Hello, Thank you for coming
We're gonna give a talk about and
gonna give a technical overview of Tails.
That's kurono, intrigeri
and I am BitingBird.
We are all Tails contributors
in different fields.
I don't do technical things,
intrigeri is one of the
oldest tails contributors
and kurono contributes
since two years now.
Tails is the acronym of
The Amnesic Incognito Live System
And here is the nice url,
where you can have all the information.
It's a live operating system.
It works on almost any computer -
except ARM
And it boots from a dvd or a usb stick
and theoretically from sdcard too,
but it doesn't work very well.
The focus of our distribution
is privacy and anonymity.
It allows the user
to use the internet anonymously.
And also, when there is censorship,
to circumvent it.
All the connections to
the internet go with tor,
which is an anonymization network.
That's the first big feature of tails.
And the second one is
that there is no trace
on the computer you are using
so after you used it nobody can see
that you've used the computer.
If somebody would grab your computer
and search files
they would not know,
what you have done.
Unless you ask for it explicitly
We have also a lot of data producing tools
because some users use it to write books,
articles, video and such things.
They want to be able to create such documents without being traced.
Does it work ?
We have a very good report,
not from our users,
actually from the people
we are supposed to protect them against.
The NSA says, that it's a pain in the ass.
When the NSA says
you're making their life harder
somehow you're doing something right.
[klapping, laughing]
I guess you can imagine who's
the famous tails user
who gave us access to the documents where
they say that
There is also Bruce Schneier
who says he uses Tails
so, not bad.
So, what are our goals?
We took a stance in the beginning of Tails
that it was not really common back then
to have usability as a security feature
because "ubergeeks" where already able
to have secure communication.
The thing is privacy
is not an individual matter.
It's a collective matter.
Everybody needs to have privacy
and new users and non geek users
had no way to get access to this.
The tools existed but they had
no user interface
or they where really hard to configure.
So, we designed a system that gives
a quite good level of security
with a quite good level of usability.
Lots of the time people ask us, why we
don't include more security features.
We have to make a balance between security and usability.
Because if it's really secure
but nobody can use it
then it doesn't bring anything.
It makes security accessible
for most people.
Another important point in our project
is to have a very small delta
to our upstream.
Our main upstream is Debian and we try
to not diverge too much from it.
Because the more you do things differently
the more work you have to maintain.
The work is not the work of
implementing something once
it's the work of
maintaining on the long term.
There where a lot of other
security distributions
and there are still a few others
But most of them
have a very short lifespan
because of maintenance.
It's a distribution and
we're a very tiny team compared to Debian
but we're a team.
Lots of other privacy distributions
where either one person
or very tiny teams and they didn't make
outrage to be joined by other people
Most other privacy distributions didn't
take into account the maintenance work
and the user support because
even if we try to make it usable
it's still a lot of work to
teach the users how to use it
and to document how to use it.
Also if you want to start such a project
you need to have a long term commitment
and to remember to avoid the symptom of
"not invented here".
It's quite common to try to do something
that does exactly what you want
but sometimes it's best
to find an existing software
that does something close enough
to make the new features you want in it
or use it as it is.
We are trying to do most of our work,
at least a good part of our work upstream
so we did AppArmor
in Debian specifically there is
an AppArmor team,
an anonymity tools team and an OTR team
who work on things that we use in Tails
libvirt, Seahorse, Tor and Puppet
are other projects we contributed to
instead of implementing ourselves
what we need in Tails
we did it upstream
and it took longer to fall down to us
but it's maintainable.
When we finally have the new features
we have no work of keeping them.
As a result we have
really little Tails specific code
we mostly do glue work between the code
we take from our upstreams
and we do a lot of social work
we talk to upstream, we spread the word
we say "Oh that would be great if somebody
where to work on that"
And we find the people that
have the right skills
to do the work that should be done
when it's not in Tails
We have a very slow rythm
because we work in Debian
so we have to wait until the next Debian version is released
To see the work we have done in Tails
as AppArmor
I mentioned earlier, we did it in Debian
so for two years there was work going on
in Debian that was not visible in Tails
but we finally have it
Tails is still alive,
because it's maintainable
Implementation details -
That's where I give the micro.
[gives micro to kurono]