path: root/wiki/src/contribute
diff options
authorsegfault <>2017-12-23 19:26:03 +0100
committersegfault <>2017-12-23 19:26:03 +0100
commit5dd7be5862c299a7de6ef3dfcf5b269225c3cca1 (patch)
treedf14a4c5c10b413976645af76ae660fef5a6dc46 /wiki/src/contribute
parent8d2208617df829448ccfd2706428dd43b2bc514e (diff)
parent10e125e66b5fcdf44dfed5f74ab4f8af1f41eade (diff)
Merge branch 'master' of into feature/5684-screen-locker
Diffstat (limited to 'wiki/src/contribute')
41 files changed, 1603 insertions, 214 deletions
diff --git a/wiki/src/contribute/build.mdwn b/wiki/src/contribute/build.mdwn
index 5e2be56..f6776d7 100644
--- a/wiki/src/contribute/build.mdwn
+++ b/wiki/src/contribute/build.mdwn
@@ -36,13 +36,15 @@ To build Tails you need:
vmdebootstrap && \
sudo systemctl restart libvirtd
-2. Ensure your user is in the relevant groups:
+2. Ensure your user can run commands as root with `sudo`.
+3. Ensure your user is in the relevant groups:
for group in kvm libvirt libvirt-qemu ; do
sudo adduser "$(whoami)" "$group"
-3. Logout and log back in to apply the new group memberships.
+4. Logout and log back in to apply the new group memberships.
# Build Tails
@@ -74,12 +76,12 @@ image before building it.
see [[!tails_ticket 11411]].
* If Vagrant failed to start the Tails builder VM the first time
- (e.g. because of permission issues or the `kvm` module not veing
+ (e.g. because of permission issues or the `kvm` module not being
loaded) it will not automatically run the provisioning script, so
you must run `rake vm:provision` yourself before attempting your
first `rake build`. If that fails, run `rake vm:destroy`, which
- removes this half-broken VM, and then start from scratch with `rake
- build` or similar.
+ removes this half-broken VM, and then start from scratch with
+ `rake build` or similar.
# Build settings
diff --git a/wiki/src/contribute/build/reproducible.mdwn b/wiki/src/contribute/build/reproducible.mdwn
index 114e9ea..bdfd121 100644
--- a/wiki/src/contribute/build/reproducible.mdwn
+++ b/wiki/src/contribute/build/reproducible.mdwn
@@ -76,7 +76,7 @@ When you reproducibly build our ISO you should obtain a file that is
exactly the same as the official Tails ISO image, thus, *our* signature
should be able to verify *your* ISO for you.
-[[Download and verify our OpenPGP signature|/install/download/openpgp]]
+[[Download and verify our OpenPGP signature|/install/download#openpgp]]
against your own ISO image.
### Verify with a checksum
diff --git a/wiki/src/contribute/calendar.mdwn b/wiki/src/contribute/calendar.mdwn
index 08dd822..72ae62d 100644
--- a/wiki/src/contribute/calendar.mdwn
+++ b/wiki/src/contribute/calendar.mdwn
@@ -1,27 +1,10 @@
[[!meta title="Calendar"]]
-* 2017-11-02, 16:00 (Berlin time): CI team meeting
-* 2017-11-13:
- - All feature branches targeting Tails 3.3 should be merged into
- the `stable` branch by noon, CET. I'm open to make exceptions
- if you can be online and responsive during that afternoon, but
- ask me first!
- - Build and upload Tails 3.3.
- - Start testing Tails 3.3 during late CET if building the image
- went smoothly.
-* 2017-11-14:
- - Finish testing Tails 3.3 by the afternoon, CET.
- - Release Tails 3.3 (bugfix release).
-* 2017-12-07, 16:00 (Berlin time): CI team meeting
* 2018-01-04, 16:00 (Berlin time): CI team meeting
* 2018-01-05, 14:00 (Berlin time): Additional Software team meeting
-* 2018-01-16: Release 3.4? (Firefox 52.6, bugfix release)
+* 2018-01-23: Release 3.5 (Firefox 52.6, bugfix release) — anonym is the RM
* 2018-02-01, 16:00 (Berlin time): CI team meeting
@@ -29,22 +12,22 @@
* 2018-03-05, 14:00 (Berlin time): Additional Software team meeting
-* 2018-03-06: Release 3.5? (Firefox 52.7, major release)
+* 2018-03-13: Release 3.6 (Firefox 52.7, major release) — bertagaz is the RM
* 2018-04-05, 14:00 (Berlin time): Additional Software team meeting
-* 2018-05-01: Release 3.6? (Firefox 52.8, bugfix release)
* 2018-05-04, 14:00 (Berlin time): Additional Software team meeting
+* 2018-05-08: Release 3.7 (Firefox 52.8, XXX release) — bertagaz is the RM
* 2018-06-05, 14:00 (Berlin time): Additional Software team meeting
-* 2018-06-26: Release 3.7? (Firefox 59.2, major release)
+* 2018-07-03: Release 3.8 (Firefox 52.9, XXX release) — intrigeri is the RM
* 2018-07-05, 14:00 (Berlin time): Additional Software team meeting
-* 2018-08-21: Release 3.8? (Firefox 59.3, bugfix release)
+* 2018-08-28: Release 3.9 (Firefox 60.2, major release) — anonym is the RM
-* 2018-10-16: Release 3.9? (Firefox 59.4, major release)
+* 2018-10-23: Release 3.10 (Firefox 60.3, XXX release) — anonym is the RM
-* 2018-11-27: Release 3.10? (Firefox 59.5, bugfix release)
+* 2018-11-27: Release 3.11 (Firefox 60.4, XXX release) — anonym is the RM
diff --git a/wiki/src/contribute/design.mdwn b/wiki/src/contribute/design.mdwn
index d4eac95..49bc685 100644
--- a/wiki/src/contribute/design.mdwn
+++ b/wiki/src/contribute/design.mdwn
@@ -683,7 +683,7 @@ the risks involved and how to manage those risks.
## 3.0 Other Tails design documents
-[[!map pages="contribute/design/*"]]
+[[!map pages="contribute/design/*" show="title"]]
## 3.1 Download
diff --git a/wiki/src/contribute/design/Time_syncing.mdwn b/wiki/src/contribute/design/Time_syncing.mdwn
index 969fb5e..57b6c48 100644
--- a/wiki/src/contribute/design/Time_syncing.mdwn
+++ b/wiki/src/contribute/design/Time_syncing.mdwn
@@ -70,11 +70,11 @@ tordate's approach essentially removes the time skew check, which is
used to prevent replay of consensus data. Let's discuss this class of
-First, replaying a consensus older than one week or so results in
+First, replaying a consensus older than four weeks or so results in
preventing access to the Tor network, and that's all, because onion
keys will be wrong. An attacker who is in a position to replay a
consensus to you could anyway do this, unrelated to time, so the issue
-at hand boils down to *replaying a consensus not older than one week
+at hand boils down to *replaying a consensus not older than four weeks
or so*.
Second, the same type of attacker as above could also try to forge a
@@ -96,12 +96,12 @@ consensus requires the attacker either to break SSL, or to control the
fallback directory mirror your Tor client connects to. Not good, but
probably a compromise we can make.
-If using a bridge: your bridge can replay an old (one week old max.)
+If using a bridge: your bridge can replay an old (four weeks old max.)
consensus, which is used until HTP has fixed the time; not good, but
probably a compromise we can make. If your bridge also can set up a SSL
MitM attack against the HTP connections (e.g. the attacker also
controls a SSL CA shipped by Debian), it can trick you into using this
-old consensus for max. one week, which is much worse.
+old consensus for max. four weeks, which is much worse.
diff --git a/wiki/src/contribute/design/application_isolation.mdwn b/wiki/src/contribute/design/application_isolation.mdwn
index 9e39531..450c087 100644
--- a/wiki/src/contribute/design/application_isolation.mdwn
+++ b/wiki/src/contribute/design/application_isolation.mdwn
@@ -28,8 +28,7 @@ mostly because:
other distributions, most notably Ubuntu.
The [[!debpts apparmor]] package is installed, and AppArmor is
-[[!tails_gitweb config/amnesia desc="enabled on the kernel
+enabled by default in Debian's Linux kernel since 4.13.10-1.
Confinement profiles
diff --git a/wiki/src/contribute/design/installation.mdwn b/wiki/src/contribute/design/installation.mdwn
index 77ffc54..2d0cead 100644
--- a/wiki/src/contribute/design/installation.mdwn
+++ b/wiki/src/contribute/design/installation.mdwn
@@ -1,4 +1,4 @@
-[[!meta title="Installing onto a USB Stick"]]
+[[!meta title="Tails Installer"]]
Tails is easily installed to a USB storage device
by cloning an existing Tails system that is running from DVD or USB.
@@ -11,6 +11,11 @@ available removable storage devices.
+Related documents
+- [[Design document of our installation assistant|installation_assistant]]
diff --git a/wiki/src/contribute/design/installation_assistant.mdwn b/wiki/src/contribute/design/installation_assistant.mdwn
new file mode 100644
index 0000000..0a66ea8
--- /dev/null
+++ b/wiki/src/contribute/design/installation_assistant.mdwn
@@ -0,0 +1,242 @@
+[[!meta title="Installation assistant"]]
+In 2015, we worked on a complete rewrite on our installation
+instructions. This work was extended in 2017 with the design of a new
+download page. The archive of our design process as well as pending
+issues can be found in the [[corresponding
+Our previous instructions forced people to jump through many different
+documentation pages and often to figure out by themselves what to do next. See
+this [[flowchart of the installation process as of
+The objective was to make this a linear process, to be follow step-by-step, and
+that would take the user from our homepage up to starting on a Tails USB stick
+with a persistent volume. But this process has to be adapted to the base
+operating system of the user or their technical expertise.
+We decided to optimize it for first time and less technical users, while still
+being usable by expert users.
+The following scenarios are proposed:
+ - [[Install from another Tails (for PC)|install/win/clone-overview]]
+ - [[Install from another Tails (for Mac)|install/mac/clone-overview]]
+ - [[Install from Windows|install/win/usb-overview]]
+ - [[Install from Debian, Ubuntu, or Mint|install/debian/usb-overview]]
+ - [[Install from Debian, Ubuntu, or Mint using the command line and GnuPG|install/expert/usb-overview]]
+ - [[Install from other Linux distributions|install/linux/usb-overview]]
+ - [[Install from macOS by burning a DVD first|install/mac/dvd-overview]]
+ - [[Install from macOS and the command line|install/mac/usb-overview]]
+ - [[Burn a DVD|install/dvd]]
+ - [[Download without installing|install/download]]
+The installation assistant is also adapted to cover two [[manual upgrade
+ - [[Upgrade from another Tails|upgrade/clone-overview]]
+ - [[Upgrade inside Tails|upgrade/tails-overview]]
+The assistant is divided into four sections:
+ - The [[*router*|installation_assistant#router]] which selects the scenario to follow.
+ - The [[*overview*|installation_assistant#overview]] which summarizes graphically the scenario.
+ - The [[*download*|installation_assistant#download]] page for downloading and verifying the ISO image.
+ - The [[*steps*|installation_assistant#steps]] which gives step-by-step instructions for the scenario after downloading.
+[[!toc levels=2]]
+Related documents
+- [[Design document of *Tails Installer*|verification_extension]]
+- [[Design document of *Tails Verification*|verification_extension]]
+- [[Blueprint with archives of the past design processes and notes on future work|blueprint/bootstrapping/assistant]]
+Implementation tricks
+The installation assistant is basically presenting very similar content in many
+different scenarios with small variations (slightly different steps, slightly
+different terminology, etc.).
+To reuse as much content as possible and reduce the quantity of text and
+translations, our implementation relies heavily on two tricks. Both are
+quite hackish but were the only solution we found to avoid duplicating
+massive amount of content in ikiwiki.
+### Ikiwiki inlines
+The [inline directive]( of
+ikiwiki allows embedding a file into another file to avoid duplicating content.
+It is quite limited and brittle, especially when used together with the PO
+plugin. See [[!tails_ticket 6907]]. Many inlines also slow down the build
+process quite a lot.
+### Conditional CSS content
+To adapt a piece of content reused using ikiwiki inlines to the context
+where it appears we are using CSS classes. For example, to introduce the
+program used to install an intermediary Tails on Windows and Linux we
+&lt;span class="windows"&gt;a program called Universal USB Installer.&lt;/span&gt;
+&lt;span class="linux"&gt;a program called GNOME Disks.&lt;/span&gt;
+Elements with the `windows` class being only displayed in the Windows
+scenario and elements with the
+`linux` class being only displayed in the Linux scenario.
+- Classes for elements potentially displayed on different pages:
+ - `clone` for content involving cloning
+ - `usb` for content with a USB stick as destination device
+ - `windows` for content for Windows
+ - `mac` for content for macOS
+ - `debian` for content for Debian, Ubuntu, or Mint
+ - `expert` for content for Debian, Ubuntu, or Mint on the command line
+ - `linux` for content for other Linux
+ - `upgrade` for content for manual upgrade
+- Classes for elements displayed only on one scenario:
+ - `dvd` for [[/install/dvd-download|/install/dvd-download]]
+ - `vm` for [[/doc/advanced_topics/virtualization|/doc/advanced_topics/virtualization]]
+ - `download-only` for [[/install/download|/install/download]]
+ - `install-clone` for [[/install/clone|/install/clone]]
+ - `windows-usb` for [[/install/win/usb|/install/win/usb]]
+ - `mac-usb` for [[/install/mac/usb|/install/mac/usb]]
+ - `mac-dvd` for [[/install/mac/dvd|/install/mac/dvd]]
+ - `mac-clone` for [[/install/mac/clone|/install/mac/clone]]
+ - `debian-usb` for [[/install/debian/usb|/install/debian/usb]]
+ - `expert-usb` for [[/install/expert/usb|/install/expert/usb]]
+ - `linux-usb` for [[/install/linux/usb|/install/linux/usb]]
+ - `upgrade-clone` for [[/upgrade/clone|/upgrade/clone]]
+ - `upgrade-tails` for [[/upgrade/tails|/upgrade/tails]]
+<a id="#router"></a>
+The *router* is a sequence of multiple choices that determines which
+installation scenario to follow. It is divided by operating systems:
+ - Windows
+ - macOS
+ - Linux with `APT` and `tails-installer`: Debian, Ubuntu, or Mint
+ - Other Linux distributions
+- Cloning is proposed as an alternative for all operating systems as it is
+ easier and faster.
