Tails 6.11 Brings Security Fixes And Enhancements

As you may know, Tails is a free and open-source portable Linux system, focusing on user security and privacy, protecting users against surveillance and censorship. If you did not know this, Tails stands for The Amnesic Incognito Live System.

The OS is based on Debian Linux and is intended to run from an USB stick or a DVD, ensuring that no traces are left on the host computer after user.

All the internet traffic is routed via the Tor network, which anonymizes the user’s location and online activity.

The operating system provices various pre-installed tools for secure communication, like encrypted email and instant messaging apps and well as encryption software la VeraCrypt.

Tails runs directly from the volatile memory (RAM), which means that all the content is wiped clean when the session ends.

The latest version: Tails 6.11

Tails 6.11 has been released, bringing a series of security patches, usability enhancements and bugfixes, fixing the vulnerabilities identified by an external security audit conducted by Radically Open Security.

Among others, the Tails Upgrader vulnerability was fixed. In the previous versions, the upgrader could have been used by a malicious actor to install unwanted software.

According to the release notes, a manual upgrade to Tails 6.11 eliminates the malitious software remaining on the Tails USB stick.

In Tails 6.10 or earlier, an attacker who has already taken control of an application in Tails could then exploit vulnerabilities in other applications that might lead to deanonymization or the monitoring of browsing activity:

  • In Onion Circuits, to get information about Tor circuits and close them.
  • In Unsafe Browser, to connect to the Internet without going through Tor.
  • In Tor Browser, to monitor your browsing activity.
  • In Tor Connection, to reconfigure or block your connection to the Tor network.

Changes and updates

  • Update Tor Browser to 14.0.4.
  • Update Thunderbird to 128.5.0esr.
  • Remove support for hardware wallets in Electrum. Trezor wallets stopped working in Debian 12 (Bookworm), and so in Tails 6.0 or later.
  • Disable GNOME Text Editor from reopening on the last file. (#20704)
  • Add a link to the Tor Connection assistant from the menu of the Tor status icon on the desktop.
  • Make it easier for our team to find useful information in WhisperBack reports.

Last but not least, some enhancements have been also made regarding the partitions. Usually, partitions get corrupted, creating errors with Persistent Storage or during upgrades, but with this release, Tails now warns about such partitioning error earlier.

Leave a Comment

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *