgraded directly to Tails 0.22
or later, then install Tails 0.21 to run the automatic upgrade as described above, or
follow the instructions to manually copy your persistent data to a new device. For
security reasons the automatic upgrade is not available in Tails 0.22 or later.
b. If you have custom persistence settings or use additional software
packages, the corresponding settings are not upgraded automatically.
A notification should appear when starting Tails that indicates which persistence
settings are temporarily disabled. In that case, follow the instructions to enable again
your custom persistence settings.
If you have custom persistence settings or use additional software but no
notification appear on the desktop, then your Tails system might be
corrupted. In that case, follow the instructions to manually copy your
persistent data to a new device.
c. If you have good reasons to think that your persistence settings are
corrupted or if you want to be extra careful, then follow the instructions to manually
copy your persistent data to a new device.
live-persistence.conf.old
If there is a file named live-persistence.conf.old in the TailsData_unlocked folder, then
some of your persistence settings need to be enabled manually.
https://tails.boum.org/doc/first_steps/persistence/upgrade/index.en.html
1/17/2014
Page 3 of 4
live-additional-software.conf.disabled
If there is a file named live-additional-software.conf.disabled in the TailsData_unlocked
folder, then your additional software need to be enabled manually.
1. In the file browser, right-click on the live-additional-software.conf.disabled file and
open it by choosing Open with Other Application... and then gedit.
2. Right-click on the live-additional-software.conf file and choose Open with Other
Application... and then gedit to open it in a new tab in gedit.
3. Copy from live-additional-software.conf.disabled to live-additional-software.conf the
lines corresponding to your additional software.
If you detect unexpected lines in live-additional-software.conf.disabled that do
not correspond to any additional software added by you, they might have been
introduced by an attacker. In this case, do the following:
1. Report a bug using WhisperBack and explain which are the lines that look suspicious
to you.
https://tails.boum.org/doc/first_steps/persistence/upgrade/index.en.html
1/17/2014
Page 4 of 4
2. Keep that Tails device without modifying it in order to analyse it later if needed.
3. Follow the instructions to manually copy your persistent data to a new device.
If you do not detect any suspicious line, close gedit and delete the
live-additional-software.conf.disabled file using the file browser.
https://tails.boum.org/doc/first_steps/persistence/upgrade/index.en.html
1/17/2014
doc
first steps
Page 1 of 4
Report an error
English
DE
FR
PT
Report an error
In this documentation we use the term bug to
refer to a software error.
Reporting bugs is a great way of helping us
Download
Tails 0.22
improving Tails.
About
Remember that the more effectively you
report a bug, the more likely we are to fix it.
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/first_steps/bug_reporting/index.en.html
1/17/2014
Page 2 of 4
Use WhisperBack
WhisperBack is an application written specifically to report bugs anonymously
from inside Tails. If you are not able to use WhisperBack, see the special
cases.
WhisperBack will help you fill-up a bug report, including relevant technical details and
send it to us encrypted and through Tor.
Start WhisperBack
To start WhisperBack, choose Applications System Tools WhisperBack.
https://tails.boum.org/doc/first_steps/bug_reporting/index.en.html
1/17/2014
Page 3 of 4
Giving us an email address allows us to contact you to clarify the problem. But it also
provides an opportunity for eavesdroppers, like your email or Internet provider, to
confirm that you are using Tails.
Special cases
You might not always be able to use WhisperBack. In those cases, you can also send
your bug report by email directly.
Note that if you send the report yourself, it might not be anonymous unless you take
special care (e.g. using Tor with a throw-away email account).
No internet access
WhisperBack won't be able to send your bug report.
The following steps can be used as an alternative method:
1. In Tails, start WhisperBack
2. In the bug report window, expand "technical details to include"
3. Copy everything in the "debugging info" box
4. Paste it to another document (using gedit for instance)
5. Save the document on a USB stick
6. Boot into a system with Internet connection and send your report
https://tails.boum.org/doc/first_steps/bug_reporting/index.en.html
1/17/2014
doc
first steps
Page 1 of 3
bug reporting
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/first_steps/bug_reporting/tails_does_not_start/index.en.html
1/17/2014
Page 2 of 3
6. Have you been able to start Tails successfully on the same computer using different
installation methods? For example, it might start from a DVD but not from a USB
stick.
