summaryrefslogtreecommitdiffstats
path: root/wiki/src/news/report_2014_06-07.mdwn
blob: eee3a88f55ef4d66933d4642849206ebd1773f56 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
[[!meta title="Tails report for June and July, 2014"]]
[[!meta date="Fri, 08 Aug 2014 09:56:00 +0000"]]
[[!pagetemplate template="news.tmpl"]]

Releases
========

  - Tails 1.1~beta1 was released on May 30.
  - Tails 1.0.1 was released on June 10.
  - Tails 1.1 was released on July 22. This marked our migration to Debian
    Wheezy and GNOME 3.

Metrics
=======

In June 2014:

   - Tails has been started more than 331 862 times in June.
     This makes 11 062 boots a day in average.
   - 25 124 downloads of the OpenPGP signature of Tails ISO from our
     website.
   - 71 bug reports were received through WhisperBack.

In July 2014:

   - Tails has been started more than 355 608 times in July.
     This makes 11 471 boots a day in average.
   - 35 134 downloads of the OpenPGP signature of Tails ISO from our
     website.
   - 160 bug reports were received through WhisperBack.
     We discovered in late July than one of our WhisperBack relay was not
     sending emails anymore since our fixes of the Heartbleed bug. This
     explains the bump in the number of bug reports.

Code
====

  - Fixed device removal before Tails Greeter login ([[!tails_ticket 7333]]).
  - Disabled the GnuPG functionality of GNOME Keyring ([[!tails_ticket 7330]]).
  - Removed `dselect` ([[!tails_ticket 7336]]).
  - Updated Tor browser to 24.6.0.
  - Installed Linux 3.14.
  - Fixed links to anchors in Yelp ([[!tails_ticket 7285]]).
  - Included `syslinux` binaries in the ISO filesystem ([[!tails_gitweb_commit
    ce93164]])
  - Prevented `iproute2` from being installed ([[!tails_ticket 7337]]).
  - Changed local documentation to open in Yelp ([[!tails_gitweb_commit
    f8513c1]]).
  - Set the UID of `tails-persistence-setup` to the same as it was in Squeeze
    ([[!tails_ticket 7343]]).
  - Forbidden the desktop user to pass arguments to `tails-upgrade-frontend`
    ([[!tails_ticket 7410]]).
  - Fixed many things to have a Windows 8 camouflage ready for Tails 1.1
    ([[!tails_ticket 6342]]).
  - Fixed the migration of NetworkManager persistent settings ([[!tails_ticket
    7338]]).
  - Worked with the people from [Freepto](http://freepto.mx/) on pushing our tool for
    RAM wiping to Debian, and we made some progress towards [using the
    `wiperam` Debian package in
    Tails](https://mailman.boum.org/pipermail/tails-dev/2014-June/006031.html).
  - Shipped Windows binaries of `syslinux` in Tails ([[!tails_ticket 7425]]).
  - Fixed the red theme of the Unsafe Browser ([[!tails_ticket 7473]]).
  - Tightened up the permissions on `/home/amnesia` ([[!tails_ticket 7463]]).
  - Fixed unsafe permissions on persistent files ([[!tails_ticket 7443]]).
  - Prepared a solution to be able to "Upgrade from ISO" 1.0.1 to 1.1
    ([[!tails_ticket 7345]]).
  - Disabled the `proxy://` protocol handle of FoxyProxy ([[!tails_ticket
    7479]]).
  - Installed Tor 0.2.5.x on a topic branch ([[!tails_gitweb_commit
    9f18b50]], [[!tails_ticket 7758]]).
  - Removed the default bookmarks were removed from the Unsafe Browser
    ([[!tails_ticket 7594]]).
  - Fixed a bug that broke incremental upgrades for Tails > 1.1 ([[!tails_ticket
    7641]]).
  - Fixed our security check notification that were broken for months
    ([[!tails_ticket 7657]]).
  - Migrated our Vagrant basebox to Wheezy ([[!tails_ticket 7133]],
    [[!tails_ticket 6736]]).
  - Started to work on Tails Jessie. It is now possible to build Tails
    based on Jessie!
  - Jacob Appelbaum simplified our IPv6 firewall rules ([[!tails_ticket 7668]]).
  - Disabled TCP timestamps ([[!tails_ticket 6579]]).
  - Installed Linux 3.14-2.
  - Prevented dhclient from sending the `amnesia` hostname over the network
    ([[!tails_ticket 7688]]).
  - Worked a bit towards towards supporting USB devices exposed as non-removable
    ([[!tails_gitweb_commit 0a255dc]], [[!tails_ticket 7387]]).
  - Installed `gnome-user-guide` to fix the Help launcher in the menus
    ([[!tails_ticket 7618]]).
  - Fixed the configuration of printers from the GNOME control center
    ([[!tails_ticket 7636]]).
  - Worked on installing `rngd` ([[!tails_ticket 5650]]).
  - Compressed our ISO images more aggressively. They should be back to less
    than 1 GB ([[!tails_ticket 7706]]).
  - Started drafting a list of [[kernel modules to
    blacklist|blueprint/blacklist_modules]].