+- *Download only* is proposed as a minor option on the first page of the
+ router. This is an example of us optimizing for first time users: installing
+ Tails is very complex and we really want them to follow the full installation
+ instructions and not only download and try to figure out the rest by
+ themselves. This is especially true for those who think they are power users
+ which is a good share of our audience.
+ *Download only* is not offered as an option from the
+ sidebar of the website for the same reason and to keep the sidebar as
+ simple as possible.
+- Burning a DVD is also proposed as a minor option because:
+ - DVD are not very popular (13% of the WhisperBack reports received in
+ 2015).
+ - DVD do not benefit from automatic upgrades, so people might be more
+ quickly out-of-date.
+ - DVD does not allow creating a persistent volume, so people cannot
+ rely on long lasting cryptographic keys to secure their
+ communication and might use weaker techniques.
+ - For these same reasons we only provide a download and links to Ubuntu
+ instructions in the scenario.
+- Running in a virtual machine is proposed as a minor option because:
+ - VMs are not very popular (5% of the WhisperBack reports received in
+ 2015).
+ - VMs are less secure because the host operating system can monitor
+ them.
+ - VMs make it harder to create a persistent volume, so people might
+ not rely on long lasting cryptographic keys to secure their
+ communication and might use weaker techniques.
+ - For these same reasons we only provide a download and then point to the
+ documentation on virtualization.
+<a id="overview"></a>
+The *overview* is a single page summarizing graphically:
+ - The requirements of the installation scenario in terms of hardware
+ and time. This is important so that people get ready and make sure
+ beforehand that they have everything needed to complete the
+ scenario.
+ - The different steps. This give a rough idea of what will happen
+ next and how complex it is. This is particularly important as the
+ *steps* are a single and very long page.
+For example, the content of the overview for installing from Debian is
+stored in [[!tails_gitweb wiki/src/install/debian/usb-overview.html]] which includes a common block of
+HTML stored in [[!tails_gitweb wiki/src/install/inc/overview.html]] and uses the `debian` CSS
+class to adapt to the scenario.
+<a id="download"></a>
+The download of the ISO image comes as a dedicated page between the
+overview and steps (except for `clone`, `upgrade-clone`, and `expert`). It
+is also available as a [[standalone page|install/download]].
+The download is split as a dedicated page (while still labeled as "Step
+1") to make it harder for people to skip the verification. It is still
+possible to skip the download or even the verification but the link to
+do so is labeled as a warning.
+We propose two download techniques displayed in equal weight and combined
+with two verification techniques that have a level of verification at least as
+good as HTTPS:
+a. Direct download combined with a browser extension, called *Tails Verification*. See the [[dedicated design
+ document|verification_extension]] for a security analysis of this technique.
+b. BitTorrent download. The Torrent file is downloaded through HTTPS
+ from our website and BitTorrent clients automatically verifies the download once
+ completed.
+We advertise OpenPGP verification as an optional verification technique,
+possibly done on top of the other two techniques and ideally through the
+OpenPGP Web-of-Trust. We assume that this technique is only relevant for
+people who are already knowledgeable about OpenPGP. As a consequence:
+- We only provide simplified instructions on how to perform the
+ verification, insisting on aspects that might still be relevant for
+ this public: verification of the date, command line options, warning
+ when the signing key is not trusted, etc.
+- We take more time to develop the verification of the signing key
+ through the OpenPGP Web of Trust because it is the only technique that is
+ really stronger than HTTPS.
+<a id="steps"></a>
+The *steps* for a given scenario is a very long page with step-by-step
+instructions of the whole process.
+- It is a single page so that people can get a feeling of what is left
+ to be done. During the tests, many people were scrolling up and down
+ the page, for example while waiting for an operation to complete or
+ when feeling that they missed something earlier.
+- The content of each step is written in an inline stored in
+ `install/inc/steps/*.inline.mdwn` which is inlined from the scenarios
+ themselves (for example `install/debian/usb.mdwn`) and adapted to each
+ scenario using CSS classes.
diff --git a/wiki/src/contribute/design/mirrors.mdwn b/wiki/src/contribute/design/mirrors.mdwn
index f9ff9bd..ad64282 100644
--- a/wiki/src/contribute/design/mirrors.mdwn
+++ b/wiki/src/contribute/design/mirrors.mdwn
@@ -5,18 +5,15 @@
The Tails downloads are served using two different mirror pools,
depending on the use case:
-* We have dispatcher code, in JavaScript, that DAVE uses to dynamically modify the
- hostname, in the download link it gets from the ISO description file
- (IDF), so that each user is pointed to random mirror.
+* We have dispatcher code, in JavaScript, that dynamically modifies the
+ hostname in the URL of our ISO image,
+ so that each user is pointed to random mirror.
- [public read-only mirror of the Git repository](
- Vanilla JS (no frameworks)
- The code is deployed live: <>
- - The library code has three consumers:
- * a Firefox extension (DAVE)
- * our website, for downloads we offer outside of the Installation
- Assistant, that are not supported by DAVE, such as images for
- release candidates; and in any case, for browsers that DAVE does
- not support
+ - The library code has two consumers:
+ * our website, primarily on our [[download page|installation_assistant#download]] but also on announcements of
+ release candidates
* Tails Upgrader, that runs the library code with Node.js
- Configuration for the JS is loaded from a JSON file hosted on our
diff --git a/wiki/src/contribute/design/verification_extension.mdwn b/wiki/src/contribute/design/verification_extension.mdwn
new file mode 100644
index 0000000..676056d
--- /dev/null
+++ b/wiki/src/contribute/design/verification_extension.mdwn
@@ -0,0 +1,284 @@
+[[!meta title="Tails Verification (browser extension)"]]
+Software verification is a critical step in the use of secure
+applications but it has traditionally been hard to provide, especially
+from a user perspective. Usual solutions are:
+ - Using HTTPS to download. But in the case of Tails, we are serving so
+ many downloads that we have to rely on [[mirrors hosted by third
+ parties|contribute/design/mirrors]]. HTTPS also doesn't protect from interrupted downloads leading to
+ broken Tails installations.
+ - Providing OpenPGP signatures. But this really works only for the few
+ people who know how to verify an OpenPGP signature and use the
+ OpenPGP Web-of-Trust correctly.
+We are trying here to provide a usable solution to verify a download
+done through HTTP, while relying on cryptographic information fetched
+elsewhere through HTTPS (and possibly with stronger authentication
+mechanisms such as public key pinning from browser vendors).
+We use for that a browser extension, called
+*Tails Verification* which is available for:
+* Firefox 45+ (and Tor Browser 6+)
+* Chrome 22+
+The code of *Tails Verification* is available in `git clone`.
+[[!toc levels=2]]
+Related documents
+- [[Design document of the installation assistant, including the download page|installation_assistant]]
+Provide a simple, automated, and cross-platform technique to verify the ISO
+image of the current version.
+Non goals
+ - Verify deprecated ISO images.
+ - Verify ISO images downloaded from
+ - Verify ISO images downloaded through BitTorrent. If we can rely on
+ our website to provide a correct cryptographic description of the
+ ISO image then we can rely on it as well to provide a correct
+ BitTorrent file. Then we rely on the BitTorrent client to verify the integrity of
+ the download ([[!tails_ticket 9043]]).
+<a id="verification"></a>
+Security considerations
+<a id="threat_model"></a>
+Threat model
+We are considering here an attacker who can:
+ - (A) Provide a malicious ISO image to the user for example by
+ operating a rogue Tails mirror.
+ - (H) Operate a website that is loaded in a different tab in the same
+ browser as the extension. See the section on [[security inside the
+ browser|verification_extension#inside_the_browser]].
+We are not considering an attacker who can:
+ - (B) Do a man-in-the-middle attack by providing a rogue HTTPS certificate
+ for signed by a certificate authority
+ trusted by the
+ browser but under the control of the attacker.
+ Since the extension is targeted at new users, a MitM or exploit on
+ our website could defeat any verification technique by providing
+ simplified instructions or by faking ISO verification.
+ Note that our website is already in the HSTS preload list of Firefox
+ and Chrome which forces HTTPS connections to our website, even for
+ first time visitors.
+ - (C) Insert malicious content on through an
+ exploit on our website as this could trick new users to skip the ISO
+ verification all the way. To prevent this kind of attack we should
+ instead:
+ - Monitor externally the most relevant parts of our website.
+ - Work on integrating full upgrades in Tails Upgrader to limit the
+ number of times people have to rely on our website to upgrade. See
+ [[!tails_ticket 7499]].
+ - (D) Insert malicious information in our main Git repository as such
+ an attacker could do attack (C) as well.
+ - (E) Insert targeted malware on the user's computer as this could
+ defeat any possible verification mechanism that such an extension
+ could do.
+ - (F) Provide a rogue extension to the user as this could defeat any
+ possible verification mechanism that such an extension could do.
+ - (G) Insert malicious content on after taking
+ control of the web server, or entire system, behind it. Such an
+ attacker could do attack (C) as well but in such a way that could be
+ much harder to detect (for example by serving malicious content only to
+ some users).
+ To mitigate such an attack in some cases we could both:
+ - Encourage external documentation (screencasts on YouTube, printed
+ forms, etc.). But those would be vulnerable to other kind of
+ attacks.
+ - Not rely on the website to perform the ISO verification and rely
+ on a native interface accessible from the add-ons menu.
+ But the cost/benefit of such a technique is not very appealing…
+ - [I] Provide a malicious extension in the same browser as this would
+ have similar effects to attack [F].
+<a id="inside_the_browser"></a>
+Security inside the browser
+<div class="bug">
+ This section is outdated.<br />
+ This will be fixed by [[!tails_ticket 15061]].
+The threat described as [H] is taken care of by the internals of the
+browser (and the proper coding of the extension):
+- Only tabs with the same origin can interfere with the tab running the
+ verification.
+- Tabs which would have been opened with `` by a script in
+ the verification tab would have a handle to the window of the
+ verification tab but couldn't touch the content unless they are in the
+ same domain.
+- DAVE doesn't use cross-origin communication.
+- Web pages from a different origin cannot interfere in any way with the
+ result of the verification.
+Of course, any tab can open an alert box saying "Verification
+Successful", but it cannot overlay a different tab and, most important,
+it cannot detect any hint that the verification is happening. Note that the
+extension does not open alert boxes but
+instead modifies the content of the page.
+Bugs in the browser itself that could tamper with the verification
+mechanism would need to be of the "remote code execution vulnerability" kind
+and would represent a threat in many more use cases than when verifying
+an ISO image.
+<a id="update"></a>
+Updates mechanism
+### Automatic update from browsers
+- Chrome checks for updates "[every few
+ hours](".
+- Firefox checks for updates once per day.
+- Tor Browser doesn't prevent those updates [except for Torbutton and
+ Tor Launcher](
+### Enforce version check on our download page
+On top of this, the HTML code of our download page includes a tag to
+force a version of the extension. For example:
+&lt;div id="extension-version"&gt;1.0&lt;/div&gt;
+*Tails Verification* checks the value of this tag and asks for an
+update if its version is lower than the requested version number.
+This mechanism might be useful to force updated extensions with a finer
+time granularity that the native automatic updates from the browsers.
+<a id="technology"></a>
+Extension technology
+The extension is written as a *Web Extension* and the same exact code
+works on both Firefox and Chrome.
+<a id="data_source">
+Data source
+Building up on the format specified for [[upgrade description
+the verification extension fetches an [[!tails_gitweb wiki/src/install/v1/Tails/i386/stable/latest.yml desc="ISO description file"]] from our
+server to retrieve all the information it needs about the ISO image
+(URL, size, checksum, etc.). As a beginning, this ISO description file
+is not signed using OpenPGP.
+### Example of an ISO description file
+ ---
+ build-target: i386
+ channel: stable
+ product-name: Tails
+ version: '0.23'
+ target-files:
+ - sha256: 359d104737f1a448375d2030f938dea3d529468b8218485998ab893c1f7509eb
+ size: 939571200
+ url:
+Checksum verification
+When verifying an ISO image, the extension:
+ - Downloads the ISO description document (size, checksum) from:
+ <>
+ - Verifies the ISO image against the document (first its size, then
+ its checksum).
+Security properties:
+ - This technique would defeat attack A (malicious ISO).
+More complex verification mechanisms could be gradually [[built into
+Tails Installer|blueprint/bootstrapping/installer]] where we can
+defeat attacks B, C, D, F, and G.
+Embedded *Forge* library
+Contrary to its predecessor
+*Tails Verification* cannot rely on native API calls to calculate the
+checksum. So it embeds the *Forge* library:
+We choose *Forge* because it was reported as being the fastest in this
+<a id="html">
+Manipulation of the download page
+The extension modifies what is displayed on the page using two different
+- Mostly through message communication (`postMessage`) sent to a
+ script on the page ([[!tails_gitweb wiki/src/install/inc/js/download.js]]).
+- If an extension is already installed when the page is loaded, through
+ an HTML attribute (`documentElement.dataset.extension`) corresponding
+ to some CSS declarations, to indicate whether the extension is
+ up-to-date or outdated.
+This decouples the code of the extension from the implementation of the
+display on the HTML page (ids, classes, etc.).
+When JavaScript is disabled, the page instructs the user to temporarily
+allow JavaScript on the page (through NoScript, the most likely scenario):
+[[!img install/inc/screenshots/allow_js.png link="no"]]
+They can otherwise still download using BitTorrent.
diff --git a/wiki/src/contribute/git.mdwn b/wiki/src/contribute/git.mdwn
index b1f5eda..ee37f3e 100644
--- a/wiki/src/contribute/git.mdwn
+++ b/wiki/src/contribute/git.mdwn
@@ -198,51 +198,55 @@ available for the promotion material repository.
<a id="puppet"></a>
-Puppet modules
+Puppet code
-Those who have SSH access to these repositories must configure their
-SSH client a bit, e.g.:
+### Puppet manifests
- Host
- HostName d53ykjpeekuikgoq.onion
- ProxyCommand torsocks monkeysphere ssh-proxycommand %h %p
+Only Tails
+[[system administrators|contribute/working_together/roles/sysadmins]]
+have access to our Puppet manifests. If you are not a member of that
+team, please skip to the _Puppet modules_ section below.
-### tails
+1. Configure your SSH client:
-This is the main *public* Puppet module to manage Tails infrastructure,
-including classes such as `tails::reprepro` and `tails::whisperback::relay`.
+ Host
+ HostName d53ykjpeekuikgoq.onion
+ ProxyCommand torsocks monkeysphere ssh-proxycommand %h %p
-Anyone can check it out like this:
- git clone git://
-Developers with write access to the repositories should instead:
- git clone
-### Other Puppet modules
-We use and publish a lot of other Puppet modules. See the section
-about our [[other repositories|git#other-repositories]].