7. What installation method did you use to set up Tails?
If you are knowledgeable about BIOS configuration, you can also try the following:
1. Make sure the computer is configured to start with legacy BIOS support first, and not
UEFI.
2. Try to upgrade your BIOS version.
https://tails.boum.org/doc/first_steps/bug_reporting/tails_does_not_start/index.en.html
1/17/2014
doc
first steps
Page 1 of 1
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
This method does not work with DVD, see ticket #5447 .
This method does not work after using the Tails Installer, see ticket
#5677 .
While shutting down, the data stored in RAM+ is erased to protect from cold boot
attacks.
https://tails.boum.org/doc/first_steps/shutdown/index.en.html
1/17/2014
doc
Page 1 of 1
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/anonymous_internet/index.en.html
1/17/2014
doc
anonymous internet
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Click on its icon in the notification area to find
the list of available connections:
https://tails.boum.org/doc/anonymous_internet/networkmanager/index.en.html
1/17/2014
Page 2 of 2
All wireless networks your computer is picking up are listed there, as are all wired
networks you have access to (usually one per wire), so the second click is used for
choosing any one of these. If the network is protected you will be prompted for a
password.
VPN
There is currently no documented method of using VPN with Tails. See the
corresponding ticket.
https://tails.boum.org/doc/anonymous_internet/networkmanager/index.en.html
1/17/2014
doc
anonymous internet
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Contribute
Tails includes an "Unsafe Browser" for this purpose, and it can be started via the menu:
https://tails.boum.org/doc/anonymous_internet/unsafe_browser/index.en.html
1/17/2014
doc
anonymous internet
Page 1 of 3
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/anonymous_internet/vidalia/index.en.html
1/17/2014
Page 2 of 3
In here, all the Tor nodes in the Tor network are listed, as are all your circuits and
connections that go through the Tor network. This requires a bit of technical knowledge
of how Tor works in order to understand and use, but it is not at all necessary. From the
connection listing it should at least be relatively easy for you to see which exit node and
country it appears your connections come from.
https://tails.boum.org/doc/anonymous_internet/vidalia/index.en.html
1/17/2014
Page 3 of 3
https://tails.boum.org/doc/anonymous_internet/vidalia/index.en.html
1/17/2014
doc
anonymous internet
Page 1 of 4
English
DE
FR
PT
Tails 0.22
About
Tor Browser is a rebranded version of the Mozilla
Getting started
Documentation
1. HTTPS Encryption
2. HTTPS Everywhere
3. Torbutton
4. Protection against dangerous JavaScript
5. NoScript to have even more control over JavaScript
HTTPS Encryption
Using HTTPS instead of HTTP encrypts your communication while browsing the web.
All the data exchanged between your browser and the server you are visiting are
encrypted. It prevents the Tor exit node to eavesdrop on your communication.
HTTPS also includes mechanisms to authenticate the server you are communicating
with. But those mechanisms can be flawed, as explained on our warning page.
https://tails.boum.org/doc/anonymous_internet/Tor_Browser/index.en.html
1/17/2014
Page 2 of 4
For example, here is how the browser looks like when we try to log in an email account
at lavabit.com , using their webmail interface :
Notice the small area on the left of the address bar saying "lavabit.com" on a blue
background and the address beginning with "https://" (instead of "http://"):
is being used.
You should try to only use services providing HTTPS when you are sending or retrieving
sensitive information (like passwords), otherwise its very easy for an eavesdropper to
steal whatever information you are sending or to modify the content of a page on its
way to your browser.
HTTPS Everywhere
https://tails.boum.org/doc/anonymous_internet/Tor_Browser/index.en.html
1/17/2014
HTTPS Everywhere
Page 3 of 4
encrypts your communications with a number of major websites. Many sites on the web
offer some limited support for encryption over HTTPS, but make it difficult to use. For
instance, they may default to unencrypted HTTP, or fill encrypted pages with links that
go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems
by rewriting all requests to these sites to HTTPS.