Documentation and website
=========================

  - Explained that OTR is disabled by default.
  - Reworked our documentation about working on sensitive documents:
    - [[Office suite|doc/sensitive_documents/office_suite]]
    - [[Graphics|doc/sensitive_documents/graphics]]
    - [[Sound and video|doc/sensitive_documents/sound_and_video]]
  - Adapted our documentation now that Tails supports UEFI.
  - Added a utility script to erase [[auto-generated PO
    files|contribute/l10n_tricks/#index9h1]].
  - Improved our documentation on [[building Tails|contribute/build]].
  - Pointed to the release notes from the [[upgrade
    instructions|doc/first_steps/upgrade]] ([[!tails_ticket 7665]]).
  - Added a script to retrieve the [[list of translators on
    Transifex|contribute/l10n_tricks#index10h1]].
  - Redirected [[press requests|press]] to <tails-press@boum.org>.

Homepage defacement
-------------------

The homepage of our website was [briefly
defaced](http://thehackernews.com/2014/06/tails-operating-system-website-has-beed.html)
on June 29 by rodit. This was later was Git-reverted, ikiwiki misconfiguration
was corrected. The underlying vulnerability has not been used for malicious purposes.

Translation and internationalization
====================================

A new team started to translate our website [into
Spanish](https://mailman.boum.org/pipermail/tails-l10n/2014-June/001280.html).

All website PO files
--------------------

  - de: 11% (613) strings translated, +36 since May
  - fr: 48% (2576) strings translated, +19 since May
  - pt: 36% (1953) strings translated, +704 since May

[[Core PO files|contribute/l10n_tricks/core_po_files.txt]]
----------------------------------------------------------

  - de: 26% (338) strings translated, +31 since May
  - fr: 95% (1207) strings translated, -5 since May
  - pt: 99% (1257) strings translated, +488 since May

Infrastructure
==============

  - Our test suite covers 87 scenarios, 3 more that in May.
  - We now use OpenJDK7 to run our test suite ([[!tails_ticket 7175]]).
  - We've adapted our infrastructure to the last version of the shared
    postfix Puppet module.
  - Our infrastructure was cleaned up from Squeeze-area bits
    ([[!tails_ticket 7215]]).
  - lizard's outgoing email setup was fixed ([[!tails_ticket 7485]]).
  - Pushing to our master Git repository now automatically pushed to
    the repository that triggers Jenkins builds ([[!tails_ticket 5558]]).

On-going discussions
====================

  - [Tahoe-LAFS persistence](https://mailman.boum.org/pipermail/tails-dev/2014-June/005956.html)
  - [The future of Vagrant Tails builds](https://mailman.boum.org/pipermail/tails-dev/2014-July/thread.html)
  - [vpwned](https://mailman.boum.org/pipermail/tails-dev/2014-July/thread.html)
  - [How the traffic confirmation attack on Tor affects Tails](https://mailman.boum.org/pipermail/tails-dev/2014-July/006518.html)

Funding
=======

  - Sent our final report for the OpenITP grant from fall 2013. 
  - The FPF crowdfunding extended their [crowdfunding
    campaign](https://pressfreedomfoundation.org/bundle/encryption-tools-journalists).
  - Signed the agreement with Access for their Innovation Prize we've won.
  - Started working on two new grant applications to be submitted in August.
  - Worked on a [web form for
    donations](https://git-tails.immerda.ch/451f/tails/tree/wiki/src/contribute/how/donate.mdwn?h=web/donation)
    in fiat currencies ([[!tails_ticket 7156]]).

Outreach
========

We organized a very successful [[HackFest|news/Tails_HackFest_2014]] attended
by more than hundred people. This event was followed by our yearly
summit, attended by 15 people.