-### tails_lizard_manifests
+2. Clone our private Puppet manifests repository:
-Developers with access to the APT secrets can check it out like this:
+ git clone && \
+ git submodule update --init
- git clone
+All the Puppet modules we use are tracked as Git submodules in
+this repository.
-### tails_secrets_apt
+<a id="puppet-modules"></a>
-Developers with access to the APT secrets can check it out like this:
+### Puppet modules
- git clone
+We use and publish a lot of other Puppet modules. Each of them is
+stored in a Git repository called `puppet-$module`. For example,
+`puppet-tails` is the main public Puppet module we use to manage Tails
+infrastructure, including classes such as `tails::reprepro` and
-### tails_secrets_whisperback
+If you are on the Tails system administration team, use the
+authoritative repositories for these modules at
-Developers with access to the WhisperBack secrets can check it out like this:
+ - They are referenced as Git submodules in our private Puppet
+ manifests repository so you should have a local clone of
+ them already.
+ - Anything you push to these repositories (except `tails_secrets_*`)
+ is automatically synchronized to public mirrors at
+ <>.
+ - Do not push to the public mirrors: your changes would be
+ overwritten by the next automatic synchronization.
- git clone
+Otherwise, you can list, browse and fork these repositories using
+their [[public mirrors|git#other-repositories]].
<a id="other-repositories"></a>
diff --git a/wiki/src/contribute/glossary.mdwn b/wiki/src/contribute/glossary.mdwn
index 839be6e..759cf2f 100644
--- a/wiki/src/contribute/glossary.mdwn
+++ b/wiki/src/contribute/glossary.mdwn
@@ -32,8 +32,8 @@ The words
next release of Tails but fixes for serious bug and security
- the beginning of the said phase.
-* **Front desk**: see the
- [[definition of this shifting role|contribute/working_together/roles/front_desk/]]
+* **Help desk** (formerly: **Front desk**): see the
+ [[definition of this shifting role|contribute/working_together/roles/help_desk/]]
* **Greeter**: the startup menu, see
[[!greeter_gitweb "" desc="its source code"]]
* **IUK**: Incremental Upgrade Kit, see
diff --git a/wiki/src/contribute/how/code.mdwn b/wiki/src/contribute/how/code.mdwn
index 79c95cc..e473f39 100644
--- a/wiki/src/contribute/how/code.mdwn
+++ b/wiki/src/contribute/how/code.mdwn
@@ -42,7 +42,7 @@ our upstreams (i.e. upstream software and Debian). For details about
this, read our [[contribute/relationship_with_upstream]] statement.
Moreover, we encourage you to improve Tails [[by working on
Debian|contribute/how/debian]] or
-[[by working on GNOME|contribute/relationship_with_upstream#gnome-bts]].
+[[by working on GNOME|blueprint/GNOME_bugs_that_affect_Tails]].
Second, we try **not to reinvent the wheel**, and we flee the
[[!wikipedia Not_invented_here]] syndrome like the plague. Very little
diff --git a/wiki/src/contribute/how/documentation/release_notes.mdwn b/wiki/src/contribute/how/documentation/release_notes.mdwn
index 481a3e7..e17055b 100644
--- a/wiki/src/contribute/how/documentation/release_notes.mdwn
+++ b/wiki/src/contribute/how/documentation/release_notes.mdwn
@@ -20,7 +20,7 @@
- Read the Changelog of other updated software (Tor etc.) to find relevant highlights
- Tor: <>
- Tor: <>
- - Tor Browser: <>
+ - Tor Browser: <>
- Firefox: <>
- Thunderbird: <>
- Electrum: <>
diff --git a/wiki/src/contribute/how/documentation/release_notes/template.mdwn b/wiki/src/contribute/how/documentation/release_notes/template.mdwn
index df53e3e..1ae07a0 100644
--- a/wiki/src/contribute/how/documentation/release_notes/template.mdwn
+++ b/wiki/src/contribute/how/documentation/release_notes/template.mdwn
@@ -32,7 +32,7 @@ See the list of [[long-standing issues|support/known_issues]].
- To upgrade, automatic upgrades are available from $VERSION-2 and $VERSION-1 to $VERSION.
- XXX: Check which IUK will be available with `git grep -l "to_${VERSION}\.iuk"` wiki/src/upgrade/v1/Tails/
+ XXX: Check which IUK will be available with `git grep -l "to_${VERSION}\.iuk" wiki/src/upgrade/v1/Tails/`
If you cannot do an automatic upgrade or if you fail to start after an
automatic upgrade, please try to do a [[manual upgrade|upgrade]].
diff --git a/wiki/src/contribute/how/sysadmin.mdwn b/wiki/src/contribute/how/sysadmin.mdwn
index 3872465..663064c 100644
--- a/wiki/src/contribute/how/sysadmin.mdwn
+++ b/wiki/src/contribute/how/sysadmin.mdwn
@@ -11,9 +11,10 @@ Welcome aboard! Please read-on.</p>
# Read this first
-First of all, please read the [[goals and
-principles|contribute/working_together/roles/sysadmins#goals]] of the
-Tails system administration team.
+First of all, please read about the
+and [[principles|contribute/working_together/roles/sysadmins#principles]]
+of the Tails system administration team.
# Skills needed
@@ -103,6 +104,8 @@ To solve a problem with Puppet, you need to:
* Or, create a new Puppet module. But first, try to find an existing
module that can be adapted to our needs.
+See the [[Puppet modules|contribute/git#puppet-modules]] we already use.
Many Puppet modules can be found in the [shared Puppet
the [Puppet Forge](, and on GitHub.
diff --git a/wiki/src/contribute/how/translate/team/it.mdwn b/wiki/src/contribute/how/translate/team/it.mdwn
index f32671d..f8a261a 100644
--- a/wiki/src/contribute/how/translate/team/it.mdwn
+++ b/wiki/src/contribute/how/translate/team/it.mdwn
@@ -13,13 +13,13 @@
We have three main communication channels:
-* Our wiki (, to share guides and tools and to keep trace of who is doing what;
+* Our [[wiki|blueprint/l10n_Italian]], to share guides and tools and to keep trace of who is doing what;
* Online assemblies, to discuss about how translations and reviews are going;
* A [mailing list]( (<>), to plan assemblies and for other day by day communications.
We discuss together which files should have the priority, then each translator makes a branch with a group of files s/he wants to translate. When the translations are ready, they are reviewed by another member of the team and then merged.
-We use Poedit ( for the translations.
+We use [Poedit]( for the translations.
If you want to contribute, please contact us first through the mailing list. We kindly ask not to start translating files on your own before contacting the team, as we prefer to discuss things together and have a consensus before starting to work.
diff --git a/wiki/src/contribute/how/translate/with_Transifex.mdwn b/wiki/src/contribute/how/translate/with_Transifex.mdwn
index cb65620..9cfacdf 100644
--- a/wiki/src/contribute/how/translate/with_Transifex.mdwn
+++ b/wiki/src/contribute/how/translate/with_Transifex.mdwn
@@ -1,17 +1,17 @@
[[!meta title="Translate Tails using Transifex"]]
Most of Tails can be translated directly online, through a simple web interface,
-after logging in with [Transifex](
+after logging in with [Transifex](
- [Tails
- Greeter](
+ Greeter](
- [Tails Persistence
- Setup](
-- [Tails Installer](
-- [Tails Upgrader](
-- [Tails Perl library](
-- [WhisperBack](
-- [A set of various translatable strings](
+ Setup](
+- [Tails Installer](
+- [Tails Upgrader](
+- [Tails Perl library](
+- [WhisperBack](
+- [A set of various translatable strings](
In order to get started with using Transifex, [you can watch their
introductory video](
diff --git a/wiki/src/contribute/how/website.mdwn b/wiki/src/contribute/how/website.mdwn
index 813e40b..5a46ab5 100644
--- a/wiki/src/contribute/how/website.mdwn
+++ b/wiki/src/contribute/how/website.mdwn
@@ -29,6 +29,10 @@ your ideas so that others can benefit from your insight.
The source code for our website (CSS, templates and text) [[lives in
+# Related pages
+[[!map pages="page(contribute/how/website/*)" show="title"]]
# Talk to us
You can subscribe to [[|about/contact#tails-dev]],
diff --git a/wiki/src/contribute/how/website/javascript.mdwn b/wiki/src/contribute/how/website/javascript.mdwn
new file mode 100644
index 0000000..c2c9225
--- /dev/null
+++ b/wiki/src/contribute/how/website/javascript.mdwn
@@ -0,0 +1,39 @@
+[[!meta title="About Javascript on our website"]]
+During the monthly meeting of [[April
+2014|contribute/meetings/201404#local_homepage]] ([[!tails_ticket 7023]]) we
+mentioned the idea of not having any JavaScript on our homepage, and by
+extension, the fact that we should try to limit the amount of JavaScript
+on our website in general. But this discussion was not fully concluded.
+Here are a few elements to try to summarize our position:
+ - JavaScript can be dangerous for security and privacy. Tor Browser is
+ supposed to block all JavaScript that might harm anonymity.
+ But some of the JavaScript allowed by Tor Browser can still be dangerous.
+ - An important part of our audience wants to be careful about
+ JavaScript, for the reason mentioned above, and might disable it
+ fully. To support this use case, we include the NoScript extension.
+ So, to be coherent with this, every part of our website must be
+ functional without JavaScript. This also ensures compatibility with
+ all the levels of the security slider of Tor Browser ([[!tor_bug
+ 9387]]).
+ - We don't know much about JavaScript ourselves, and even less about
+ JavaScript security. So writing JavaScript seems complicated,
+ costly, and error prone. Reusing JavaScript libraries like jQuery
+ looks more feasible without taking much risks.
+ - We are already using JavaScript on our website (see the toggle on
+ the old download page).
+ - JavaScript might allow us to present better our information to some
+ users and improve the experience of navigating on our website.
+ But using it to save us a bit of work or look cool might
+ not be a good enough reason.
+ - We use JavaScript to the minimum while always ensuring graceful
+ degradation.
diff --git a/wiki/src/contribute/l10n_tricks/core_po_files.txt b/wiki/src/contribute/l10n_tricks/core_po_files.txt
index b1000eb..7fa45cb 100644
--- a/wiki/src/contribute/l10n_tricks/core_po_files.txt
+++ b/wiki/src/contribute/l10n_tricks/core_po_files.txt
@@ -42,21 +42,21 @@
@@ -69,28 +69,32 @@
diff --git a/wiki/src/contribute/meetings/201404.mdwn b/wiki/src/contribute/meetings/201404.mdwn
index 6ee5dae..a651c3f 100644
--- a/wiki/src/contribute/meetings/201404.mdwn
+++ b/wiki/src/contribute/meetings/201404.mdwn
@@ -26,6 +26,8 @@ So, we decided to install it in Tails 1.1.
=> we won't reintroduce this root certificate ourselves in Tails.
+<a id="local_homepage"></a>
# Make homepage point to a local file like torbrowser
[[!tails_ticket 7023]]
diff --git a/wiki/src/contribute/meetings/201711.mdwn b/wiki/src/contribute/meetings/201711.mdwn
new file mode 100644
index 0000000..a64842a
--- /dev/null
+++ b/wiki/src/contribute/meetings/201711.mdwn
@@ -0,0 +1,102 @@
+[[!meta title="November 2017 online meeting"]]
+[[!toc levels=2]]
+# Meta
+- Attendees: drwhax, emmapeel, geb, intrigeri, masha, muri, nodens, sajolida, segfault, spriver
+- [[Logs|201711/logs.txt]]
+# Volunteers to handle "Hole in the roof" tickets this month
+- [[!tails_ticket 8447 desc="Persistent data is not erased when persistence features are disabled"]]: still on nodens' plate
+- no one is available to commit on more stuff
+- sajolida has "find another way to handle HITR tickets" high on it's TODO list
+# Availability and Plans until the next meeting
+- masha:
+ - nothing in particular beside help desks shifts + assigned tickets
+- emmapeel:
+ - moving, so a bit away. Back on Front Desk on November 27th.
+- intrigeri:
+ - this week: whatever I have to do to make 3.3 exist as a good Tails release;
+ - next week: OTF summit.
+ - Then some non-Tails work. In other words, I'll be do the bare
+ minimum to keep the boat afloat but don't count on me too much.
+- spriver:
+ - Definitely will do some German translation and the usual release
+ testing.
+ - started working on [[!tails_ticket 14504 desc="Investigate mobile messaging platforms"]]
+ and [[!tails_ticket 10181 desc="Non-discriminatory language - German"]]
+- segfault:
+ - will continue working on the VeraCrypt stuff
+ - also try to work through some of the other stuff i committed to
+- nodens:
+ - availability is a moving beast these times for me ($dayjob is hard
+ to predict).
+ - Plans: more debian stuff and [[!tails_ticket 8447 desc="Persistent
+ data is not erased when persistence features are disabled"]]
+- drwhax:
+ - hope to actually work on some of the randomness tickets this month
+ - next week: at the OTF summit.
+- sajolida:
+ - Finish the work on the new download page and verification extension; hopefully... somehow...
+ - Do fun UX stuff as I'm under-clocked on this budget line (breaking news: under-clocking happens!)
+ - Catch up with a bunch of technical writing reviews and tiny stuff
+ - Prepare the VeraCrypt UX sprint in December
+# Volunteers to handle important tickets flagged for next release, but without assignee
+There are no such tickets.
+# Important missing bits in the next monthly report
+Intrigeri needs one more day to add his part
+# Tickets flagged for Discussions in the blueprint
+There are no such tickets.
+# Other tickets
+## [[!tails_ticket 14808 desc="OpenPGP Applet should display long keyid (or even only FP)"]]
+### Problem description:
+Currently OpenPGP applet show hex key id (short) in pub key selection.
+The Fingerprints are shown as mouse-over. The mouse-over will probably
+go in the not to distant future.
+### Discussion summary:
+- It's not used for key verification, only disambiguation.
+- user should not rely on id for verification (any id).
+- seahorse-tool show short key id
+- Fingerprint here would be confusing.
+### Decision:
+Since seahorse-tool show short key id, we should stick with that, or,
+preferably, display no id at all. Then we would show the key creation
+date for disambiguation.
+## [[!tails_ticket 6387 desc="Create screencast videos of installing Tails onto a USB stick"]]
+### Problem description:
+Comment #18 on the ticket. In short: do we really want this, seeing that
+it's not easy to do correctly ?