To learn more about HTTPS Everywhere you can see:
the HTTPS Everywhere homepage
the HTTPS Everywhere FAQ
Torbutton
Tor alone is not enough to protect your anonymity and privacy while browsing the web.
All modern web browsers, such as Firefox, support JavaScript , Adobe Flash , cookies
and other services which have been shown to be able to defeat the anonymity provided
by the Tor network.
In Tails all such features are handled from inside the browser by an extension called
Torbutton
which does all sorts of things to prevent the above type of attacks. But that
comes at a price: since this will disable some functionalities and some sites might not
work as intended.
To learn more about Torbutton you can see:
the Torbutton homepage
the Torbutton FAQ
https://tails.boum.org/doc/anonymous_internet/Tor_Browser/index.en.html
1/17/2014
Page 4 of 4
and features .
https://tails.boum.org/doc/anonymous_internet/Tor_Browser/index.en.html
1/17/2014
doc
anonymous internet
Page 1 of 3
English
DE
FR
PT
or XMPP
Download
Tails 0.22
About
Getting started
Documentation
Contribute
1. Predefined accounts
2. Off-the-record (OTR) encryption
3. Random username generation
4. Adding support for another protocol
Predefined accounts
Two accounts are configured in Pidgin by default:
irc.oftc.net to connect to the OFTC IRC server, and join the #tails and #tor chats.
127.0.0.1 to connect to the I2P IRC server.
Those accounts are deactivated when Tails is started. To activate them, choose
Accounts Enable Accounts , and select the account that you want to enable in the
submenu.
https://tails.boum.org/doc/anonymous_internet/pidgin/index.en.html
1/17/2014
Page 2 of 3
In a private OTR conversation over IRC, a message sent using the /me
command is not encrypted. The person receiving the message is
notified by a warning.
https://tails.boum.org/doc/anonymous_internet/pidgin/index.en.html
1/17/2014
Page 3 of 3
a. The support in Pidgin for this protocol has been successfully tested in Tails.
b. Someone volunteers to maintain the corresponding support in Tails on the long term.
c. Someone has verified that the security record of the desired plugin (including open
bugs) is good enough.
If you want to work on this issue, see our contribute page.
https://tails.boum.org/doc/anonymous_internet/pidgin/index.en.html
1/17/2014
How to Use OTR to Initiate a Secure Messaging Session in Pidgin | Security In A Box
how-to booklet
hands-on guides
or select Start > Programs > Pidgin to launch Pidgin and activate the Buddy List window (please
Step 2. Open the Tools menu, and then select the Plugins item as follows:
Page 1 of 7
mobile security
How-to Booklet
Hands-On Guides
Avast! - Anti-Virus
Spybot - Anti-Spyware
Comodo Firewall
KeePass - Secure
Password Storage
TrueCrypt - Secure File
Storage
Cobian Backup - Secure
File Storage
Recuva - File Recovery
Eraser - Secure File
Removal
CCleaner - Secure File
Deletion and Work
Session Wiping
RiseUp - Secure Email
Service
Pidgin with OTR Secure Instant
Messaging
How to Install the
Pidgin and OTR
software and then
Register and Set
Up Your Account
to Pidgin
How to Use OTR
to Initiate a
Secure Messaging
Session in Pidgin
How to Create a
Google Talk
Account
Portable Pidgin
and OTR
FAQ and Review
Jitsi - Secure Audio,
Video and Instant Text
Messaging
Thunderbird with
Enigmail and GPG Secure Email Client
gpg4usb - email text
and files encryption
Firefox with add-ons Secure Web Browser
Tor - Digital Anonymity
and Circumvention
Social networking tools:
Facebook, Twitter, and
others
Mobile Security
Figure 1: The Buddy List window with the Plugins item selected from the Tools menu
This will activate the Plugins window as follows:
Step 2. Scroll down to the Off-the-Record Messaging option, then click its associated check box to enable it.
https://securityinabox.org/en/pidgin_securechat
1/17/2014
How to Use OTR to Initiate a Secure Messaging Session in Pidgin | Security In A Box
Page 2 of 7
Basically, there are 3 steps involved in configuring OTR properly to effectively enable private and secure IM sessions and they
are explained below:
The First Step: This involves generating a unique private key associated with your account, and displaying its fingerprint.
The next two steps involve securing the IM session and authenticating your buddies.
The Second Step: This involves one party requesting a private and secure messaging session with another party currently online.
The The Third Step involves authenticating or verifying the identity of your Pidgin buddy. (Note: In Pidgin, a buddy is
anyone you correspond with during IM sessions. This process of verifying a buddy's identity is known referred to as
authentication in Pidgin. This means establishing that your buddy is exactly the person who he/she is claims to be.
3.2 The First Step - How to Generate a Private Key and Display its Fingerprint
Secure chat sessions in Pidgin are enabled by generating a private key for the relevant account. The Off-the-Record
configuration window is divided into the Config and the Known fingerprints tabs. The Config tab is used to generate a key for
each of your accounts and to set specific OTR options. The Known fingerprints tab contains your friends' keys. You must possess
a key for any buddy with whom you wish to chat privately.
https://securityinabox.org/en/pidgin_securechat
1/17/2014
How to Use OTR to Initiate a Secure Messaging Session in Pidgin | Security In A Box
Page 3 of 7
after the private key (which resembles the following), has been generated:
Figure 6: A Pidgin messaging window displaying the OTR icon outlined in black
Step 2. Click
follows:
to activate its associated pop-up menu, and then select the Start private conversation item as
Figure 7: The pop-up menu with the Start private conversation item selected
Your Pidgin IM window will then resemble the following screen:
https://securityinabox.org/en/pidgin_securechat
1/17/2014
How to Use OTR to Initiate a Secure Messaging Session in Pidgin | Security In A Box
Page 4 of 7
, indicating
Warning! Although this conversation is now secure, the identity of your buddy has not been verified yet. Beware: Your buddy
might actually be someone else pretending to be your buddy.
3.4 The Third Step - How to Authenticate the Identity of Your Pidgin Buddy
You may use one of three methods of identification to authenticate your Pidgin buddy; you could use 1). a pre-arranged secret
code phrase or word, 2). pose a question, the answer to which is only known to both of you or 3) manually verify the fingerprints
of your key using a different method of communication.
Figure 9: The Unverified pop-up menu with the Authenticate buddy item selected
This will activate the Authenticate Buddy window, prompting you to select an authentication method.
Step 2. Click
Figure 10: The Authenticate buddy screen with the drop-down list revealed
Step 3. Enter the secret code word or phrase as follows:
https://securityinabox.org/en/pidgin_securechat
1/17/2014
How to Use OTR to Initiate a Secure Messaging Session in Pidgin | Security In A Box
Page 5 of 7
https://securityinabox.org/en/pidgin_securechat
1/17/2014
How to Use OTR to Initiate a Secure Messaging Session in Pidgin | Security In A Box
Page 6 of 7
https://securityinabox.org/en/pidgin_securechat
1/17/2014
How to Use OTR to Initiate a Secure Messaging Session in Pidgin | Security In A Box
Page 7 of 7
If your buddy's answer matches yours, then your identities will have been mutually authenticated or verified, and both parties
are who they claim to be!
. Your session will now be secure and you can
Once the session has been authenticated, the OTR button will change to
be certain of your chat buddy's identity.
Notice that when you Select > Buddy List > Tools > Plugins > Off The Record Messaging > Configure Plugin, the Known
fingerprints tab now displays your buddy's account, and a message that their identity has been verified.
Figure 17: The Off-the-Record Messaging screen displaying the Known Fingerprints tab
Congratulations! You may now chat privately. The next time you and your buddy chat (using the same computers), you can skip
the first and third steps, above. You should only have to request a secure connection and have your buddy accept it.
How to Install the Pidgin and OTR software and
then Register and Set Up Your Account to Pidgin
Printer-friendly version
CREDITS
up
Burmese
DISCLAIMER
Franais
SEARCH
https://securityinabox.org/en/pidgin_securechat
Bahasa Indonesia
DOWNLOAD
CONTACT
1/17/2014
doc
anonymous internet
Page 1 of 1
Using I2P
English
DE
FR
PT
Using I2P
I2P
Download
Tails 0.22
About
Getting started
Documentation
Contribute
I2P is not started by default in Tails, but can be
started manually throught the menu:
https://tails.boum.org/doc/anonymous_internet/i2p/index.en.html
1/17/2014
doc
anonymous internet
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
Furthermore, Tor tries to build circuits with relays in different countries which make
connection travel more and appear slower.
https://tails.boum.org/doc/anonymous_internet/why_tor_is_slow/index.en.html
1/17/2014
doc
Page 1 of 1
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/encryption_and_privacy/index.en.html
1/17/2014
doc
Page 1 of 1
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Contribute
system.
