summaryrefslogtreecommitdiffstats
path: root/wiki/src/news/report_2016_11.mdwn
blob: 9ace5ee8db54f8baf6bce6c1c6543aeaf45aa893 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
[[!meta  title="Tails report for November, 2016"]]
[[!meta date="Fri, 09 Dec 2016 12:34:56 +0000"]]
[[!pagetemplate template="news.tmpl"]]

[[!toc levels=2]]

Releases
========

* [[Tails 2.7 was released on November 15|news/version_2.7]] (minor release).

* [[Tails 2.7.1 was released on November 30|news/version_2.7.1]] (minor release).

* Tails 2.9 is [[scheduled for December 13|contribute/calendar]].

The following changes were introduced in Tails 2.7:

  - Fix multi-architecture support in *Synaptic*. This should fix
    broken installations of additional packages from *Synaptic*.
    ([[!tails_ticket 11820]])

  - Set default spell checking language of *Icedove* to English instead of
    French. ([[!tails_ticket 11037]])

Code
====

New *Tails Greeter*
-------------------

After many months of development, the [[redesigned version of *Tails
Greeter* is ready to be tested|news/test_redesigned_Tails_Greeter]].

Tails based on Debian 9 (Stretch)
---------------------------------

We made lots of progress on porting Tails to Debian 9 (Stretch).
This work culminated with the
[[release of Tails 3.0~alpha1|news/test_3.0-alpha1]].

* Merged the devel Git branch, and upgraded to a current snapshot of
  the Debian archive.
* Switched userspace to 64-bit (x86_64).
* By running our [[manual test suite|contribute/release_process/test]]
  on Stretch-based ISO images and testing our entire
  [[documentation|doc]], we identified a few regressions and
  [[!tails_ticket 11916 desc="documentation that needs updating"]].
* [[!tails_ticket 11789 desc="GNOME with its default black theme"]]
* Fixed a long-standing issue with
  [[!tails_ticket 7018 desc="the firewall not being set up during early boot"]].
* Fixed the Greeter
  [[!tails_ticket 11694 desc="not switching to the Desktop VT upon login"]],
  and
  [[!tails_ticket 11919 desc="not displaying the More Options window properly"]].
* Test suite:
  - Fixed [[!tails_ticket 11698 desc="a bug in the debugging code"]].
  - Ported great numbers of test cases to Stretch, including the
    persistence, Tor enforcement, encryption, Evince and MAC spoofing ones.
* Verified that
  [[!tails_ticket 11812 desc="tails-security-check's CA pinning is repaired"]].
* Verified that MAC address spoofing works in various cases,
  including [[!tails_ticket 11943 desc="Wi-Fi connections"]] and
  existing persistent network connections created on Tails 2.x.
* Switch to
  [[!tails_ticket 11829 desc="using the aufs kernel module from Debian"]].
* Made progress on porting to GnuPG v2: [[!tails_ticket 11905]],
  [[!tails_ticket 11948]].
* Removed [[!tails_ticket 7687 desc="ekeyd"]] and
  [[!tails_ticket 11534 desc="obsolete udev rules"]].
* Fixed handling of `/etc/hosts`.
* Fixed issues in the [[revamped greeter|blueprint/greeter_revamp_UI/design_rationale_phase1/]] to have it included in next Jessie alpha ISO. A testing ISO [is available](https://nightly.tails.boum.org/build_Tails_ISO_feature-8230-greeter-revamp-phase1/lastSuccessful/archive/build-artifacts/). Among others, last changes include:
  - fix on-the-fly translation [[!tails_ticket 11947]] [[!tails_ticket 11957]]
  - update user visible strings [[!tails_ticket 11438]]
  - integrate latest icons [[!tails_ticket 11472]]

Reproducible ISO build
----------------------

We had an initial sprint about [[blueprint/reproducible_builds]].
We are very happy with the progress we've made: the tree that becomes
`filesystem.squashfs` is now almost fully reproducible; so is also the
tree that is the basis for automatic upgrades. Along the way, we've
contributed a number of patches to Debian and upstream projects.