+### Discussion summary:
+- we don't have the manpower / skills to do that ourselves and maintain
+ such screencasts (not even talking about making it translatable)
+- we can rely on other people work, like the video from
+ Infosec/Bytes/CIJ:
+- it could be useful for some stuff, for instance the FAT32 vs
+ NTFS problems
+### Decision:
+Reject this ticket. We acknowledge that such videos could be useful, but
+we can't maintain them ourselves
diff --git a/wiki/src/contribute/meetings/201711/logs.txt b/wiki/src/contribute/meetings/201711/logs.txt
new file mode 100644
index 0000000..ce9e3a4
--- /dev/null
+++ b/wiki/src/contribute/meetings/201711/logs.txt
@@ -0,0 +1,286 @@
+(19:00:08) intrigeri: meeting time
+(19:00:24) intrigeri: who's here for the meeting (3rd one in a row for some of us, crazy!)
+(19:00:25) intrigeri: ?
+(19:00:32) segfault: i am
+(19:00:44) intrigeri: note taking, facilitation, anyone?
+(19:00:53) emmapeel: imm for the meeting
+(19:01:05) nodens: .o/
+(19:01:05) segfault: i can take notes if nobody else wants to do it
+(19:01:13) intrigeri: I can *force myself* to do one of those but at first glance I'd rather not.
+(19:01:18) spriver: i'm here
+(19:01:49) masha: I am
+(19:02:01) nodens: I can take notes, not confortable with "facilitation", whatever that mean (I guess it's what was called hosting before)
+(19:02:14) sajolida: i'm here
+(19:02:16) intrigeri: nodens: yes.
+(19:02:27) intrigeri: masha, sajolida: wanna host?
+(19:02:56) muri: i'm here
+(19:02:59) masha: really would rather not, I would be pretty bad...
+(19:03:21) goupille a quitté le salon (Disconnected: closed)
+(19:03:33) sajolida: i can do whatever
+(19:03:38) geb: i am here for the meeting
+(19:03:38) masha: yes!
+(19:03:47) intrigeri: OK, so nodens take notes and sajolida hosts. Great.
+(19:03:55) intrigeri:
+(19:04:14) intrigeri: funky, we have an empty agenda.
+(19:04:14) sajolida: First point is: Volunteers to handle "Hole in the roof (" tickets this month
+(19:04:28) sajolida: Please have a look at the list here:
+(19:05:10) intrigeri: had to take over work from anonym, might have to take over some more => postponed quite a few of my tickets and won't commit to new stuff. so: no.
+(19:05:23) sajolida: and speak up if you can:
+* Assign one of these to you
+* Provide useful information on one of them
+* Help unblock one of them
+(19:05:35) nodens: I did volunteer last month on #8447, but it might be a bit beyond my skills -> I need more time
+(19:05:36) Tailsbot: Tails ☺ Bug #8447: Persistent data is not erased when persistence features are disabled
+(19:05:59) nodens: (actually it's still assigned to me)
+(19:06:13) sajolida: NB: I have high in my todo list to call for a meeting to find another way of dealing with Holes in the Roof but I was waiting for intrigeri to come back and be more available before calling for that meeting :)
+(19:06:14) intrigeri: nodens: you know where to find me :)
+(19:06:27) nodens: won't commit on any other stuff, I have a bunch of debian stuff I'd like to look into as well
+(19:07:02) intrigeri: sajolida: so we can maybe have this meeting at some point in 2019Q3, I think I have some free time then.
+(19:07:11) drwhax: hehe :)
+(19:07:15) segfault: i also don't feel like committing to more stuff
+(19:07:26) intrigeri: wise words, everyone.
+(19:07:55) emmapeel: :D
+(19:08:10) sajolida: ok, let's move on then...
+(19:08:13) nodens: intrigeri: I know where... not when :D
+(19:08:27) sajolida: Next point is: Volunteers to handle important tickets flagged for next release, but without assignee
+(19:08:48) sajolida: please help me spot any such ticket...
+(19:09:29) intrigeri: there's one
+(19:09:32) intrigeri:
+(19:09:33) Tailsbot: Tails ☺ Bug #14772: Test suite reports incomplete (and thus useless) info when systemctl is-system-running fails
+(19:09:44) intrigeri: well, actually it's a mistake, let me fix it..
+(19:09:49) sajolida: cool!
+(19:09:55) intrigeri: so there's none.
+(19:10:01) sajolida: next point is: Availability and plans until the next meeting
+(19:10:48) masha: nothing apart from my help desk shifts
+(19:10:59) masha: and answer on assigned tickets
+(19:11:16) emmapeel: i am moving these days so i am a bit away
+(19:11:20) spriver: I'm getting back into Tails stuff, so let's see. definitely will do some German translation and the usual release testing. besides of that I started working on #14504 and #10181
+(19:11:21) Tailsbot: Tails ☺ Bug #14504: Investigate mobile messaging platforms
+(19:11:21) Tailsbot: Tails ☺ Feature #10181: Non-discriminatory language - German
+(19:11:29) intrigeri: This week: whatever I have to do to make 3.3 exist as a good Tails release; next week: OTF summit. Then some non-Tails work. In other words, I'll be do the bare minimum to keep the boat afloat but don't count on me too much.
+(19:11:39) intrigeri: spriver: seen that, amazing!
+(19:11:56) segfault: i will continue working on the VeraCrypt stuff and also try to work through some of the other stuff i committed to
+(19:12:20) spriver: somebody has to tell me how to actually create a blueprint. (
+(19:12:45) nodens: availability is a moving beast these times for me ($dayjob is hard to predict). Plans: more debian stuff and this Hole in the roof ticket
+(19:12:46) drwhax: I hope to actually work on some of the randomness tickets this month, next week im at the OTF summit.
+(19:13:30) intrigeri: spriver: ask someone who has git commit access and they'll do it.
+(19:13:42) spriver: intrigeri: ack
+(19:14:37) sajolida: * Finish the work on the new download page and verification extension; hopefully... somehow...
+* Do fun UX stuff as I'm under-clocked on this budget line (breaking news: under-clocking happens!)
+* Catch up with a bunch of technical writing reviews and tiny stuff
+* Prepare the VeraCrypt UX sprint in December
+* As time allows, try to do less and be less stressed about everything, ha ha!
+(19:14:57) sajolida: emmapeel, masha: Any plans?
+(19:15:30) pablonatalino a rejoint le salon.
+(19:15:34) nodens: they already said theirs
+(19:15:35) sajolida: pablonatalino: hi!
+(19:15:36) masha: sajolida: I already said I think
+(19:15:45) nodens: I have them in my notes ;)
+(19:16:01) emmapeel: sajolida: i am moving, so not many plans
+(19:16:04) sajolida: masha: indeed, i missed that!
+(19:16:12) masha: sajolida: no problem
+(19:16:18) pablonatalino: sajolida: hi
+(19:16:22) intrigeri: sajolida: *under* clocking, OMG!!
+(19:16:24) sajolida: pablonatalino: we're discussing availability and plans, in case you want to add something
+(19:16:38) sajolida: intrigeri: crazy shit!
+(19:16:49) emmapeel: ill be back on frontdesk on November 27
+(19:16:50) pablonatalino: sajolida: ok
+(19:17:44) intrigeri: emmapeel, masha: starts to look a bit worrying, but I didn't look closely so perhaps it's well under control. you know better :)
+(19:18:04) nodens: sajolida: oh I have UX questions but I don't know if it's fun ;)
+(19:18:28) sajolida: while i want to leave some time for pablonatalino to speak about his plans (if he wants) you can start reading the monthly report and spot missing stuff:
+(19:18:43) emmapeel: yeah we need to look at it intrigeri
+(19:18:59) sajolida:
+(19:19:35) masha: intrigeri: it's pretty much fine for me according to my shifts :) but sure we have to work on it better
+(19:19:38) intrigeri: I didn't add my bits to the report yet, will do tomorrow.
+(19:19:46) sajolida: nodens: shot! either on Redmine or by email... though I'm better at email than Redmine
+(19:19:56) nodens: sajolida: will do :)
+(19:20:00) intrigeri: masha: OK, cool.
+(19:20:25) sajolida: masha, emmapeel: we're missing the "Hot topics on our help desk" for the report
+(19:20:32) sajolida: any ETA? who shall i ping?
+(19:20:38) masha: tails-bugs
+(19:21:09) nodens: I'm never sure if what I do should go in the report, like "fixed a long standing bug that no one really cared about in openpgp-applet, will be in next release or the one after"
+(19:21:12) sajolida: since two of you are here already, i won't ping explicitely then :)
+(19:21:12) masha: tagging [internal] works better
+(19:21:13) emmapeel: #14755
+(19:21:14) Tailsbot: Tails ☺ Bug #14755: Tails Installer treats drives differently depending on when they are plugged
+(19:21:54) intrigeri: let's not re-do the foundations team / help desk meeting now, just ensure this is added to the report :)
+(19:21:54) sajolida: nodens: anything you want! writing the monthly report also gives me a sense of achievement and makes me a bit happier
+(19:22:43) sajolida: ok, please tell me if you still need more time on the monthly report...
+(19:22:51) nodens: META: do the stuff about the report go in the meeting minutes ?
+(19:22:57) emmapeel: u said something about money for translation web interface but i dont know enough
+(19:22:57) intrigeri: sajolida: I need 1 more day.
+(19:23:02) muri: the limesurvey monitor link ( doesn't work (no repo found)
+(19:23:07) intrigeri: nodens: I would say no.
+(19:23:09) sajolida: nodens: nah!
+(19:23:23) intrigeri: muri: known immerda bug
+(19:23:24) nodens: ok that's what I thought. I'll include the full log anyway
+(19:23:31) intrigeri: sajolida: instead instruct to git clone?
+(19:24:10) intrigeri: muri: we don't bother immerda about it (even though it's quite painful not to have cgit for any new repo) because we prefer them to work on the GitLab thing.
+(19:24:19) intrigeri: muri: I'll ask ng for a status update one of these days.
+(19:24:35) sajolida: i'll fix that when publishing it
+(19:24:49) intrigeri: (but this has been going on for 1-2y so perhaps at this point it's worth fixing cgit integration..)
+(19:25:36) sajolida: ah, and we don't have any discussion listed on the agenda, so if you're done with the monthly report you can got hunt for discussions on Redmine
+(19:25:42) sajolida: note that they need to be prepared enough
+(19:26:05) nodens: well I have a discuss ticket assigned to me but it's very low priority
+(19:26:19) nodens: #14808 (
+(19:26:19) Tailsbot: Tails ☺ Bug #14808: OpenPGP Applet should display long keyid - Tails - RiseupLabs Code Repository
+(19:26:43) nodens: (OTOH, it should be a short discussion)
+(19:26:58) intrigeri: nodens: should we read the full ticket? or can you sum up what's up for discussion?
+(19:27:23) nodens: there is no comment in the ticket, so it's short, but I can summarize
+(19:27:50) sajolida: cool, let's do this one then!
+(19:28:43) nodens: Currently OpenPGP applet show hex key id (short) in pub key selection. The Fingerprints are shown as mouse-over. The mouse-over will probably go in the not to distant future
+(19:29:38) nodens: the interface has to be redone a bit, I was wondering if it's worth it keeping the short hex id somewhere (so the user might find it if they relied on it, which they shouldn't)
+(19:29:44) intrigeri: why do we want/need to display key IDs at all?
+(19:29:47) nodens: and if it was indeed worth it to show the id
+(19:29:53) intrigeri: fwiw seahorse doesn't
+(19:30:01) nodens: seahorse show only fingerprint
+(19:30:07) nodens: I was going to go this way
+(19:30:26) intrigeri: nodens: where in seahorse? the main UI displays only UIDs
+(19:30:28) nodens: but thought it might be worth discussing this a bit before actually starting
+(19:31:20) nodens: intrigeri: you're right, I must have confused with something else.
+(19:31:24) segfault: i think it should display the fingerprint instead of a key id
+(19:31:34) intrigeri: "seahorse-tool --encrypt /tmp/bla" displays short keyids, for disambiguations I guess.
+(19:31:40) geb: nodens: I don't use gpgapplet much, so i don't remind precisely the interface. But if i may, a quick opinion: I would prefer in order fingerprint > long > short. If you want to keep short (/long?) id visible, maybe could you consider emphazing it it in bold when displaying the fingerprint. Thats usally what i do, even if i am not sure it is really helpful.
+(19:32:28) intrigeri: I say do the same as seahorse. Rationale: it's *not* the interface where people will manually check fingerprints. But UIDs are useful to disambiguate between N keys that share UIDs.
+(19:32:42) masha: yep
+(19:32:47) intrigeri: geb: could you please explain the rationale behind this opinion?
+(19:32:59) sajolida: In Seahorse:
+* In the list of key there's neither the key id nor the fingerprint
+* In the "Owner" tab (first tab to open) there's the short id
+* The fingerprint is in the "Details" tab
+(19:33:36) intrigeri: sajolida: fyi you're talking about key management, while this ticket is about selecting keys for encryption, which is a different situation.
+(19:33:58) intrigeri: sajolida: better look at "seahorse-tool --encrypt /tmp/bla" if you want to draw inspiration from them.
+(19:33:59) nodens: yes, thanks intrigeri, this needs to be clear: it's not the place to check a f/p
+(19:34:00) geb: intrigeri: Easier to find the short id/long in one quick look. But as i said, i am not sure its relevant. I am just use to do it, when i present fingerprints.
+(19:34:39) sajolida: ah, sure... so in that case they display Name + (Short) Key ID
+(19:34:46) emmapeel: i dont think useful to get users used to short keyids
+(19:35:29) intrigeri: emmapeel: do you mean it would suggest it's a strong identifier and can be relied upon for other things than disambiguation?
+(19:35:58) emmapeel: well i think short keyids should dissappear and never be used anymore
+(19:36:08) intrigeri: emmapeel: I tend to agree, but OTOH a fingerprint is not actionable info in this context, so displaying this is folklore and teaches people to ignore info we display, which has its problems too.
+(19:36:20) emmapeel: hmmm tru
+(19:36:50) intrigeri: so basically we need to choose between "suggest that short keyids are always OK" vs. "suggest that ignoring fingerprints is always OK", and both are bad.
+(19:36:53) sajolida: yeap, the only point of some sort of key id here is to disambiguation when you have two keys for the same email address
+(19:37:06) masha: yes
+(19:37:32) sajolida: so long key ids might be a sweet spot :)
+(19:37:38) nodens: so a compromise would be to show long ids
+(19:37:49) nodens: haha sajolida beat me to it
+(19:37:52) sajolida: it's also what we display on the gpg command line in Tails by default, by the way
+(19:37:53) intrigeri: how would a user use the keyid to disambiguate in practice? personally either I remember by heart how the short keyid looks like (rarely), or I need to go check the end of the fingerprint in another, key management software.
