Hello, Thank you for coming We're gonna give a talk about and gonna give a technical overview of Tails. That's kurono, intrigeri and I am BitingBird. We are all Tails contributors in different fields. I don't do technical things, intrigeri is one of the oldest tails contributors and kurono contributes since two years now. Tails is the acronym of The Amnesic Incognito Live System And here is the nice url, where you can have all the information. It's a live operating system. It works on almost any computer - except ARM And it boots from a dvd or a usb stick and theoretically from sdcard too, but it doesn't work very well. The focus of our distribution is privacy and anonymity. It allows the user to use the internet anonymously. And also, when there is censorship, to circumvent it. All the connections to the internet go with tor, which is an anonymization network. That's the first big feature of tails. And the second one is that there is no trace on the computer you are using so after you used it nobody can see that you've used the computer. If somebody would grab your computer and search files they would not know, what you have done. Unless you ask for it explicitly We have also a lot of data producing tools because some users use it to write books, articles, video and such things. They want to be able to create such documents without being traced. Does it work ? We have a very good report, not from our users, actually from the people we are supposed to protect them against. The NSA says, that it's a pain in the ass. When the NSA says you're making their life harder somehow you're doing something right. [klapping, laughing] I guess you can imagine who's the famous tails user who gave us access to the documents where they say that There is also Bruce Schneier who says he uses Tails so, not bad. So, what are our goals? We took a stance in the beginning of Tails that it was not really common back then to have usability as a security feature because "ubergeeks" where already able to have secure communication. The thing is privacy is not an individual matter. It's a collective matter. Everybody needs to have privacy and new users and non geek users had no way to get access to this. The tools existed but they had no user interface or they where really hard to configure. So, we designed a system that gives a quite good level of security with a quite good level of usability. Lots of the time people ask us, why we don't include more security features. We have to make a balance between security and usability. Because if it's really secure but nobody can use it then it doesn't bring anything. It makes security accessible for most people. Another important point in our project is to have a very small delta to our upstream. Our main upstream is Debian and we try to not diverge too much from it. Because the more you do things differently the more work you have to maintain. The work is not the work of implementing something once it's the work of maintaining on the long term. There where a lot of other security distributions and there are still a few others But most of them have a very short lifespan because of maintenance. It's a distribution and we're a very tiny team compared to Debian but we're a team. Lots of other privacy distributions where either one person or very tiny teams and they didn't make outrage to be joined by other people Most other privacy distributions didn't take into account the maintenance work and the user support because even if we try to make it usable it's still a lot of work to teach the users how to use it and to document how to use it. Also if you want to start such a project you need to have a long term commitment and to remember to avoid the symptom of "not invented here". It's quite common to try to do something that does exactly what you want but sometimes it's best to find an existing software that does something close enough to make the new features you want in it or use it as it is. We are trying to do most of our work, at least a good part of our work upstream so we did AppArmor in Debian specifically there is an AppArmor team, an anonymity tools team and an OTR team who work on things that we use in Tails libvirt, Seahorse, Tor and Puppet are other projects we contributed to instead of implementing ourselves what we need in Tails we did it upstream and it took longer to fall down to us but it's maintainable. When we finally have the new features we have no work of keeping them. As a result we have really little Tails specific code we mostly do glue work between the code we take from our upstreams and we do a lot of social work we talk to upstream, we spread the word we say "Oh that would be great if somebody where to work on that" And we find the people that have the right skills to do the work that should be done when it's not in Tails We have a very slow rythm because we work in Debian so we have to wait until the next Debian version is released To see the work we have done in Tails as AppArmor I mentioned earlier, we did it in Debian so for two years there was work going on in Debian that was not visible in Tails but we finally have it Tails is still alive, because it's maintainable Implementation details - That's where I give the micro. [gives micro to kurono]