You should save anything you want to keep for later access into a separate device (other
USB stick, other DVD or any device you would choose), or use the persistence feature.
https://tails.boum.org/doc/encryption_and_privacy/your_data_wont_be_saved_unless_expl... 1/17/2014
doc
Page 1 of 1
English
DE
FR
PT
Download
Tails 0.22
keylogger .
About
You can use the Florence
virtual keyboard to
Getting started
Documentation
Help & Support
Contribute
There is currently
https://tails.boum.org/doc/encryption_and_privacy/virtual_keyboard/index.en.html
1/17/2014
doc
Page 1 of 8
English
DE
FR
PT
Download
About
Tails 0.22
under Linux.
Getting started
The Gnome Disk Utility, allows you to create encrypted volumes
The Gnome Desktop, allows you to open encrypted volumes
1. Create an encrypted partition
1. Open the Gnome Disk Utility
2. Identify your external storage device
3. Format the device
4. Create a new encrypted partition
5. Use the new partition
2. Open an existing encrypted partition
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html
1/17/2014
Page 2 of 8
https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html
1/17/2014
Page 3 of 8
Click on Format Drive to erase all the existing partitions on the device. If you're not
sure, don't change the default option: Master Boot Record.
https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html
1/17/2014
Page 4 of 8
https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html
1/17/2014
Page 5 of 8
Size: you can decide to create a partition on the whole device or just on part of it. In this
example we are creating a partition of 2.0 GB on a device of 3.9 GB.
Type: you can change the filesystem type of the partition. If you are not sure you can
leave the default value: Ext4.
Name: you can set a name for the partition. This name will remain invisible until the
partition is open but will help you to identify it during use.
Encrypt underlying device: check this box to encrypt the partition!
Then click on Create.
You will be asked to enter a passphrase for the new partition.
https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html
1/17/2014
Page 6 of 8
At this point you can create other partitions in the free space left on the device, if you
want, by clicking on it and doing again Create Partition.
https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html
1/17/2014
Page 7 of 8
Encrypted, like in the example, you can use its size to guess which one is the one you
want to open.
In case you get it wrong, you will be warned with an error message. You can try to open
the partition as before and as many times as you want.
In case you get it right, it will open a file browser in this partition.
https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html
1/17/2014
Page 8 of 8
Once you are done using the device, to close the encrypted partition choose Places
Computer, right-click on the device, and select Safely Remove Drive.
https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html
1/17/2014
Tails - TrueCrypt
doc
Page 1 of 1
TrueCrypt
English
DE
FR
PT
TrueCrypt
Security considerations
Download
concerns
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
is the only sensible way we can go. This means that you should not
create new TrueCrypt media if you intend to stay with Tails in the long run.
truecrypt boot option to the boot menu. For detailed instructions, see the
documentation on using the boot menu.
Once Tails has started, to start TrueCrypt choose Applications Accessories
TrueCrypt.
https://tails.boum.org/doc/encryption_and_privacy/truecrypt/index.en.html
1/17/2014
doc
Page 1 of 1
Tails gpgApplet
English
DE
FR
PT
Tails gpgApplet
Tails includes a custom applet, called Tails
gpgApplet, to manipulate text using OpenPGP.
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
area.
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/index.en.html
1/17/2014
doc
Page 1 of 3
gpgapplet
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/passphrase_encryption/index... 1/17/2014
Page 2 of 3
3. Click on Tails gpgApplet and select Encrypt Clipboard with Passphrase from the
menu.
If you receive the error message The clipboard does not contain valid input
data, try to copy your text again, starting from step 2.
4. In the Passphrase dialog box, enter a passphrase of your choice. Repeat the same
passphrase in the second dialog box.