+(19:38:28) intrigeri: sajolida: we also display the fingerprint.
+(19:38:34) intrigeri: sajolida: (of the master key)
+(19:38:46) nodens: note that I intend to find a way to show trust level and expired/revoked keys are never shown.
+(19:38:53) intrigeri: ("with-fingerprint" in gpg.conf)
+(19:39:00) sajolida: yes, and in .gnupg/gpg.conf we have "keyid-format 0xlong"
+(19:39:28) nodens: intrigeri: so in your case, showing the FP is actually usefull ;)
+(19:39:31) sajolida: and gpg has no option for --keyid-format fingerprint or something...
+(19:39:50) intrigeri: I see 2 options: 1. easy one: just do like Seahorse and be done with it; 2. hard one: take a step back and reason about what exactly we expect users to *do* with this info we display.
+(19:40:17) intrigeri: sajolida: you don't care about fingerprint of subkeys as they're certified by the master key.
+(19:40:19) nodens: intrigeri: for clarification sake, you mean seahorse and not seahorse-tool ?
+(19:40:38) intrigeri: sajolida: so for crypto verification purposes "--keyid-format fingerprint" is not needed / not useful.
+(19:41:02) intrigeri: nodens: no, sorry, I meant "Seahorse when it presents a key selection dialog, i.e. seahorse-tool"
+(19:41:29) sajolida: wow, intrigeri is well versed into the mysteries of OpenPGP!
+(19:41:31) intrigeri: nodens: no, in my case it's not useful as I'll only look at the *end* of the fingerprint == the end of the short keyid.
+(19:42:22) nodens: ok. My only concern with keeping short hex id is that it contradicts what we say elsewhere, i.e. short keyids are unsafe
+(19:42:40) nodens: I'm find with keyids otherwise for disambiguation purpose
+(19:42:51) intrigeri: I would go with the first option I've proposed, unless we're ready to put serious UX work into the 2nd one, and I don't think it's worth it if it's only for OpenPGP applet. If it's going to be a shared effort with GNOME, then fine, go for the 2nd option.
+(19:43:37) spriver: intrigeri: full ack
+(19:43:43) intrigeri: nodens: I think everywhere else we say "short keyids are unsafe for key verification", not "short keyids are unsafe". a number can't be safe/unsafe outside of any practical context.
+(19:44:35) nodens: OK, so, anyone else ?
+(19:44:42) masha: fine with it
+(19:44:47) nodens: do we reach consensus ?
+(19:44:54) intrigeri: (now, I understand that from a novice user's perspective, "short keyids are unsafe" is simpler, even if it doesn't mean anything..)
+(19:44:55) nodens: (I still have to take notes ;) )
+(19:45:29) nodens: intrigeri: yes that's my point. People tend to confuse a lot those things regarding encryption etc.
+(19:45:29) intrigeri: I think I've shared all the insight I could so I'll shut up. I'm curious what sajolida thinks.
+(19:45:38) sajolida: i found no bug about this on the Seahorse or Debian bug trackers
+(19:45:43) emmapeel: im fine
+(19:45:56) pablonatalino a quitté le salon
+(19:46:16) sajolida: sajolida thinks it super duper low prio
+(19:46:27) nodens: I warned :D
+(19:46:30) sajolida: and is fine with whatever :)
+(19:46:36) sajolida: but yes, we were warned
+(19:46:52) nodens: also I think we spent already too much time on this one
+(19:47:06) nodens: I'll resume the discussion and rationale on the ticket
+(19:47:12) sajolida: and being super duper low prio, whatever nodens prefers like doing would be fine for me, short or long (maybe not fingerprint indeed)
+(19:47:13) masha: cool, thanks
+(19:47:26) intrigeri: (I'm *almost* tempted to propose we display only the last 2 digits of the short keyid, which hopefully nobody will believe is a strong identifier for key verification purposes.)
+(19:47:46) sajolida: or the date of creation :)
+(19:47:46) intrigeri: I'm rather strongly opposed to long keyid.
+(19:47:52) intrigeri: sajolida: yes, this!
+(19:47:55) nodens: I'm against it because it's more work ;)
+(19:48:08) nodens: date of creation is actually an interesting one
+(19:48:09) intrigeri: sajolida: *that*'s the perfect disambiguation criterion
+(19:48:14) sajolida: that's usually what i used to disambiguate between keys and not any id
+(19:48:22) sajolida: you're welcome :)
+(19:48:24) intrigeri: perfect.
+(19:48:46) emmapeel: good idea!
+(19:49:28) sajolida: the power of bluesky ideas, thanks intrigeri for the "2 digits" :)
+(19:49:28) intrigeri: hopefully nobody will believe is a strong identifier for key verification purposes, and it doesn't mess up the "short keyids must burn in hell" propaganda.
+(19:49:38) intrigeri: sajolida: out of the box thinking, man!
+(19:49:41) sajolida: dkg will be proud of us!
+(19:49:56) intrigeri: ♥ dkg
+(19:49:58) spriver: :D haha
+(19:50:31) sajolida: ok, does anybody wants to discuss this more? or are we all fine with using the date of creation instead of the short key id?
+(19:50:37) masha: fine
+(19:50:40) nodens: OK so let's use that as a decision: keep as-is is fine and if anything, drop the ID to show date of creation instead
+(19:50:45) sajolida: (we could even report that one upstream to seahorse actually)
+(19:50:56) intrigeri: is Discuss but apparently help desk didn't triage it yet
+(19:50:57) Tailsbot: Tails ☺ Feature #14897: Suggestions for the about:config
+(19:51:07) intrigeri: emmapeel: any clue who was on duty?
+(19:51:09) sajolida: i have another ticket to propose
+(19:51:14) intrigeri: sajolida: ack.
+(19:51:18) nodens: sajolida, yes but it's seahorse-tool not seahorse, which is kinda under-maintained
+(19:51:31) intrigeri: both are under-maintained.
+(19:51:35) sajolida: nodens: thanks, i never remember about that stuff...
+(19:51:59) intrigeri: sajolida: #14743 ? (half joking)
+(19:52:00) Tailsbot: Tails ☺ Bug #14743: Get money from ads on our website or code
+(19:52:02) masha: emma was on duty
+(19:52:06) sajolida: ok, so we have 9 minutes left and i think it should be enough to close: #6387
+(19:52:07) Tailsbot: Tails ☺ Feature #6387: Create screencast videos of installing Tails onto a USB stick
+(19:52:27) intrigeri: masha: OK, so we do have a backlog of new tickets that were not handled. this matches my impressions.
+(19:52:45) intrigeri: screencast, again? didn't we reject this already?
+(19:52:48) sajolida: we can consider #6387#note-18 as a (very impartial!) preparation of the discussion...
+(19:52:59) emmapeel: oops that would be me intrigeri
+(19:53:08) nodens: I think it was postponed for lack of concensus.
+(19:53:12) nodens: consensus sorry
+(19:53:14) sajolida: i kind of wanted to here other people's opinion, but i'm also fine closing it after you gave yours :)
+(19:53:41) masha: fine closing it
+(19:54:01) spriver: me too
+(19:54:04) nodens: fine closing it as well
+(19:54:14) segfault: is this covered in the infosec videos? (i didn't watch them yet)
+(19:54:20) segfault: infosec bytes i mean
+(19:54:23) intrigeri: I already ack'ed sajolida's proposal on the ticket i.e. reject. With the FAT32 vs. NTFS mess I wonder if a screencast would help, perhaps it would, but still: cost/benefit is definitely too high.
+(19:54:34) nodens: if other people *want* to create such video we can watch them and give or not a seal of approval of some kind
+(19:54:49) intrigeri: segfault: no idea. I bet they'll be outdated and not maintained in less than 12 months though.
+(19:54:58) emmapeel: we should add the infosec bytes videos to the monthly report btw
+(19:55:07) segfault: it is covered in the infosec bytes videos
+(19:55:16) intrigeri: (hopefully they're not outdated already by the updated Installer..)
+(19:55:23) nodens: (also I'm very much against the concept of documentation by video. I hate those)
+(19:55:25) segfault:
+(19:55:26) intrigeri: (if they've been lucky they should be good)
+(19:55:31) geb: segfault: thanks for raising that, i was thinking thinking about but still reading the ticket.
+(19:55:35) pablonatalino a rejoint le salon.
+(19:56:08) intrigeri: note that *linking* to their vid is
+(19:56:09) Tailsbot: Tails ☺ Bug #14913: Add link to video tutorial from Infosec//Bytes//CIJ
+(19:56:11) sajolida: having an animated GIF for the FAT32 vs NTFS mess is definitely something to consider!
+(19:56:18) sajolida: i'll writing this down somewhere...
+(19:56:25) intrigeri: #6387 is about creating/maintaining it ourselves.
+(19:56:26) Tailsbot: Tails ☺ Feature #6387: Create screencast videos of installing Tails onto a USB stick
+(19:57:34) segfault: i understand that #6387 is about creating a video ourselves, but i thought it would be relevant if such a video already exists
+(19:57:55) masha: then it needs another ticket
+(19:58:15) masha: which #14913 is
+(19:58:19) intrigeri: the infosec vid is missing steps.
+(19:59:13) intrigeri: e.g. they don't show how to start Tails Installer. whatever.
+(20:00:05) intrigeri: anyways.. anyone thinks we should create/maintain such screencasts ourselves? and make them translatable somehow?
+(20:00:58) spriver: intrigeri: I don't feel good about this idea. I think it is a lot of work to do
+(20:01:00) nodens: we don't have the manpower / skills to do that ourselves and maintain it (not even talkging about making it translatable)
+(20:01:04) masha: agree with spriver
+(20:01:21) geb: agree too
+(20:01:45) sajolida: cool, so we drop that and still keep an eye on the Infosec videos (at some point)
+(20:02:05) sajolida: well... the meeting is over, friends!
+(20:02:13) intrigeri: yep, 62 minutes
+(20:02:14) pablonatalino a quitté le salon (Disconnected: closed)
+(20:02:15) sajolida: thank you very much for attending!
+(20:02:17) intrigeri: thanks!
+(20:02:19) spriver: ack. I think it's a good thing to link to such (good) videos, at least in the monthly report/media appearances
diff --git a/wiki/src/contribute/meetings/201712.mdwn b/wiki/src/contribute/meetings/201712.mdwn
new file mode 100644
index 0000000..f76d7da
--- /dev/null
+++ b/wiki/src/contribute/meetings/201712.mdwn
@@ -0,0 +1,56 @@
+[[!meta title="December 2017 online meeting"]]
+[[!toc levels=2]]
+# Meta
+- Attendees: emmapeel, intrigeri, jvoisin, masha, muri, nodens, u, sajolida, spriver
+- [[Logs|201712/log.txt]]
+# Volunteers to handle "Hole in the roof" tickets this month
+* intrigeri: triage [[!tails_ticket 10987]] ("Tails Installer
+ sometimes fails with: No support for modifying a partition a table
+ of type `PMBR'") and its relationship with [[!tails_ticket 15010]]
+ ("Installer: get rid of workaround for udisks")
+* nodens: [[!tails_ticket 8447]] ("Persistent
+ data is not erased when persistence features are disabled")
+# Volunteers to handle important tickets flagged for next release, but without assignee
+There are no such tickets.
+# Availability and plans until the next meeting
+* intrigeri: two sprints & lots of work sessions + meetings scheduled
+* masha: frontdesk
+* nodens: low availability
+* spriver: will be around
+* muri: curate monthly report, look into errbot again
+* u: available for meetings scheduled with intrigeri and here and there
+# Important missing bits in the next monthly report
+People will add their bits.
+# [[!tails_ticket 13649 desc="Decide what to do with Memory Hole in Thunderbird"]]
+Problem description:
+The new version of Torbirdy enables a feature called Memory hole, which is
+shipped in Enigmail. This feature aims at not only encoding email text, but
+also the subject as well as referrers. This is done using some kind of
+encrypted meta headers and sending out emails with a generic subject. The mail
+client is now responsible for decrypting and displaying the meta headers. This
+works partly in Thunderbird, subjects can be decrypted while being sent with
+the generic subject line. But the referrers and reply-tos are broken, as the
+feature is not yet implemented and it has not even been defined entirely yet.
+These encrypted subjects also don't not work with Schleuder.
+- We disable Memory Hole in Tails.
+- We wait 1 more year before discussing again a strategy on when to enable it back.
+- We keep an eye open on what other MUA and encrypted mailing list software are doing.
+- Tweet about how cool Memory Hole is and that we want to enable soon but are blocked by other software.
diff --git a/wiki/src/contribute/meetings/201712/log.txt b/wiki/src/contribute/meetings/201712/log.txt
new file mode 100644
index 0000000..bb5a5aa
--- /dev/null
+++ b/wiki/src/contribute/meetings/201712/log.txt
@@ -0,0 +1,274 @@
+(19:09:29) sajolida: then let's start with the first point:
+(19:09:36) sajolida: - Volunteers to handle "Hole in the roof (" tickets this month
+(19:09:58) sajolida: Everybody please have a look at this Redmine view and speak up if you think you can help with any of these...
+(19:10:46) sajolida: let me post the list, hi hi!
+(19:11:14) nodens: Still trying to wrap my head around #8447
+(19:11:20) masha: I won't volunteer for any
+(19:11:32) nodens: (Bug #8447 ( Persistent data is not erased when persistence features are disabled)
+(19:11:35) spriver: where's Tailsbot?
+(19:11:42) masha: on strike
+(19:11:45) nodens: (no tailsbot T T)
+(19:11:47) sajolida: Bug #5447: Fix DVD eject at shutdown
+Bug #6907: ikiwiki po plugin does not play well with inline directives
+Bug #8447: Persistent data is not erased when persistence features are disabled
+Bug #8690: tails-install-iuk's output is not forwarded to the Upgrader error reporting
+Bug #8897: The link to persistence documentation in tails-persistence-setup doesn't trigger any user-visible action
+Bug #10987: Tails Installer sometimes fails with: No support for modifying a partition a table of type `PMBR'
+Bug #12146: Intermediary Tails is not seen as a bootable device on MacBook Pro
+Feature #5340: Analyze Jake FOCI12 paper
+Feature #5975: Update design documentation about network fingerprinting
+Feature #7102: Evaluate how safe haveged is in a virtualized environment
+Feature #7700: Have a distribution mechanism for the revocation certificate of our signing key
+Feature #10022: Have experts review our revocation mechanism of Tails signing key
+(19:12:10) Tailsbot hat den Raum betreten.