* Make our PO files update reproducibly, by
  [[!tails_ticket 11967 desc="not updating them unless something other than POT-Creation-Date has changed"]].
* live-build:
  - Use xorriso, that honors the
    [SOURCE_DATE_EPOCH](https://reproducible-builds.org/specs/source-date-epoch/)
    variable, to build the ISO filesystem reproducibly.
  - Expose the `SOURCE_DATE_EPOCH` variable when running scripts
    inside the chroot.
  - Clamp mtimes to `SOURCE_DATE_EPOCH` in the chroot and
    binary filesystems.
  - Use `SOURCE_DATE_EPOCH` to populate `/.disk/info` timestamp.
  - Use `SOURCE_DATE_EPOCH` when templating syslinux templates.
* Made mksquashfs honor `SOURCE_DATE_EPOCH` for the filesystem
  creation date, and had it clamp mtimes to `SOURCE_DATE_EPOCH`.
* Incremental upgrade kits:
  - Made aufs white-outs reproducible.
  - Made aufs pseudo-links permanent, so that they are reproducible.
  - Passed `--sort=name --clamp-mtime --mtime=@$SOURCE_DATE_EPOCH`
    to tar.
* Made [[!tails_ticket 11966 desc="our web site build reproducibly"]]…
  and then discovered [[!tails_ticket 11987 desc="more bits"]] that
  are not generated in a deterministic way, which lead us to discover
  that our `cleanall` build option did not clean as well as it should
  ([[!tails_gitweb_commit 541bbe5fd3c1127232ce271041f9dddb94e3f5d7 desc="fix"]]).
* [Eliminated](https://git-tails.immerda.ch/tails/plain/config/chroot_local-hooks/99-zzzzzz_reproducible-builds-post-processing?h=feature/5630-deterministic-builds)
  various causes for non-determinism, such as caches and other
  generated files.
* On the infrastructure side of things:
  - Vagrant boxes management: we came up with a new design that
    will be reflected on the blueprint shortly.
  - Experimented with using our Vagrant + libvirt build system
    on one of our Jenkins ISO builders, and started work towards
    migrating them all.

Documentation and website
=========================

- Explain why it is [[impossible to connect to *GMail* from
  *Icedove*|doc/anonymous_internet/icedove#gmail]].

- spriver updated our documentation on [[shutdown|doc/first_steps/shutdown]]
  and [[*OpenPGP Applet*|doc/encryption_and_privacy/gpgapplet]] to 2.0.

- Chris Lamb fixed [a bunch of
  typos](https://mailman.boum.org/pipermail/tails-dev/2016-November/011065.html).

User experience
===============

Infrastructure
==============

- The deployment of our mechanism for the [[distribution and activation of the
  revocation certificate of the Tails signing
  key|doc/about/openpgp_keys/signing_key_revocation]] has progressed a lot and
  it is now operational. Thanks to everybody who accepted being part of this!

* We [[finished deploying|contribute/reports/SponsorS/2015/2016_10]] our
  new infrastructure of download mirrors which allows for more mirrors,
  easier maintenance, and more flexibility in the future.

- Our test suite covers 213 scenarios, 4 more that in October.

Funding
=======

- We continued our donation campaign and wrote about [[what we do with our
  money|news/what_we_do_with_your_money]] and [[our plans for
  the coming years|news/our_plans_for_2017]].

- Our grant proposal for NLnet on porting Tails to Debian Stretch was rejected.

- Our grant proposal for ISC Project on a translation platform for our website was
  rejected.

Outreach
========

- Cristina Carnevali [presented Tails](http://erlug.linux.it/linuxday/2016/contrib/carnevali_tails.pdf)
  at Linux Day 2016 in Bologna, Italy.

- Tails was presented in the security track of the [Iberian hackmeeting
  in Firestone](http://sindominio.net/hackmeeting/index.php?title=2016), Donostia, Basque Country.

- gagz presented Tails at [Capitole du libre 2016](https://2016.capitoledulibre.org/), Toulouse, France.

Translation
===========

- All the website:

  - de: 57% (2880) strings translated, 4% strings fuzzy, 51% words translated
  - fa: 46% (2344) strings translated, 7% strings fuzzy, 52% words translated
  - fr: 79% (3979) strings translated, 4% strings fuzzy, 78% words translated
  - it: 17% (885) strings translated, 2% strings fuzzy, 18% words translated
  - pt: 31% (1593) strings translated, 8% strings fuzzy, 29% words translated

  Total original words: 50832

- [[Core pages of the website|contribute/l10n_tricks/core_po_files.txt]]:

  - de: 85% (1569) strings translated, 8% strings fuzzy, 85% words translated
  - fa: 39% (724) strings translated, 9% strings fuzzy, 40% words translated
  - fr: 90% (1657) strings translated, 7% strings fuzzy, 91% words translated
  - it: 47% (871) strings translated, 6% strings fuzzy, 53% words translated
  - pt: 51% (947) strings translated, 12% strings fuzzy, 52% words translated

  Total original words: 16995

Metrics
=======

* Tails has been started more than 613099 times this month. This makes 20437 boots a day on average.
  It's the first time we're over 20000 boots a day!
* 14634 downloads of the OpenPGP signature of Tails ISO from our website.
* 110 bug reports were received through WhisperBack.