5. Tails gpgApplet now shows a padlock, meaning that the clipboard contains encrypted
text.
6. To paste the encrypted text into another application, right-click in the application
where you want to paste it and choose Paste from the menu.
For example, you can paste it into the web browser to send it by email.
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/passphrase_encryption/index... 1/17/2014
Page 3 of 3
You can also decrypt a text that is encrypted with a passphrase using Tails
gpgApplet.
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/passphrase_encryption/index... 1/17/2014
doc
Page 1 of 3
gpgapplet
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/public-key_cryptography/ind... 1/17/2014
Page 2 of 3
3. Click on Tails gpgApplet and select Sign/Encrypt Clipboard with Public Keys from
the menu.
If you receive the error message The clipboard does not contain valid input
data, try to copy your text again, starting from step 2.
4. If you want to encrypt the text, select one or more public keys for the recipients of
the encrypted text in the Choose keys dialog box. To select a public key, doubleclick on the corresponding line in the Select recipients list box.
5. If you want to sign the text, select the secret key with which you want to sign the text
in the Sign message as drop-down list.
6. If you want to hide the recipients of the encrypted text, select the Hide recipients
check box. Otherwise anyone who sees the encrypted text can know who the
recipients are.
7. Click on the OK button.
If you receive the warning message Do you trust these keys, answer it
accordingly.
8. If you selected one or several public keys to encrypt the text, Tails gpgApplet now
shows a padlock, meaning that the clipboard contains encrypted text.
If you only selected a secret key to sign the text, Tails gpgApplet now shows a seal,
meaning that the clipboard contains signed text.
9. To paste the encrypted or signed text into another application, right-click in the
application where you want to paste it and choose Paste from the menu.
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/public-key_cryptography/ind... 1/17/2014
Page 3 of 3
For example, you can paste it into the web browser to send it by email.
You can also decrypt or verify a text that is encrypted or signed using
public-key cryptography using Tails gpgApplet.
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/public-key_cryptography/ind... 1/17/2014
doc
Page 1 of 2
gpgapplet
DE
FR
PT
Download
Tails 0.22
About
Getting started
MESSAGE-----.
To copy it into the clipboard , right-click on
the selected text and choose Copy from the
menu.
2. If the text that you selected is encrypted,
Documentation
Help & Support
Contribute
If the text that you selected is only signed, but not encrypted, Tails gpgApplet now
shows a seal, meaning that the clipboard contains signed text.
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/decrypt_verify/index.en.html
1/17/2014
Page 2 of 2
3. Click on Tails gpgApplet and select Decrypt/Verify Clipboard from the menu.
4. If the text that you selected is only signed and the signature is valid, the GnuPG
results window described in step 6 appears directly.
If the text is signed and the signature is invalid, a GnuPG error message appears
that mentions BAD signature from.
If the text is encrypted with a passphrase, the Enter passphrase dialog box
appears. Enter the passphrase that has been used to encrypt the text and click OK.
If the text is encrypted using public-key cryptography, three different dialog boxes
can appear.
a. If the passphrase for the corresponding private key is not already cached in
memory, a dialog box appears with the following message: You need a
passphrase to unlock the secret key for user. Enter the passphrase for this
secret key and click OK.
b. If the passphrase for the corresponding secret key is already cached in memory, a
dialog box appears with the following message: The passphrase is cached in
memory. Click on the Authorize button to use the passphrase cached in
memory.
c. If no secret key for which the text is encrypted is available in your keyring, a
GnuPG error message appears that mentions decryption failed: secret key not
available.
5. If the passphrase provided in step 4 is incorrect, a GnuPG error message appears
that mentions decryption failed: bad key.
6. If the passphrase provided in step 4 is correct, or if the signature of the text is valid,
or both, a GnuPG results window appears.
The decrypted text appears in the Output of GnuPG text box.
In the Other messages provided by GnuPG text box, the message Good
signature from, confirms that the signature of the text is valid.
To store your GnuPG keys and configuration across separate working
sessions, you can activate the GnuPG persistent volume feature.