+(19:12:23) u: no time until ... puhh
+(19:12:39) spriver: hi Tailsbot!
+(19:12:40) sajolida: same here: no time until ... puhh
+(19:12:53) intrigeri: I'll try to triage #10987 (already on my plate): I'm pretty sure it will disappear once we stop supporting anything older than Buster.
+(19:12:54) Tailsbot: Tails ☺ Bug #10987: Tails Installer sometimes fails with: No support for modifying a partition a table of type `PMBR'
+(19:13:14) intrigeri: aka #15010
+(19:13:15) Tailsbot: Tails ☺ Bug #15010: Installer: get rid of workaround for udisks bug#418 in SetFlags()
+(19:13:17) spriver: I actually printed the paper from #5340 and started reading it but I found it quite boring and obvious so far
+(19:13:17) Tailsbot: Tails ☺ Feature #5340: Analyze Jake FOCI12 paper
+(19:13:31) sajolida: intrigeri, jvoisin: anything to add?
+(19:13:35) sajolida: spriver: cool!
+(19:13:39) jvoisin: nope
+(19:13:59) intrigeri: nope, that's all for me. one is more than enough.
+(19:14:48) sajolida: the next point is: Volunteers to handle important tickets flagged for next release, but without assignee
+(19:14:53) sajolida:*&f%5B%5D=&c%5B%5D=priority&c%5B%5D=subject&c%5B%5D=category&c%5B%5D=cf_15&c%5B%5D=assigned_to&c%5B%5D=cf_9&group_by=status&t%5B%5D=
+(19:15:27) sajolida: the two relevant tickets seem to be:
+(19:15:44) sajolida: #13541: Tor still sometimes fails to bootstrap in the test suite ← Test suite guys, what's up with this one?
+(19:15:46) Tailsbot: Tails ☺ Bug #13541: Tor still sometimes fails to bootstrap in the test suite
+(19:16:24) intrigeri: corrected target version on another ticket.
+(19:16:30) sajolida: #13649: Decide what to do with Memory Hole in Thunderbird ← spriver, u, intrigeri: you've been active on this ticket, do you think that the discussion is prepared enough and worth to have during this meeting?
+(19:16:31) Tailsbot: Tails ☺ Feature #13649: Decide what to do with Memory Hole in Thunderbird
+(19:16:54) u: ouhla, lemme see
+(19:16:59) intrigeri: I'll look at the 1st question first.
+(19:17:13) sajolida: oops, i think the version numbers haven't been updated on Redmine
+(19:17:14) sajolida: ...
+(19:17:28) spriver: sajolida: I haven't looked at it in detail for some time now
+(19:17:50) intrigeri: dropping the target version on #13541
+(19:17:57) intrigeri: sajolida: what?
+(19:18:04) intrigeri: sajolida: I did update all that. no?
+(19:18:14) sajolida: "Release Manager View: 3.4 (" → points to 3.5 tickets
+(19:18:26) u: memory hole discussion sounds doable
+(19:18:26) emmapeel hat den Raum verlassen (Connection failed: connection closed).
+(19:18:28) intrigeri: aaah, in the custom queries. right, I didn't do that.
+(19:18:33) sajolida: i think the problem is only on the label of the view
+(19:18:34) emmapeel hat den Raum betreten.
+(19:18:41) intrigeri: sajolida: I'll fix it.
+(19:18:57) emmapeel: test
+(19:19:00) sajolida: ok, so we're done with *this point* of the agenda and might come back to Memory Hole in the discussions
+(19:19:01) sajolida: thanks!
+(19:19:03) u: ohai emmapeel
+(19:19:23) sajolida: meta: i have two fingers with fresh wounds, so i'm typing a bit slower than usual :)
+(19:19:36) sajolida: next point is: Availability and plans until the next meeting
+(19:19:36) masha: ok
+(19:20:06) sajolida: next meeting in Wednesday January 3
+(19:20:17) emmapeel: ill be around, currently doing frontdesk
+(19:20:27) intrigeri: availability: I have two sprints & lots of work sessions + meetings scheduled, which will make my availability lower.
+(19:20:47) masha: emma: no, actually I'll be doing frontdesk :)
+(19:20:53) emmapeel: oh true
+(19:20:56) emmapeel: hehe
+(19:21:00) intrigeri: plans: unclear what I'll be able to do on top of all these scheduled things.
+(19:21:01) nodens: for me, probably low availability, this time of the year again: usually lot of $dayjob stuff + personnal.
+(19:21:03) u: sajolida: we'll add this to our computations of keystroke dynamics scripts!
+(19:21:09) spriver: I'll be around, but don't expect too much output from me during the weeks, maybe a bit more during weekends
+(19:21:09) u: (two fingers)
+(19:21:30) masha: I should be around for help desk, and hopefully more time to deal with tickets
+(19:21:58) muri: plans: curate monthly report, visit leipzig, look into errbot again, now that the only dependency has been sponsored
+(19:22:01) u: i am available for meetings scheduled with intrigeri and here and there, but I need to take a bit of a step back until january
+(19:22:36) goupille hat den Raum verlassen.
+(19:22:50) intrigeri: u: we can totally postpone some of that. you need less work.
+(19:22:54) intrigeri: u: as you wish.
+(19:23:08) nodens: plans: bugging alioth people to be able to move openpgp-applet away from redmine and alioth (#14982)
+(19:23:09) Tailsbot: Tails ☺ Bug #14982: Fix OpenPGP Applet vs. Tails ticket tracking workflow
+(19:23:10) sajolida: - VeraCrypt UX sprint (December 8-10): The recruiting for the test is going very well (apart from me forgetting to Bcc: ~60 people) but I still have to process the data from the online survey (1012 answers!)
+- Technical writing sprint with cbrownstein (December 25-27): "Improve our installation instructions" from our roadmap (spriver: I owe you an email about that!)
+- Close the new download page story.
+- Catch up with everything I left behind because of the new download page (sorry!).
+(19:23:20) nodens: (and the HitR if I can)
+(19:24:01) spriver: sajolida: okay (:
+(19:24:43) u: intrigeri: really? let's do the first meeting and then decide if we follow up on it
+(19:25:01) u: intrigeri: we want to work on a plan - which is the biggest part of the work right?
+(19:25:18) sajolida: intrigeri: which two sprints (if I may ask...)
+(19:25:23) intrigeri: u: whatever can easily be potsponed and allows you to relax a bit is good
+(19:25:28) u: sajolida: ASP
+(19:25:32) intrigeri: sajolida: Additional Software Packages + sysadmin team.
+(19:25:37) u: intrigeri: ok! well, i would like that
+(19:25:39) sajolida: yeah!
+(19:26:11) sajolida: is everybody done with sharing their plans?
+(19:26:14) u: wait
+(19:26:34) intrigeri: u: alles mit der Ruhe (however it shall be written)
+(19:26:47) masha: yep, almost can't wait to see you at 34C3!
+(19:26:49) u: nodens: concerning the openpgp applet, i've modified all changelog entries for tails-installer by adding Closes: Tails#123456
+(19:26:50) Tailsbot: Tails ☺ Feature #12345: Test ISO build reproducibility with varying CPU type
+(19:27:08) u: nodens: and i think you could do the same with the openpgpapplet
+(19:27:14) u: you just need to think about it
+(19:27:22) u: before preparing pavckages
+(19:27:33) u: no need to move all the things around imo
+(19:27:37) u: intrigeri: :=)))
+(19:27:46) u: intrigeri: let's reschedule per email then
+(19:28:07) intrigeri: u: there's no single occurrence of this problem in openpgp-applet fyi :)
+(19:29:04) u: intrigeri: well, that was the case in tails-installer before too
+(19:29:20) u: well, i'll comment on the ticket
+(19:29:44) nodens: u: mhmm, not sure I follow completely the point. Redmine reads debian changelog ?
+(19:30:08) nodens: anyway we can discuss that at another time, yes, please update the ticket :)
+(19:30:14) intrigeri: u: thanks. make sure you check the actual problem this ticket is about, as right now I think you're discussing something different.
+(19:30:46) intrigeri: (now I'll shut up with off-topic stuff until the plans/availability thing is done at least)
+(19:30:54) nodens: (I'll still need to move the homepage of openpgp-applet anyway)
+(19:31:22) u: intrigeri: yeah i thought so
+(19:32:07) intrigeri: (it's not clear for me who we are waiting for. is it u, who wrote "wait"? or a deadlock/misunderstanding?)
+(19:32:19) sajolida: ping me when you're done with your chit-chat :)
+meanwhile others can start reading the monthly report and look for missing bits:
+(19:32:31) u: i'm done
+(19:32:36) u: i just wanted to talk to nodens
+(19:32:43) u: sorry.
+(19:32:47) sajolida: cool! so everybody check the report for missing bits
+(19:32:57) u: i already added the bits i knew about this afternoon
+(19:33:03) masha: hot topics are about to be in the report, we just had a meeting before this one
+(19:33:21) spriver: gotta run now, see you all
+(19:33:40) emmapeel: yes, i will add the frontdesk hot tpics tomorrow
+(19:33:43) u: cu spriver!
+(19:34:05) intrigeri: already added my bits and can't think of anything missing that *I* worked on.
+(19:34:06) u: emmapeel: beware of adding hot pics!
+(19:34:19) emmapeel: hehehe
+(19:34:22) intrigeri: sajolida: will you add something about the new WebExtension?
+(19:34:48) sajolida: i didn't plan that, it will before for the report of December
+(19:35:03) intrigeri: cool!
+(19:35:04) sajolida: i thought that write "work in progress" for November didn't make much sense
+(19:35:16) u: sajolida: i think it does make sense
+(19:35:42) u: sajolida: i mean there was a first release and it fixes problems for people with >FF57
+(19:35:47) u: so we should mention it
+(19:36:01) intrigeri: u: that was in December, I think that's why sajolida wrote this above.
+(19:36:16) sajolida: yeap, the release happened on December 3
+(19:36:44) sajolida: added "Tor & Tails meetup in Mexico City." :)
+(19:37:24) masha: soon a summit in Sinaloa ;)
+(19:37:33) u: ah ok
+(19:37:36) u: sure!
+(19:38:02) masha: next?
+(19:39:03) sajolida: next point in the agenda is...
+(19:39:16) sajolida: Discussions! with nothing in the list...
+(19:39:34) sajolida: so if someone has a discussion prepared already, speak up now!
+(19:39:53) sajolida: otherwise we'll do to the Memory Hole thingie is u feels like it
+(19:40:09) sajolida: #13649
+(19:41:36) sajolida: as a reminder: discussions should be prepared, and that means the ticket should be assigned to the person responsible for preparing them
+(19:41:46) u: So let me explain this a little bit
+(19:42:00) u: I did not prepare this, and it was not on the agenda but I can explain.
+(19:42:07) sajolida: please, i forgot what Memory Hole was about </joke>
+(19:42:12) u: The new version of Torbirdy ships a feature called Memory hole.
+(19:42:32) u: This feature aims at not only encoding email text, but also the subject as well as referrers.
+(19:42:50) u: this is done using some kind of encrypted meta headers and sending out emails with a generic subject.
+(19:43:06) u: The mail client is now responsible for decrypting and displaying the meta headers.
+(19:43:09) intrigeri: (editing anonym's last comment to update the links that are currently broken)
+(19:43:42) u: This works partly inThunderbird, subjects can be decrypted while being sent with the generic subject line.
+(19:44:09) u: But the referrers are broken, as the feature is not yet implemented and it has not even been defined in the RFC in detail yet.
+(19:44:32) u: And these encrypted subjects also don't not work with Schleuder.
+(19:44:59) masha: hum
+(19:45:07) u: Now, in the Debian package, I've not disabled Memory Hole, because tech savvy people, running Debian unstable or testing, can disable it themselves if they want to.
+(19:45:55) u: in Tails we still use an older version of Torbirdy and I have not prepared a backport for Stretch in which I could disable this feature to make it work for most people.
+(19:46:18) u: we could also just have the Debian backport ship Memory Hole but disable it in Tails.
+(19:46:23) u: this is what this ticket is about.
+(19:46:29) u: intrigeri: anything i forgot?
+(19:46:51) intrigeri: u: all this sounds right.
+(19:47:17) intrigeri: the ticket also has some discussions about more general strategy & what our role could be in this.
+(19:47:22) u: And one other detail: we dont know how many other email clients have implemented the feature
+(19:47:28) sajolida: so right now when I'm sending encrypted emails from Tails I'm sending them with Memory Hole?
+(19:47:30) intrigeri:
+(19:47:34) u: sajolida: no
+sajolida spriver
+(19:47:47) u: sajolida: you use an older version of Torbirdy that does not have it yet
+(19:48:02) sajolida: ah!
+(19:48:05) u: but at some point we will want to update Tails' Torbirdy version.
+(19:48:12) u: and thus we should decide what to do
+(19:48:16) intrigeri: if that list of implementations (^) is up-to-date, then it's mostly draft / experiments stuff apart of Enigmail.
+(19:48:38) sajolida: but i know that i can *read* Memory Hole emails since some recent version (the subject line is rewritten)
+(19:48:54) intrigeri: OK, let me clarify:
+(19:49:15) u: sajolida: yes, the subject line works, but you dont get reply threads for example
+(19:49:16) intrigeri: the Memory Hole code is in Enigmail, disabled by default. What recent Torbirdy does is that it enables it.
+(19:49:18) u: sajolida: and this sucks
+(19:49:26) sajolida: right
+(19:49:26) u: intrigeri: thanks, indeed!
+(19:49:38) sajolida: intrigeri: useful clarification, thanks!
+(19:49:41) u: sajolida: and the subject line decryption does not work in Schleueder
+(19:49:56) u: so to me right now, this is unusable
+(19:50:14) spriver hat den Raum verlassen (Connection failed: connection closed).
+(19:50:22) nodens: I think the paint is definitely not dry on this feature... I would leave it disabled, because email issues are often a helpdesk nightmare (less tech-savvy people understand very little about it IME)
+(19:51:11) u: first the RFC needs to be finished. then MUAs need to implement it. then we can enable it for our users.
+(19:51:17) u: imo.
+(19:51:21) sajolida: +1, i would also track (or ask) Schleuder's plan to support it
+(19:51:27) u: sajolida: i did already
+(19:51:34) sajolida: yeah!