Among the concrete work done during those ten days, here is was can be found
in our blueprints:

  - Made plans to fix in the long-term our [[mirror
    infrastructure|blueprint/HTTP_mirror_pool]].
  - Had ideas to [[better track our delta with
    Debian|blueprint/better_track_and_document_our_delta_with_Debian]].
  - Improved and published the [[future user interface of Tails
    Greeter|blueprint/tails-greeter:_revamp_UI]].
  - Drafted plans to [[fix our Vagrant basebox|blueprint/replace_vagrant]], and
    [[considered Docker|blueprint/evaluate_Docker]] for replacement.
  - Designed a Firefox extension to download and [[automatically verify a Tails
    ISO image|blueprint/download_extension]].
  - Drafted a design document about [[random numbers in
    Tails|contribute/design/random]].
  - Decided on a [[roadmap for our UX work|blueprint/UX_roadmap]].
  - Brainstormed on a future structure for our
    [[website|blueprint/website_structure]] and
    [[homepage|blueprint/website_homepage]].

Press & Testimonials
====================

* 2014-07-26: [Tails 1.1 is announced](http://linuxfr.org/news/tails-1-1-est-disponible), in French,
  in an article by pamputt on LinuxFr
* 2014-07: I2P bug and zero-days buzz:
  - 2014-07-21: Exodus Intelligence [tweets about multiple RCE/de-anonymization
    zero-days](https://twitter.com/ExodusIntel/status/491247299054428160) on the
    day before Tails 1.1 is released.
  - Several news websites relay that information before the details of the
    vulnerability are disclosed:
    - [Exploit Dealer: Snowden's Favorite OS Tails Has Zero-Day Vulnerabilities
      Lurking
      Inside](http://www.forbes.com/sites/thomasbrewster/2014/07/21/exploit-dealer-snowdens-favourite-os-tails-has-zero-day-vulnerabilities-lurking-inside/)
      by Thomas Brewster on Forbes.
    - [Don't look, Snowden: Security biz chases Tails with zero-day flaws
      alert](http://www.theregister.co.uk/2014/07/21/security_researchers_chase_tails_with_zeroday_flaw_disclosure/)
      by Iain Thomson on The Register.
    - [The world's most secure OS may have a serious
      problem](http://www.theverge.com/2014/7/22/5927917/the-worlds-most-secure-os-may-have-a-serious-problem)
      by Russell Brandom on The Verge
  - 2014-07-23: We made our users [[aware of that
    process|news/On_0days_exploits_and_disclosure]].
  - 2014-07-23: Exodus Intelligence publishes [Silver Bullets and Fairy
    Tails](http://blog.exodusintel.com/2014/07/23/silverbullets_and_fairytails/)
    to explain the vulnerability.
  - 2014-07-25: We publish a [[security
    advisory|security/Security_hole_in_I2P_0.9.13]] explaining the scope of the
    problem, and temporary solutions.
* 2014-07-08: In the [July 8th Keiser Report on RT](http://rt.com/shows/keiser-report/170908-episode-max-keiser-624/).
  The Tails related part of the Keiser Report starts at 15'40".
* 2014-07-03: Tails above the Rest:
  [Installation](http://www.linuxjournal.com/content/tails-above-rest-installation),
  [Part II](http://www.linuxjournal.com/content/tails-above-rest-part-ii),
  [Part III](http://www.linuxjournal.com/content/tails-above-rest-part-iii) by Kyle Rankin in the Linux Journal.
* 2014-07-03: Some articles on Tails users being targeted by NSA XKeyscore:
  - In [NSA targets the privacy-conscious](http://daserste.ndr.de/panorama/aktuell/nsa230_page-1.html)
    by J. Appelbaum, A. Gibson, J. Goetz, V. Kabisch, L. Kampf, L. Ryge.
  - In [Von der NSA als Extremist gebrandmarkt](http://www.tagesschau.de/inland/nsa-xkeyscore-100.html)
    by  Lena Kampf, Jacob Appelbaum and John Goetz (in German).
  - In [If you read Boing Boing, the NSA considers you a target for deep surveillance](http://boingboing.net/2014/07/03/if-you-read-boing-boing-the-n.html)
    by Cory Doctorow.
  - In [TOR, logiciel-clé de protection de la vie privée, dans le viseur de la NSA](http://www.lemonde.fr/pixels/article/2014/07/03/un-logiciel-cle-de-protection-de-la-vie-privee-dans-le-viseur-de-la-nsa_4450718_4408996.html)
    by Martin Untersinger on LeMonde.fr (in French).
* 2014-06-25: [Dai segreti di Snowden ai social: il raduno italiano degli hacker](http://corrieredibologna.corriere.it/bologna/notizie/cronaca/2014/25-giugno-2014/dai-segreti-snowden-social-raduno-italiano-hacker-223459532934.shtml) by Andrea Rinaldi, in Corriere di Bologna (in Italian).
* 2014-06-30: [Tails, il sistema operativo incognito che frega l'NSA](http://www.wired.it/gadget/computer/2014/04/15/tails-sistema-operativo-incognito/) by Carola Frediani, in Wired.it (in Italian).