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/decrypt_verify/index.en.html
1/17/2014
doc
Page 1 of 7
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/encryption_and_privacy/secure_deletion/index.en.html
1/17/2014
Page 2 of 7
For more details read, the corresponding section of the Wikipedia article on Secure file
deletion .
https://tails.boum.org/doc/encryption_and_privacy/secure_deletion/index.en.html
1/17/2014
Page 3 of 7
https://tails.boum.org/doc/encryption_and_privacy/secure_deletion/index.en.html
1/17/2014
Page 4 of 7
Confirm.
The deletion will start. It can last from a few seconds to several minutes, according to the
size of the files. Be patient
https://tails.boum.org/doc/encryption_and_privacy/secure_deletion/index.en.html
1/17/2014
Page 5 of 7
Once the deletion will be done you should be prompted with a message saying:
The disk or the folder may or may not contain other files. Those files will not be deleted
during the operation.
https://tails.boum.org/doc/encryption_and_privacy/secure_deletion/index.en.html
1/17/2014
Page 6 of 7
Confirm.
The cleaning will start. It can last from a few minutes to a few hours, according to the
size of the available diskspace. Be patient
Note that a file called oooooooo.ooo is created in the folder. Nautilus Wipe will try to
make it as big as possible to use all the available diskspace and then will securely delete
it.
https://tails.boum.org/doc/encryption_and_privacy/secure_deletion/index.en.html
1/17/2014
Page 7 of 7
Once the cleaning will be done you should be prompted with a message saying:
https://tails.boum.org/doc/encryption_and_privacy/secure_deletion/index.en.html
1/17/2014
doc
Page 1 of 3
English
DE
FR
PT
Download
Tails 0.22
can:
Store many passwords in an encrypted
database which is protected by a single
passphrase of your choice.
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/encryption_and_privacy/manage_passwords/index.en.html
1/17/2014
Page 2 of 3
https://tails.boum.org/doc/encryption_and_privacy/manage_passwords/index.en.html
1/17/2014
Page 3 of 3
When using OpenPGP with Claws Mail or GPG Applet for example, you need to enter a
password in a Pinentry dialog box. But you cannot copy and paste into it. This is a
security feature of Pinentry based on the fact that otherwise the data in the clipboard
could be accessed by another application against your will.
Use the AutoType feature of KeepassX to type a password into a Pinentry dialog box.
1. Before the Pinentry dialog box appears, open KeepassX and unlock the database.
2. Use OpenPGP with Claws Mail or GPG Applet until the Pinentry dialog box appears.
3. Click on the KeepassX logo in the notification area to switch to KeepassX. Right-click
on the entry from which you want to use the password, and choose Perform
AutoType.
Do not enter a user name in the KeepassX entry, otherwise KeepassX will
type it together with the password in the Pinentry dialog box, and the
resulting password will be incorrect.
https://tails.boum.org/doc/encryption_and_privacy/manage_passwords/index.en.html
1/17/2014
doc
Page 1 of 1
English
DE
FR
PT
Download
Tails 0.22
About
Desktop publishing
Audio
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/sensitive_documents/index.en.html
1/17/2014
doc
sensitive documents
Page 1 of 1
Office suite
English
DE
FR
PT
Office suite
Tails includes OpenOffice.org , which is a full-
Download
Tails 0.22
About
Getting started
Office
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/sensitive_documents/office_suite/index.en.html
1/17/2014
Tails - Graphics
doc
Page 1 of 1
sensitive documents
Graphics
English
DE
FR
PT
Graphics
Tails includes The GIMP
Download
Tails 0.22
About
inkscape .
Getting started
Both are accessible from Applications Graphics
menu.
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/sensitive_documents/graphics/index.en.html
1/17/2014
doc
sensitive documents
Page 1 of 1
Desktop publishing
English
DE
FR
PT
Desktop publishing
Scribus
Download
Tails 0.22
About
Getting started
Documentation
Contribute
https://tails.boum.org/doc/sensitive_documents/desktop_publishing/index.en.html
1/17/2014
Tails - Audio
doc
Page 1 of 1
sensitive documents
Audio
English
DE
FR
PT
Audio
Audacity
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/sensitive_documents/audio/index.en.html
1/17/2014
doc
sensitive documents
Page 1 of 1
English
DE
FR
PT
Printing
To configure a printer or manage your printing
jobs choose System Administration
Download
Tails 0.22
About
Getting started
Printing.