+(19:51:43) u:
+(19:51:54) intrigeri: I've already proposed a strategy in two comments (3 & 11) on the ticket so I won't repeat myself, but FTR this still holds (but it needs a $DATE/$DEADLINE). I can live with other options like disabling it and not doing anything else for now, though.
+(19:53:10) u: they moved the draft to
+(19:53:12) intrigeri: sajolida: dear host, it's not clear to me if we're assuming everyone has read the ticket (that is not too long and sums up the problems & options quite well IMO).
+(19:53:23) intrigeri: u: updated that link already :)
+(19:53:44) sajolida: since u started with a summary, i assumed that people didn't read the full ticket
+(19:54:08) sajolida: intrigeri: do you think i should encourage people to do so?
+(19:54:27) u: FTR intrigeri proposes "to announce that we'll enable Memory Hole by default in Tails at $DATE, as a way to encourage MUA authors to add support for it. " in ~ 2 years.
+(19:54:33) u: i think i agree with this idea.
+(19:54:52) u: and I'm ready to move this forward myself by talking to the relevant people
+(19:55:07) intrigeri: sajolida: I'm not sure.
+(19:55:17) intrigeri: u: like Outlook developers? :))
+(19:55:42) u: haha no.
+(19:55:50) nodens: well outlook user can't read pgp-encrypted emails easily anyway
+(19:55:59) intrigeri: last schleuder update is i.e. paz is not very motivated anymore after having tried Memory Hole.
+(19:56:12) sajolida: i don't really know the state of Memory Hole but it might be too prematurate to say we'll use this deadline strategy
+(19:56:13) u: intrigeri: i mean enigmail/thunderbird/mutt/emacs
+(19:56:15) nodens: I'm ok with the deadline idea
+(19:56:29) u: sajolida: right..
+(19:56:45) nodens: with maybe a "checkpoint" before, see if there is any blocker at that time
+(19:56:49) u: what about we set ourselves a deadline to reach out to these people and then talk about it again?
+(19:56:51) sajolida: i would personally like to be neither part of the "pioneers that suffer from being on the edge" nor the "last to do the change and slowing down everybody"
+(19:57:10) intrigeri: sajolida: agreed.
+(19:57:42) sajolida: so i would postpone this part of the discuss (when we enable it again) for at least 1 more year
+(19:58:18) nodens: and maybe it's better communication to say "hey, we would like to enable this nifty feature at this point in time, please help us" rather than "yeah we enabled it. So what. Fix your software" ;)
+(19:58:23) intrigeri: There's quite some reluctance to the deadline strategy and it might be premature and too bold. I'm fine with postponing for 1 more year.
+(19:58:59) u: so this means that we agree to disable it right now?
+(19:59:00) sajolida: (... leaving a bit more time for others to comment before summing up a consensus proposal)
+(19:59:04) intrigeri: but then it gives implementors 1 less year to do their job, so perhaps we could already tweet something about it, like we're considering it seriously and will reconsider in a year?
+(19:59:20) u: intrigeri: ack
+(19:59:20) nodens: +1 intrigeri
+(20:00:03) intrigeri: + encourage them to look into it for their MUA.
+(20:00:11) masha: +1
+(20:00:20) sajolida: a tweet won't change much i guess
+(20:00:22) intrigeri: (and then we let the autocrypt community retweet this & do their propaganda etc.)
+(20:00:26) jvoisin: (The cert for the offical webpage of memory hole has an invalid cert…)
+(20:00:40) intrigeri: sajolida: not by itself, but it gives arguments to the people who are pushing for modernpgp stuff.
+(20:00:55) sajolida: right, as a tool in other people's propaganda
+(20:01:26) intrigeri: it's different to say "look I wrote this spec please implement it" than "look I wrote this spec and Tails wants to use it, please implement it" :)
+(20:01:57) u: ack
+(20:02:15) sajolida: all-right, so here is my summary:
+(20:02:18) u: i can do that, sometime in the beginning of 2018
+(20:02:21) sajolida: Proposal:
+- We disable Memory Hole for outgoing emails.
+- We wait 1 more year before discussing again a strategy one when to enable it back.
+- Keep an eye open on what other MUA and encrypted mailing list software are doing.
+- Tweet about how cool Memory Hole is and that we want to enable soon but are blocked with other software.
+(20:02:49) sajolida: s/blocked with/blocked by/
+(20:03:03) sajolida: anything else to add, reformulate, discuss?
+(20:03:18) intrigeri: ACK.
+(20:03:27) nodens: all good
+(20:03:35) ***jvoisin nods
+(20:03:49) u: ack
+(20:03:51) intrigeri: (and then I got to go, other plans tonight. thanks for this meeting, see you tomorrow or more likely on Wednesday)
+(20:03:54) sajolida: ok, after fixing some typos, for your notes u:
+(20:03:58) sajolida: Proposal:
+- We disable Memory Hole for outgoing emails.
+- We wait 1 more year before discussing again a strategy one when to enable it back.
+- Keep an eye open on what other MUA and encrypted mailing list software are doing.
+- Tweet about how cool Memory Hole is and that we want to enable soon but are blocked with other software.
+(20:04:14) u: thanks!
+(20:04:23) sajolida: cool, thanks for the nice and productive meet
diff --git a/wiki/src/contribute/relationship_with_upstream.mdwn b/wiki/src/contribute/relationship_with_upstream.mdwn
index 069ea53..abc8abb 100644
--- a/wiki/src/contribute/relationship_with_upstream.mdwn
+++ b/wiki/src/contribute/relationship_with_upstream.mdwn
@@ -66,14 +66,10 @@ See the full and up-to-date list of bugs:
**Warning**: do **not** use tags that are already [defined
globally]( on the BTS.
-## Build tools
-We contribute to [Debian Live]( on a regular
-basis. Every single feature we have added to Debian Live has been
-merged upstream, and we intend to go on this way.
+<a id="gnome"></a>
<a id="gnome-bts"></a>
-See the [tickets that affect Tails in the GNOME bug tracker](
+See the
+[[issues that affect Tails in the GNOME bug tracker|blueprint/GNOME_bugs_that_affect_Tails]].
diff --git a/wiki/src/contribute/release_process.mdwn b/wiki/src/contribute/release_process.mdwn
index 0642877..e3e9f14 100644
--- a/wiki/src/contribute/release_process.mdwn
+++ b/wiki/src/contribute/release_process.mdwn
@@ -781,8 +781,8 @@ Prepare upgrade-description files
-Prepare the ISO description file for DAVE
+Prepare the ISO description file for *Tails Verification*
If preparing a RC, skip this part.
@@ -812,7 +812,7 @@ Update the ISO description file (IDF) used by the browser extension:
( cd "${RELEASE_CHECKOUT:?}" && \
git add wiki/src/install/v1/Tails/{i386,amd64}/stable/latest.yml && \
- git commit -m "Update IDF file for DAVE." )
+ git commit -m "Update IDF file for Tails Verification." )
Upload images
@@ -1279,8 +1279,7 @@ Checkout the release branch that is about to be merged into `master`:
use it to fetch the ISO image:
- `inc/stable_amd64_iso_url.html`: should contain exactly the expected
ISO image URL.
- - `install/download/openpgp`: the `Tails ${VERSION} ISO image`
- link.
+ - `install/download`: "Direct download" button.
- `install/expert/usb`: in the `wget` command.
If everything checks out ok, let the RM know so they can proceed with
@@ -1516,8 +1515,10 @@ this, and skip what does not make sense for a RC.
the one you're preparing). Look carefully at the output of this command:
git checkout "${RELEASE_BRANCH:?}" && \
+ for dir in config/APT_snapshots.d vagrant/definitions/tails-builder/config/APT_snapshots.d; do
- cd config/APT_snapshots.d && \
+ echo "${dir:?}:"
+ cd "${dir:?}" && \
for ARCHIVE in * ; do
SERIAL="$(cat ${ARCHIVE:?}/serial)"
if [ "${SERIAL:?}" = 'latest' ]; then
@@ -1526,11 +1527,18 @@ this, and skip what does not make sense for a RC.
echo "Warning: origin '${ARCHIVE:?}' is using the 'latest' snapshot, which is unexpected" >&2
- EXPIRY="$(curl --silent "${ARCHIVE:?}/dists/stable/snapshots/${SERIAL:?}/Release" | sed -n 's/^Valid-Until:\s\+\(.*\)$/\1/p')"
- fi
- echo "Origin '${ARCHIVE:?}' uses snapshot '${SERIAL:?}' which expires on: ${EXPIRY:?}"
- done
+ if [ "${ARCHIVE:?}" = 'debian-security' ]; then
+ DIST='stretch/updates'
+ else
+ DIST='stable'
+ fi
+ EXPIRY="$(curl --silent "${ARCHIVE:?}/dists/${DIST:?}/snapshots/${SERIAL:?}/Release" | sed -n 's/^Valid-Until:\s\+\(.*\)$/\1/p')"
+ fi
+ echo "* Archive '${ARCHIVE:?}' uses snapshot '${SERIAL:?}' which expires on: ${EXPIRY:?}"
+ done
+ echo ---
+ done
1. Push the resulting branches.
1. Make sure Jenkins manages to build all updated major branches:
diff --git a/wiki/src/contribute/release_process/test.mdwn b/wiki/src/contribute/release_process/test.mdwn
index 784005f..5e5b48d 100644
--- a/wiki/src/contribute/release_process/test.mdwn
+++ b/wiki/src/contribute/release_process/test.mdwn
@@ -98,6 +98,13 @@ tracked by tickets prefixed with `todo/test_suite:`.
* Running `/usr/local/lib/getTorBrowserUserAgent` should produce the User-Agent set by the
installed version of Torbutton, and used in the Tor Browser. (automate: [[!tails_ticket 10268]])
+## Miscellaneous
+* Test if _uBlock_ works: visit a website that normally displays ads,
+ such is <>. The ads should not be displayed
+ and the uBlock icon should display a strictly positive number of
+ blocked elements.
# Thunderbird
* Check mail over IMAP using:
@@ -248,7 +255,11 @@ tracked by tickets prefixed with `todo/test_suite:`.
-* Boot on bare-metal from USB.
+* Boot on bare-metal from USB. Measure the boot time (from the
+ syslinux menu until the GNOME desktop is ready -- quickly press
+ ENTER in the Greeter) and compare with the boot time of the previous
+ Tails version. The new one should not be significantly slower to
+ start.
* Boot on bare-metal from DVD. Measure the boot time (from the
syslinux menu until the GNOME desktop is ready -- quickly press
ENTER in the Greeter) and compare with the boot time of the previous
@@ -345,39 +356,3 @@ identifying other language names in):
* Check that all seems well during init: (automate: [[!tails_ticket 10277]])
- `systemctl --failed --all` should say `0 loaded units listed`
- the output of `journalctl` should seem OK.
-* Visit <> in a Firefox-based
- browser. Verify that you can install the Firefox Addon. Start
- downloading a Tails image and copy the used mirror URL.
- - The URL should contain a mirror URL from
- <>.
- - Verify that pausing and resuming the download from this URL works.
- - Verify that when you start the download, you can see it appear in
- the download list (Ctrl+Shift+Y).
-* Test a disabled mirror (Possible only in FF > 51 because of
- <>.)
- - Disabled mirrors have `"weight": 0` in
- so just pick one of them. If
- there's none, skip this test.
- - Do not use Firefox over Tor.
- - To disable Firefox's internal DNS cache, navigate to
- `about:config` and set these prefererences:
- * `network.dnsCacheExpirationGracePeriod = 0`
- * `network.dnsCacheExpiration = 0`
- * `network.dnsCacheEntries = 0`
- - To enable logging, in `about:config` add these preferences:
- * ` = "all"`
- * `extensions.sdk.console.logLevel = "all"`
- - Then edit your `/etc/hosts` file to point the URL of the previously
- used mirror to
- - Now reload the download page, and try to resume the download
- again.
- XXX: How is it ensured that the disabled mirror we picked above is
- used?
- - In the Firefox console (Ctrl+Shift+J) you should see the
- `mirror.blob` variable pointing to a different mirror. This should
- work.
- XXX: Please provide more instructions for how to find this
- variable, possibly with a (large but shortened) example.
diff --git a/wiki/src/contribute/release_process/thunderbird.mdwn b/wiki/src/contribute/release_process/thunderbird.mdwn
index 4019f06..eb02150 100644
--- a/wiki/src/contribute/release_process/thunderbird.mdwn
+++ b/wiki/src/contribute/release_process/thunderbird.mdwn
@@ -81,19 +81,20 @@ released:
1. Fetch the Debian sources to be used for the build:
- ICEDOVE_SOURCES="$(mktemp -d)" && \
+ THUNDERBIRD_SOURCES="$(mktemp -d)" && \
GIT_DIR="$(pwd)" && \
- cd "${ICEDOVE_SOURCES:?}" && \
+ ( \
+ cd "${THUNDERBIRD_SOURCES:?}" && \
apt --download-only source thunderbird="1:${VERSION:?}" && \
mkdir -p "${GIT_DIR:?}/../tarballs/" && \
- for tarball in icedove_*.orig*.tar.xz ; do
+ for tarball in thunderbird_*.orig*.tar.xz ; do
ln -s \
"${GIT_DIR:?}/../tarballs/$tarball" \
- cp icedove_*.orig*.tar.xz "${GIT_DIR:?}/../tarballs/" && \
- cd "${GIT_DIR:?}" && \
- rm -rf "${ICEDOVE_SOURCES:?}"
+ cp thunderbird_*.orig*.tar.xz "${GIT_DIR:?}/../tarballs/" && \
+ ) && \
Note: we cannot use the `pristine-tar` branch since Jessie builds
expect split .orig sources for l10n stuff, which is not the case in
@@ -114,7 +115,7 @@ released:
1. Include all sources in the `.changes` file:
- CHANGES_FILE="../icedove_$(echo "${TAILS_VERSION?}" | sed 's/^1://')_amd64.changes" && \
+ CHANGES_FILE="../thunderbird_$(echo "${TAILS_VERSION?}" | sed 's/^1://')_amd64.changes" && \
changestool "${CHANGES_FILE:?}" includeallsources
1. Due to [[!tails_ticket 11531]] we won't be able to push the tag
diff --git a/wiki/src/contribute/reports/SponsorW/2017_11.mdwn b/wiki/src/contribute/reports/SponsorW/2017_11.mdwn
new file mode 100644
index 0000000..7b90825
--- /dev/null
+++ b/wiki/src/contribute/reports/SponsorW/2017_11.mdwn
@@ -0,0 +1,34 @@
+[[!meta title="Tails November 2017 report"]]
+[[!toc levels=2]]
+This report covers the activity of Tails in November 2017.
