[Tails-dev] Tails report for June and July, 2014

Delete this message

Reply to this message
Author: Tails folks
Date:  
To: tails-dev@boum.org >> The Tails public development discussion list
CC: tor-reports
Subject: [Tails-dev] Tails report for June and July, 2014
Releases
========

  - Tails 1.1~beta1 was released on May 30.
  - Tails 1.0.1 was released on June 10.
  - Tails 1.1 was released on July 22. This marked our migration to
    Debian Wheezy and GNOME 3.


Metrics
=======

In June 2014:

   - Tails has been started more than 331 862 times in June.
     This makes 11 062 boots a day in average.
   - 25 124 downloads of the OpenPGP signature of Tails ISO from our
     website.
   - 71 bug reports were received through WhisperBack.


In July 2014:

   - Tails has been started more than 355 608 times in July.
     This makes 11 471 boots a day in average.
   - 35 134 downloads of the OpenPGP signature of Tails ISO from our
     website.
   - 160 bug reports were received through WhisperBack.
     We discovered in late July than one of our WhisperBack relay was
     not sending emails anymore since our fixes of the Heartbleed bug.
     This explains the bump in the number of bug reports.


Code
====

  - Fixed device removal before Tails Greeter login.
    https://labs.riseup.net/code/issues/7333
  - Disabled the GnuPG functionality of GNOME Keyring.
    https://labs.riseup.net/code/issues/7330
  - Removed `dselect`.
    https://labs.riseup.net/code/issues/7336
  - Updated Tor browser to 24.6.0.


https://git-tails.immerda.ch/tails/log/?h=feature/torbrowser-24.6.0esr-0+tails1
  - Installed Linux 3.14.
    https://git-tails.immerda.ch/tails/log/?h=feature/linux-3.14-in-squeeze
  - Fixed links to anchors in Yelp.
    https://labs.riseup.net/code/issues/7285
  - Included `syslinux` binaries in the ISO filesystem.
    https://git-tails.immerda.ch/tails/commit/?id=ce93164
  - Prevented `iproute2` from being installed.
    https://labs.riseup.net/code/issues/7337
  - Changed local documentation to open in Yelp.
    https://git-tails.immerda.ch/tails/commit/?id=f8513c1
  - Set the UID of `tails-persistence-setup` to the same as it was in
    Squeeze
    https://labs.riseup.net/code/issues/7343
  - Forbidden the desktop user to pass arguments to `tails-upgrade-
    frontend`
    https://labs.riseup.net/code/issues/7410
  - Fixed many things to have a Windows 8 camouflage ready for Tails 1.1
    https://labs.riseup.net/code/issues/6342


https://git-tails.immerda.ch/tails/log/?h=feature/6342-update-camouflage-for-gnome3
  - Fixed the migration of NetworkManager persistent settings
    https://labs.riseup.net/code/issues/7338
  - Worked with the people from Freepto (http://freepto.mx/) on
    pushing our tool for RAM wiping to Debian, and we made some
    progress towards [using the `wiperam` Debian package in
    Tails.
    https://mailman.boum.org/pipermail/tails-dev/2014-June/006031.html)
    https://git-tails.immerda.ch/tails/log/?h=feature/wiperam-deb
  - Shipped Windows binaries of `syslinux` in Tails.
    https://labs.riseup.net/code/issues/7425
  - Fixed the red theme of the Unsafe Browser.
    https://labs.riseup.net/code/issues/7473
  - Tightened up the permissions on `/home/amnesia`.
    https://labs.riseup.net/code/issues/7463
  - Fixed unsafe permissions on persistent files.
    https://labs.riseup.net/code/issues/7443
  - Prepared a solution to be able to "Upgrade from ISO" 1.0.1 to 1.1.
    https://labs.riseup.net/code/issues/7345
  - Disabled the `proxy://` protocol handle of FoxyProxy.
    https://labs.riseup.net/code/issues/7479
  - Installed Tor 0.2.5.x on a topic branch.
    https://git-tails.immerda.ch/tails/commit/?id=9f18b50
    https://labs.riseup.net/code/issues/7758
  - Removed the default bookmarks were removed from the Unsafe Browser.
    https://labs.riseup.net/code/issues/7594
  - Fixed a bug that broke incremental upgrades for Tails > 1.1.
    https://labs.riseup.net/code/issues/7641
  - Fixed our security check notification that were broken for months.
    https://labs.riseup.net/code/issues/7657
  - Migrated our Vagrant basebox to Wheezy.
    https://labs.riseup.net/code/issues/7133
    https://labs.riseup.net/code/issues/6736
    https://git-tails.immerda.ch/tails/log/?h=feature/vagrant-wheezy-basebox
  - Started to work on Tails Jessie. It is now possible to build Tails
    based on Jessie!
    https://git-tails.immerda.ch/tails/log/?h=feature/jessie
    https://labs.riseup.net/code/issues/6171
  - Jacob Appelbaum simplified our IPv6 firewall rules.
    https://labs.riseup.net/code/issues/7668