Documentation
Contribute
Scanning
Tails includes Simple Scan , a tool to scan both documents and photos.
To start Simple Scan choose Applications Graphics Simple Scan.
https://tails.boum.org/doc/sensitive_documents/printing_and_scanning/index.en.html
1/17/2014
doc
Page 1 of 1
Advanced topics
English
DE
FR
PT
Advanced topics
Protection against cold boot attacks
Virtualization
Enable a wireless device
Enable MAC Changer
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/advanced_topics/index.en.html
1/17/2014
doc
advanced topics
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
your session.
Contribute
This can be achieved using a technique called
cold boot attack+ . To prevent this attack, the data in RAM is overwritten by random
data when shutting down Tails. This erases all traces from your session on that
computer.
On some computers Tails might fail to:
erase all the data in RAM on shutdown
completely shutdown or restart (in this case there is no guarantee that
all the data in RAM is erased).
Moreover, an attacker having physical access to the computer while Tails is running can
recover data from RAM as well. To avoid that, learn the different methods to shutdown
Tails rapidly.
As far as we know, cold boot attacks are not a common procedure for data recovery, but
it might still be good to be prepared.
https://tails.boum.org/doc/advanced_topics/cold_boot_attacks/index.en.html
1/17/2014
Tails - Virtualization
doc
Page 1 of 2
advanced topics
Virtualization
English
DE
FR
PT
Virtualization
Download
1. Security issues
2. Tips and tricks
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
access to Tails's features in a protected environment while you at the same time have
access to your normal operation system.
Security issues
There are a few security issues with this approach though.
When running Tails inside a virtual machine, both the host operating system and the
virtualization software are able to monitor what you are doing in Tails.
The main issue is if the host operating system is compromised with a software keylogger
or other malware, which Tails does not provide any protection against in fact, that is
impossible.
Moreover traces are likely to be left on the local hard disk.
https://tails.boum.org/doc/advanced_topics/virtualization/index.en.html
1/17/2014
Tails - Virtualization
Page 2 of 2
As such, this is only recommended when the other alternative is not an option or when
you are absolutely sure that your host system is clean.
That's why Tails warns you when you are running it inside a virtual machine. Do not
expect Tails to protect you if you run it in a virtual machine if you do not trust the host
computer, Tails is not magical!
If you read this warning while you are not aware to be using a virtual machine: there
could be a ?bug in the virtualization detection software Tails uses... or something really
weird is happening.
If you are unsure, and if you can afford it, run Tails from a DVD, USB stick or SD card
instead.
https://tails.boum.org/doc/advanced_topics/virtualization/index.en.html
1/17/2014
doc
advanced topics
Page 1 of 2
English
DE
FR
PT
Download
Tails 0.22
About
enabled it first.
Getting started
This technique uses the command line.
Documentation
1. When starting Tails, set up an administration
password.
2. To find out the index of the wireless device
that you want to enable, open a root terminal,
Contribute
rfkill list
For example, the command could return the following:
no
no
no
no
yes
no
https://tails.boum.org/doc/advanced_topics/wireless_devices/index.en.html
1/17/2014
Page 2 of 2
The device index is the number that appears at the beginning of the three lines
describing each device. In this example, the index of the Bluetooth device is 1, while
the index of the GPS device is 2. Yours are probably different.
3. To enable the wireless device, execute the following command in the root terminal,
replacing [index] with the index found at step 2:
rfkill unblock 2
4. To verify that the wireless device is enabled, execute the following command in the
root terminal again:
rfkill list
This output should be very similar to the one of step 2, but the device enabled at step
3 should not be soft blocked anymore.
For example, the command could return the following:
no
no
no
no
https://tails.boum.org/doc/advanced_topics/wireless_devices/index.en.html
1/17/2014
doc
advanced topics
Page 1 of 1
English
DE
FR
PT
Download
Tails 0.22
About
Getting started
Documentation
Help & Support
Contribute
https://tails.boum.org/doc/advanced_topics/mac_changer/index.en.html
1/17/2014