-
Not Synced
Hello, Thank you for coming
-
Not Synced
We're gonna give a talk about and
gonna give a technical overview of Tails.
-
Not Synced
That's kurono, intrigeri
and I am BitingBird.
-
Not Synced
We are all Tails contributors
in different fields.
-
Not Synced
I don't do technical things,
-
Not Synced
intrigeri is one of the
oldest tails contributors
-
Not Synced
and kurono contributes
since three years now.
-
Not Synced
Tails is the acronym of
the-amnesic-incognito-live-system
-
Not Synced
And there is the nice url,
where you can have all the information.
-
Not Synced
It's a live operating system.
-
Not Synced
It works on almost any computer -
except ARM
-
Not Synced
And it boots from a dvd or a usb stick
-
Not Synced
and theoretically from sdcard too,
but it doesn't work very well.
-
Not Synced
The focus of our new distribution
is privacy and anonymity.
-
Not Synced
It allows the user
to use the internet anonymously.
-
Not Synced
And also, when there is censorship,
to circumvent it.
-
Not Synced
All the connections to
the internet go with tor,
-
Not Synced
which is an anonymization network.
-
Not Synced
That's the first big feature of tails.
-
Not Synced
And the second one is
-
Not Synced
that there is no trace
on the computer you are using
-
Not Synced
so after you used it nobody can see
that you've used the computer.
-
Not Synced
If somebody would grab your computer
and search files
-
Not Synced
they would not know,
what you have done.
-
Not Synced
Unless you ask for it explicitly <????>
-
Not Synced
We have also a lot of data producing tools
-
Not Synced
because some users use it to write books,
articles, video and such things.
-
Not Synced
They want to be able to create such documents without being traced.
-
Not Synced
We have a very good report,
-
Not Synced
not from our users,
-
Not Synced
actually from the people
we are supposed to protect them against.
-
Not Synced
The NSA says, that it's a pain in the ass.
-
Not Synced
When the NSA says
you're making their life harder
-
Not Synced
somehow you're doing something right.
-
Not Synced
[klapping, laughing]
-
Not Synced
I guess you can imagine who's
the famous tails user
-
Not Synced
who gave us access to the documents where
they say that
-
Not Synced
There is also Bruce Schneier
who says he uses Tails
-
Not Synced
so, not bad.
-
Not Synced
So, what are our goals?
-
Not Synced
We took a stance in the beginning of Tails
-
Not Synced
that it was not really common back then
-
Not Synced
to have usability as a security feature
-
Not Synced
because "ubergeeks" where already able
to have secure communication.
-
Not Synced
We think that privacy
is not an individual matter.
-
Not Synced
It's a collective matter.
-
Not Synced
Everybody needs to have privacy
-
Not Synced
and new users and non geek users
had no way to get access to this.
-
Not Synced
The tools existed but they had
no user interface
-
Not Synced
or they where really hard to configure.
-
Not Synced
So, we designed a system that gives
a quite good level of security
-
Not Synced
with a quite good level of usability.
-
Not Synced
Lots of the time people ask us, why we
don't include more security features.
-
Not Synced
We have to make a balance between
usability and security.
-
Not Synced
Because if it's really secure
but nobody can use it
-
Not Synced
then it doesn't bring anything.
-
Not Synced
It makes security accessible
for most people.
-
Not Synced
Another important point in our project
-
Not Synced
is to have a very small delta
to our upstream.
-
Not Synced
Our main upstream is Debian and we try
to not diverge too much from it.
-
Not Synced
Because the more you do things differently
-
Not Synced
the more work you have to maintain.
-
Not Synced
The work is not the work of
implementing something once
-
Not Synced
it's the work of
maintaining on the long term.
-
Not Synced
There where a lot of other
security distributions
-
Not Synced
and there are still a few others
-
Not Synced
But most of them
have a very short lifespan
-
Not Synced
because of maintenance.
-
Not Synced
It's a distribution and
-
Not Synced
we're a very tiny team compared to Debian
-
Not Synced
but we're a team.
-
Not Synced
Lots of other privacy distributions
where either one person
-
Not Synced
or very tiny teams and they didn't make
outrage to be joined by other people
-
Not Synced
Most other privacy distributions didn't
take into account the maintenance work
-
Not Synced
and the user support because
-
Not Synced
even if we try to make it usable
-
Not Synced
it's still a lot of work to
teach the users how to use it
-
Not Synced
and to document how to use it.
-
Not Synced
Also if you want to start such a project
-
Not Synced
you need to have a long term commitment
-
Not Synced
and to remember to avoid the symptom of
"not invented here".
-
Not Synced
It's quite common to try to do something
that does exactly what you want
-
Not Synced
but sometimes it's best
to find an existing software
-
Not Synced
that does something close enough
-
Not Synced
to make the new features you want in it
or use it as it is.
-
Not Synced
We are trying to do most of our work,
-
Not Synced
at least a good part of our work upstream
-
Not Synced
so we did AppArmor
-
Not Synced
in Debian specifically there is
an AppArmor team,
-
Not Synced
an anonymity tools team and an OTR team
-
Not Synced
who work on things that we use in Tails
-
Not Synced
libvirt, Seahorse, Tor and Puppet
are other projects we contributed to
-
Not Synced
instead of implementing ourselves
what we need in Tails
-
Not Synced
we did it upstream
and it took longer to fall down to us
-
Not Synced
but it's maintainable.
-
Not Synced
When we finally have the new features
-
Not Synced
we have no work of keeping them.
-
Not Synced
As a result we have
really little Tails specific code
-
Not Synced
we mostly do glue work between the code
-
Not Synced
we take from our upstreams
-
Not Synced
and we do a lot of social work
-
Not Synced
we talk to upstream, we spread the word
-
Not Synced
we say "Oh that would be great if somebody
where to work on that"
-
Not Synced
And we find the people that
have the right skills
-
Not Synced
to do the work that should be done
when it's not in Tails
-
Not Synced
We have a very slow rythm
because we work in Debian
-
Not Synced
so we have to wait until the next Debian version is released
-
Not Synced
To see the work we have done in Tails
as AppArmor
-
Not Synced
I mentioned earlier, we did it in Debian
-
Not Synced
so for two years there was work going on
in Debian that was not visible in Tails
-
Not Synced
but we finally have it
-
Not Synced
Tails is still alive,
because it's maintainable
-
Not Synced
Implementation details -
-
Not Synced
That's where I give the micro.
[gives micro to kurono]
Debconf