https://git-tails.immerda.ch/tails/log/?h=feature/7668-simplify-IPv6-firewall-rules
  - Disabled TCP timestamps.
    https://labs.riseup.net/code/issues/6579


https://git-tails.immerda.ch/tails/log/?h=feature/6579-disable-tcp-timestamps
  - Installed Linux 3.14-2.
    https://git-tails.immerda.ch/tails/log/?h=feature/linux-3.14-2
  - Prevented dhclient from sending the `amnesia` hostname over the
    network
    https://labs.riseup.net/code/issues/7688
  - Worked a bit towards towards supporting USB devices exposed as
    non-removable.
    https://git-tails.immerda.ch/tails/commit/?id=0a255dc
    https://labs.riseup.net/code/issues/7387
  - Installed `gnome-user-guide` to fix the Help launcher in the menus.
    https://labs.riseup.net/code/issues/7618
  - Fixed the configuration of printers from the GNOME control center.
    https://labs.riseup.net/code/issues/7636
  - Worked on installing `rngd`.
    https://labs.riseup.net/code/issues/5650
  - Compressed our ISO images more aggressively. They should be back to
    less than 1 GB.
    https://labs.riseup.net/code/issues/7706
  - Started drafting a list of kernel modules to blacklist.
    https://tails.boum.org/blueprint/blacklist_modules/


Documentation and website
=========================

  - Explained that OTR is disabled by default.
    https://git-tails.immerda.ch/tails/log/?h=doc/otr
  - Reworked our documentation about working on sensitive documents:
    - Office suite
      https://tails.boum.org/doc/sensitive_documents/office_suite/
    - Graphics
      https://tails.boum.org/doc/sensitive_documents/graphics/
    - Sound and video
      https://tails.boum.org/doc/sensitive_documents/sound_and_video/
  - Adapted our documentation now that Tails supports UEFI.
    https://git-tails.immerda.ch/tails/log/?h=feature/uefi
  - Added a utility script to erase auto-generated PO files.
    https://tails.boum.org/contribute/l10n_tricks/#index9h1
  - Improved our documentation on building Tails.
    https://tails.boum.org/contribute/build/
  - Pointed to the release notes from the upgrade instructions.
    https://tails.boum.org/doc/first_steps/upgrade/
    https://labs.riseup.net/code/issues/7665
  - Added a script to retrieve the list of translators on Transifex.
    https://tails.boum.org/contribute/l10n_tricks/#index10h1
  - Redirected press requests to tails-press@???.
    https://tails.boum.org/press/


Homepage defacement
-------------------

The homepage of our website was briefly defaced on June 29 by rodit.
This was later was Git-reverted, ikiwiki misconfiguration was corrected.
The underlying vulnerability has not been used for malicious purposes.

http://thehackernews.com/2014/06/tails-operating-system-website-has-beed.html

Translation and internationalization
====================================

A new team started to translate our website into Spanish.

https://mailman.boum.org/pipermail/tails-l10n/2014-June/001280.html

All website PO files
--------------------

- de: 11% (613) strings translated, +36 since May
- fr: 48% (2576) strings translated, +19 since May
- pt: 36% (1953) strings translated, +704 since May

Core PO files
-------------

- de: 26% (338) strings translated, +31 since May
- fr: 95% (1207) strings translated, -5 since May
- pt: 99% (1257) strings translated, +488 since May

Infrastructure
==============

  - Our test suite covers 87 scenarios, 3 more that in May.
  - We now use OpenJDK7 to run our test suite.
    https://labs.riseup.net/code/issues/7175
  - We've adapted our infrastructure to the last version of the shared
    postfix Puppet module.
  - Our infrastructure was cleaned up from Squeeze-area bits.
    https://labs.riseup.net/code/issues/7215
  - lizard's outgoing email setup was fixed.
    https://labs.riseup.net/code/issues/7485
  - Pushing to our master Git repository now automatically pushed to
    the repository that triggers Jenkins builds.
    https://labs.riseup.net/code/issues/5558


On-going discussions
====================

  - Tahoe-LAFS persistence
    https://mailman.boum.org/pipermail/tails-dev/2014-June/005956.html
  - The future of Vagrant Tails builds
    https://mailman.boum.org/pipermail/tails-dev/2014-July/thread.html
  - vpwned
    https://mailman.boum.org/pipermail/tails-dev/2014-July/thread.html
  - How the traffic confirmation attack on Tor affects Tails
    https://mailman.boum.org/pipermail/tails-dev/2014-July/006518.html


Funding
=======

  - Sent our final report for the OpenITP grant from fall 2013.
  - The FPF crowdfunding extended their crowdfunding campaign.
    https://pressfreedomfoundation.org/bundle/encryption-tools-journalists
  - Signed the agreement with Access for their Innovation Prize we've
    won.
  - Started working on two new grant applications to be submitted in
    August.
  - Worked on a web form for donations in fiat currencies.