+Everything in this report is public.
+# A. VeraCrypt support in GNOME
+- The survey on VeraCrypt usage that we launched in October was
+ advertised on our website until December 1. We got 1012 complete
+ answers. ([[!tails_ticket 14474]])
+- We recruited participants for the UX design sprint on VeraCrypt in
+ Tails what will happen in Berlin from December 8 to 10. We got 91
+ people volunteering to help us and selected the 10 most interesting
+ profiles to come work with us in December. We gave priority to people
+ who are users of both VeraCrypt and Tails and who seem less
+ tech-savvy. ([[!tails_ticket 14742]])
+- We announced and discussed our plan to integrate VeraCrypt support
+ into GNOME Disks to the upstream developers via their
+ [mailinglist](
+ We received several positive answers to our effort and a plan proposed
+ by the upstream developers revealed itself as having already partly
+ been implemented by us in the proposed manner. We are glad to see that
+ upstream is very responsive and helpful. ([[!tails_ticket 12275]])
+ We're now looking forward to the UX design sprint in order to move our
+ developments further forward.
+# C. Deliver new features
+We're not there yet.
diff --git a/wiki/src/contribute/roadmap.mdwn b/wiki/src/contribute/roadmap.mdwn
index 22795c1..f57bbb5 100644
--- a/wiki/src/contribute/roadmap.mdwn
+++ b/wiki/src/contribute/roadmap.mdwn
@@ -15,12 +15,12 @@ Priorities for the next years
### Adoption
-- **Redesign the Download and Verify browser extension** to support *Chrome* and *Web Extensions* in *Firefox* 57 ([[!tails_ticket 12328]], [[Blueprint|blueprint/DAVE_2]])
+- <strike>**Redesign the Download and Verify browser extension** to support *Chrome* and *Web Extensions* in *Firefox* 57 ([[!tails_ticket 12328]], [[Blueprint|blueprint/DAVE_2]])</strike> [DONE]
- **Rethink the installation and upgrade process** in depth and reflect on the future of *Tails Installer*, the installation on Windows and macOS, and automatic upgrades ([[!tails_ticket 11679]])
- **Improve our installation instructions**:
- Find a graphical installation tool for macOS ([[!tails_ticket 11682]])
- Have a more robust tool for Windows ([[!tails_ticket 13206]])
- - Act on the expert review done in August 2017 ([[!tails_ticket 12328]])
+ - Act on the expert review done in August 2017 ([[!tails_ticket 14548]])
- **Give some love to our troubleshooting documentation**:
- Our [[known issues page|support/known_issues]] ([[!tails_ticket 11665]])
- Computers with unsupported Wi-Fi devices, very common on Mac ([[!tails_ticket 11683]])
@@ -47,7 +47,7 @@ Priorities for the next years
- **Screen locker**: allow users to lock their session with a password ([[!tails_ticket 5684]], [[Blueprint|blueprint/screen_locker]])
- **Tails Server**: run onion services from Tails (VoIP chat rooms, collaboration tools, web servers, messaging servers, etc.) ([[!tails_ticket 5688]], [[Blueprint|blueprint/tails_server]])
-- **VeraCrypt support in GNOME**: graphical utilities to mount VeraCrypt volumes ([[!tails_ticket 11684]], [[!tails_ticket 6337]], [[Blueprint|blueprint/truecrypt_in_gnome_disks]])
+- **VeraCrypt support in GNOME**: graphical utilities to mount VeraCrypt volumes ([[!tails_ticket 11684]], [[!tails_ticket 6337]], [[Blueprint|blueprint/veracrypt]])
- **Graphical interface for the Additional Packages persistent feature**: allow users to customize which applications are available in their Tails ([[!tails_ticket 5996]] [[!tails_ticket 9059]], [[Blueprint|blueprint/additional_software_packages]])
- **Mobile messaging applications**: investigate if we could support Signal, Wire, Telegram, etc. in Tails ([[!tails_ticket 14504]])
- **Backups**: provide a graphical tool to backup the persistent volume ([[!tails_ticket 5301]], [[Blueprint|blueprint/backups]])
diff --git a/wiki/src/contribute/working_together/Redmine.mdwn b/wiki/src/contribute/working_together/Redmine.mdwn
index da1a93e..b648789 100644
--- a/wiki/src/contribute/working_together/Redmine.mdwn
+++ b/wiki/src/contribute/working_together/Redmine.mdwn
@@ -103,7 +103,7 @@ Please take a time to see how we use the fields of Redmine:
* New:
- New users' tickets are marked always as new. If a Tails contributor can
reproduce the issue, it should be marked as *Confirmed*.
- - [[Frontdesk|contribute/working_together/roles/front_desk]] team is in
+ - [[Help desk|contribute/working_together/roles/help_desk]] team is in
charge of keeping an eye on them.
* Confirmed:
- Tails contributors can reproduce the issue.
diff --git a/wiki/src/contribute/working_together/roles/debian_maintainer.mdwn b/wiki/src/contribute/working_together/roles/debian_maintainer.mdwn
index f306c552..7bb10b7 100644
--- a/wiki/src/contribute/working_together/roles/debian_maintainer.mdwn
+++ b/wiki/src/contribute/working_together/roles/debian_maintainer.mdwn
@@ -42,3 +42,11 @@ These packages are not part of this mission:
* [[!debpts torbrowser-launcher]]: we only use its AppArmor profiles,
that we could easily take from upstream if the Debian package was
not maintained.
+* [Debian release schedule](
+* [Ubuntu release schedule](
+ * Upcoming: BionicBeaver, 18.04, April 26th 2018
diff --git a/wiki/src/contribute/working_together/roles/foundations_team.mdwn b/wiki/src/contribute/working_together/roles/foundations_team.mdwn
index 9a027a7..27f41e0 100644
--- a/wiki/src/contribute/working_together/roles/foundations_team.mdwn
+++ b/wiki/src/contribute/working_together/roles/foundations_team.mdwn
@@ -21,6 +21,12 @@ The Tails Foundations Team is responsible for:
those submitted by the [[release manager]], and the translation
merge requests sent to <>;
+* checking how important each issue forwarded by Help Desk is, whether
+ it's worth documenting it, and validating the workarounds. If it's
+ worth documenting the problem and possibly the workarounds, either
+ put it on our Technical Writers' plate, or draft something directly,
+ or merge a draft proposed by Technical Writer apprentices;
* help triage new tickets that are on nobody else's plate when
frontdesk isn't in a good position to do it;
diff --git a/wiki/src/contribute/working_together/roles/front_desk.mdwn b/wiki/src/contribute/working_together/roles/front_desk.mdwn
deleted file mode 100644
index ef88dd2..0000000
--- a/wiki/src/contribute/working_together/roles/front_desk.mdwn
+++ /dev/null
@@ -1,31 +0,0 @@
-[[!meta title="Front Desk"]]
-User support
- - Do user support by email:
- - Reply to bug reports received on (empty reports might
- be silently ignored).
- - Reply to private user support requests received on
- [[|about/contact#tails-support-private]].
- - Improve the list of [[known issues|support/known_issues]] and [[FAQ|support/faq]] incrementally based on the work done by email, and do
- whatever small tasks will make the frontdesk job's easier in the future.
- - Based on users reports, gather information on compatibility in
- between Tails and Mac computers according to [[!tails_ticket 9315]].
- - Do user support on XMPP if you feel like it.
-General communication watchdog
- - Try to do something about the
- [new tickets](
- that appear in Redmine. An Atom feed is available for easier
- monitoring, see the link at the bottom of that page.
- - Administer and moderate our general purpose public mailing lists:
- - [](
- - [](
- - [](
- - [](
- - [](
diff --git a/wiki/src/contribute/working_together/roles/help_desk.mdwn b/wiki/src/contribute/working_together/roles/help_desk.mdwn
new file mode 100644
index 0000000..7f978f2
--- /dev/null
+++ b/wiki/src/contribute/working_together/roles/help_desk.mdwn
@@ -0,0 +1,59 @@
+[[!meta title="Help Desk"]]
+Main purpose
+Help Desk is handling individual support requests with two primary
+1. Gather qualitative and quantitative user data, that can be used:
+ - by the Foundations Team and UX people to prioritize their own
+ work;
+ - by our broader community, to improve our understanding of who our
+ current users are, feed our thought process about our vision for
+ Tails in the future, and help us build a relevant roadmap.
+2. Help the bug reporter resolve the problem they are facing.
+User support
+ - Do user support by email:
+ - Reply to bug reports received on <> (empty reports might
+ be silently ignored).
+ - Reply to private user support requests received on
+ [[|about/contact#tails-support-private]].
+ - Act as a proxy between issues reported by users and the rest of
+ the project. Don't spend too much time investigating every such
+ issue, in particular for hardware support problems. Instead,
+ forward this information to the Foundations Team:
+ 1. Gather information about the context in which the problem
+ occurs, how important it is, what known workarounds exist.
+ 2. Forward the WhisperBack report over email.
+ 3. File a ticket assigned to a Foundation Team member, referencing
+ the WhisperBack report ID.
+ 4. Ideally, provide statistics about how many people are impacted.
+ 5. The Foundations Team will take a look and decide what to do
+ (e.g. addressing root cause of the problem, or asking Technical
+ Writers to document the problem and workarounds, or dismissing
+ it).
+ - Follow-up on communications even when not on shift.
+ - Do user support on XMPP if you feel like it.
+General communication watchdog
+ - Try to do something about the
+ [new tickets](
+ that appear in Redmine; if you can't do anything, reassign to
+ a Foundations Team member. An Atom feed is available for easier
+ monitoring, see the link at the bottom of that page.
+ - Administer and moderate our general purpose public mailing lists:
+ - [](
+ - [](
+ - [](
+ - [](
+ - [](
diff --git a/wiki/src/contribute/working_together/roles/sysadmins.mdwn b/wiki/src/contribute/working_together/roles/sysadmins.mdwn
index 23e567c..bccad4e 100644
--- a/wiki/src/contribute/working_together/roles/sysadmins.mdwn
+++ b/wiki/src/contribute/working_together/roles/sysadmins.mdwn
@@ -88,8 +88,9 @@ The main tools used to manage the Tails infrastructure are:
cases, we run the current stable release
* [Puppet](,
a configuration management system
+ - our [[Puppet code|contribute/git#puppet]]
* [Git]( to host and deploy configuration,
- including our [[Puppet modules|contribute/git#puppet]]
+ including our Puppet code
<a id="communication"></a>
@@ -236,6 +237,16 @@ Below, importance level is evaluated based on:
- [[How to add checks to our monitoring setup|roles/sysadmins/adding_icinga2_checks]]
* importance: critical (needed to ensure that other, critical services are working)
+## Internal XMPP service
+* purpose: an internal XMPP service that can be used by Tails developers and some contributors.
+* access: at the moment everyone that is on the tails-summit mailinglist has and/or can
+ request an account.
+* tools: prosody
+* configuration:
+ - `tails::prosody` in [[!tails_gitweb_repo puppet-tails]]
+* importance: low
## Jenkins
* purpose: continuous integration, e.g. build Tails ISO images from
@@ -266,11 +277,13 @@ Below, importance level is evaluated based on:
- [[sysadmins/automated_tests_in_Jenkins]]
* importance: critical (as a key component of our development process)
+<a id="mumble"></a>
## Mumble
-* purpose: internal communication for the Fundraising team
-* access: Fundraising team members
-* tools: [[!debpts mumble-erver]]
+* purpose: internal communication for some internal teams
+* access: members of some internal teams
+* tools: [[!debpts mumble-server]]
* configuration:
- <>
- `mumble::*` parameters in Hiera
diff --git a/wiki/src/contribute/working_together/roles/sysadmins/automated_tests_in_Jenkins.mdwn b/wiki/src/contribute/working_together/roles/sysadmins/automated_tests_in_Jenkins.mdwn
index 03608e4..6fb3065 100644
--- a/wiki/src/contribute/working_together/roles/sysadmins/automated_tests_in_Jenkins.mdwn
+++ b/wiki/src/contribute/working_together/roles/sysadmins/automated_tests_in_Jenkins.mdwn
@@ -1,5 +1,10 @@
[[!meta title="Automated ISO tests on Jenkins"]]
+# Force all scenarios to be tested
+Branches whose name ends with the `+force-all-tests` suffix will run
+the full test suite, including scenarios tagged `@fragile@`.
# Old ISO used in the test suite in Jenkins
Some tests like upgrading Tails are done against a Tails installation made from
diff --git a/wiki/src/contribute/working_together/roles/technical_writer.mdwn b/wiki/src/contribute/working_together/roles/technical_writer.mdwn
index 924fc0b..42792af 100644
--- a/wiki/src/contribute/working_together/roles/technical_writer.mdwn
+++ b/wiki/src/contribute/working_together/roles/technical_writer.mdwn
@@ -22,6 +22,10 @@ as a fallback if no other contributor volunteers to do it.
- Documenting new features, including [[doc/about/features]].
Documentation writing should be included in the budget if the
feature has one.
+ - Document known issues and their workarounds (e.g. on the
+ [[FAQ|support/faq]] or in the list
+ [[known issues|support/known_issues]]), based on information
+ provided by our Help Desk and triaged by the Foundations Team.
As technical writers have a limited amount of time to dedicate to these
tasks, Tails as a project should redefine priorities on a regular basis.
diff --git a/wiki/src/contribute/working_together/roles/ux.mdwn b/wiki/src/contribute/working_together/roles/ux.mdwn
new file mode 100644
index 0000000..fdf1435
--- /dev/null
+++ b/wiki/src/contribute/working_together/roles/ux.mdwn
@@ -0,0 +1,25 @@
+[[!meta title="UX designer"]]
+- Do UX design (graphical interface, interactions, language, etc.) on
+ the maintenance or important improvements to:
+ - The core Tails system
+ - The core pages of our website
+- Answer or raise usability concerns related to the work of the
+ [[Foundations Team]]. They deal with the code, the UX designers deal
+ with the user experience.
+- Do background research work to understand better our user base, who
+ they are, what they do with Tails, what they need, and how to expand
+ it. This will help us prioritize better our roadmap, putting our users
+ in the center, and prepare better grant proposals. For example,
+ starting with gathering feedback from users both:
+ - Qualitatively: in person and online interviews and studies.
+ - Quantitatively: gathering metrics and building up infrastructure to
+ be able to gather more through website logs, help desk, online
+ surveys, etc.
+- This does not cover the UX work related to deliverables for
+ grants which have a dedicated budget.