https://git-tails.immerda.ch/451f/tails/tree/wiki/src/contribute/how/donate.mdwn?h=web/donation
    https://labs.riseup.net/code/issues/7156


Outreach
========

We organized a very successful HackFest attended by more than hundred
people. This event was followed by our yearly summit, attended by 15 people.

https://tails.boum.org/news/Tails_HackFest_2014/

Among the concrete work done during those ten days, here is was can be
found in our blueprints:

  - Made plans to fix in the long-term our mirror infrastructure.
  - Had ideas to [[better track our delta with Debian.
  - Improved and published the future user interface of Tails Greeter.
  - Drafted plans to fix our Vagrant basebox, and considered Docker for
    replacement.
  - Designed a Firefox extension to download and automatically verify a
    Tails ISO image.
  - Drafted a design document about random numbers in Tails.
  - Decided on a roadmap for our UX work.
  - Brainstormed on a future structure for our website and homepage.


Press & Testimonials
====================

* 2014-07-26: Tails 1.1 is announced, in French, in an article by
  pamputt on LinuxFr
  http://linuxfr.org/news/tails-1-1-est-disponible
* 2014-07: I2P bug and zero-days buzz:
  - 2014-07-21: Exodus Intelligence tweets about multiple
RCE/de-anonymization zero-days on the day before Tails 1.1 is released.
    https://twitter.com/ExodusIntel/status/491247299054428160
  - Several news websites relay that information before the details of
    the vulnerability are disclosed:
    - Exploit Dealer: Snowden's Favorite OS Tails Has Zero-Day
      Vulnerabilities Lurking Inside by Thomas Brewster on Forbes.


http://www.forbes.com/sites/thomasbrewster/2014/07/21/exploit-dealer-snowdens-favourite-os-tails-has-zero-day-vulnerabilities-lurking-inside/

    - Don't look, Snowden: Security biz chases Tails with zero-day flaws
      alert by Iain Thomson on The Register.


http://www.theregister.co.uk/2014/07/21/security_researchers_chase_tails_with_zeroday_flaw_disclosure/
    - The world's most secure OS may have a serious problem by Russell
      Brandom on The Verge


http://www.theverge.com/2014/7/22/5927917/the-worlds-most-secure-os-may-have-a-serious-problem
  - 2014-07-23: We made our users aware of that process.
    https://tails.boum.org/news/On_0days_exploits_and_disclosure/
  - 2014-07-23: Exodus Intelligence publishes [Silver Bullets and Fairy
    Tails to explain the vulnerability.
    http://blog.exodusintel.com/2014/07/23/silverbullets_and_fairytails/
  - 2014-07-25: We publish a security advisory explaining the scope of
    the problem, and temporary solutions.
    https://tails.boum.org/security/Security_hole_in_I2P_0.9.13/
* 2014-07-08: In the July 8th Keiser Report on RT.
  The Tails related part of the Keiser Report starts at 15'40".
  http://rt.com/shows/keiser-report/170908-episode-max-keiser-624/
* 2014-07-03: Tails above the Rest by Kyle Rankin in the Linux Journal:
  - Installation
    http://www.linuxjournal.com/content/tails-above-rest-installation
  - Part II
    http://www.linuxjournal.com/content/tails-above-rest-part-ii
  - Part III
    http://www.linuxjournal.com/content/tails-above-rest-part-iii
* 2014-07-03: Some articles on Tails users being targeted by NSA XKeyscore:
  - In NSA targets the privacy-conscious by J. Appelbaum, A. Gibson,
    J. Goetz, V. Kabisch, L. Kampf, L. Ryge.
    http://daserste.ndr.de/panorama/aktuell/nsa230_page-1.html
  - In Von der NSA als Extremist gebrandmarkt by  Lena Kampf,
    Jacob Appelbaum and John Goetz (in German).
    http://www.tagesschau.de/inland/nsa-xkeyscore-100.html
  - In "If you read Boing Boing, the NSA considers you a target for deep
surveillance" by Cory Doctorow.
    http://boingboing.net/2014/07/03/if-you-read-boing-boing-the-n.html
  - In TOR, logiciel-clé de protection de la vie privée, dans le viseur
de la NSA by Martin Untersinger on LeMonde.fr (in French).


http://www.lemonde.fr/pixels/article/2014/07/03/un-logiciel-cle-de-protection-de-la-vie-privee-dans-le-viseur-de-la-nsa_4450718_4408996.html
* 2014-06-25: Dai segreti di Snowden ai social: il raduno italiano degli
hacker by Andrea Rinaldi, in Corriere di Bologna (in Italian).
http://corrieredibologna.corriere.it/bologna/notizie/cronaca/2014/25-giugno-2014/dai-segreti-snowden-social-raduno-italiano-hacker-223459532934.shtml
* 2014-06-30: Tails, il sistema operativo incognito che frega l'NSA by
Carola Frediani, in Wired.it (in Italian).
http://www.wired.it/gadget/computer/2014/04/15/tails-sistema-operativo-incognito/

--
Tails folks