[Tails-dev] TBB-Firefox sends OS+kernel in update queries to Mozilla

2018-09-21 Thread Anonymous

User report:[1]

Sanitize the add-on blocklist update URL

related, old, closed ticket (unresolved):

TBB-Firefox sends OS+kernel in update queries to Mozilla

[1]: "TBB-Firefox sends Linux kernel version in extensions blocklist update 
queries to Mozilla. 6 years old ticket closed 
https://trac.torproject.org/projects/tor/ticket/6734 without fix this privacy 

>From Ubuntu 18.04.1 LiveCD
 4.15.0-29-generic (GTK 3.22.30 libpulse 11.1.0)/default/default/1/1/new/


Also it send TOTAL_PING_COUNT to tell mozilla how many days you use TBB."
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Please upgrade to the new MAT2

2018-08-25 Thread Anonymous Democracy
Dear Tails and Subgraph developers,
since we are supporters of free speech and real honest democracy, we heavily rely on cleaned PDF files as well. In the old days MAT did do the job great, but this feature had been disabled.
In the high hope that the refreshed MAT2 now supports cleaning PDF files without enlarging the file itself, we kindy ask your deveopers to upgrade your operating systems to the new MAT2:
@Tails developers: We'd be more than really happy to see MAT2 in the upcoming Tails version 3.9 on September 5th! :)
Thank you everyone for your wonderfu work!
Anonymous greetings
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Releasing ISO as a GPG encrypted archive?

2017-09-24 Thread Anonymous
Have the developers considered the idea of releasing the
Tails ISO as a GPG encrypted archive? This would create
another verification method with distribution as users would
need to decrypt the archive via a specific method in order
to utilize the ISO and further verify it once extracted.
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

Re: [Tails-dev] Tails .onion package repo question!

2017-08-29 Thread Anonymous
@intrigeri and u:

Thanks for 'kicking' this to the help desk. Has anything new
been discovered?

You may wish to participate here at the debian user mailing list:

OP: https://lists.debian.org/debian-user/2017/08/msg01420.html

Since it's both a Debian and Tails issue perhaps it could
be worked out there? TIA
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Proposal: new Tails version scheme and RM optimi

2017-02-07 Thread Anonymous
With regard to Proposal Number 1, I would like to see a numbering scheme where 
the releases all have the same number of segments. For example
Instead of:


Taking this one step further would be to have the same number of digits in each 
segment (leading zeros) but that would open a whole new can of worms regarding 
'future-proofing' so might be left alone at this time.

Thanks for everything and I appreciate all the time/effort/work that is put in 
to Tails.
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Please keep torsocks!

2016-11-18 Thread Anonymous
I noticed in the changelog for tails (3.0~alpha1):

"Use torsocks to torify Git, and drop tsocks entirely. tsocks has been
unmaintained for years in Debian, and was removed from testing
for a while (Closes: #10955)."

Is torsocks the same as tsocks? I certainly hope torsocks
remains in Tails, I use it for several applications!

Is torify any different?

Please keep torsocks in Tails!

Ah! Looking via dpkg -l I see the two are different
packages. Can torsocks function well without tsocks?
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Unnecessary file in /home/amnesia/.gnupg

2016-10-05 Thread Anonymous
This unnecessary file has existed in Tails for a long time. I remove it
with every boot into Tails, but I'm tired of doing so when it should
not exist.

Please navigate to /home/amnesia/.gnupg and have a look at the files
there. You will notice the following file:


Not only is this file unnecessary, if you're concerned about the size
of your distribution, (which has been intimated before) you should
remove this file prior to public release.
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] systemd: ruh roh! Crippling Bug!

2016-10-01 Thread Anonymous
Multiple Linux Distributions Affected By Crippling Bug In Systemd

Story is at Slashdot and the bug report is:


So WTF for TorBB & Tails users?
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Does Tails' Connectivity Depend On One OpenDNS server?

2016-10-01 Thread Anonymous
According to /etc/ttdnsd.conf:

# OpenDNS

Does this mean if that IP goes down, the shit hits the
fan for Tails users and they won't be able to load
clear-net sites? Could there be some other future
unforeseen error/event occur where we really should have
been using not only one OpenDNS IP, but perhaps some
from another provider, MAYBE Google, but probably and most
preferably others like CCC?

I'm also concerned about tracking. Couldn't people who
run exit nodes sign up for an OpenDNS account(s) and
track the [Tails] users and/or compile detailed reports on
usage stats? Couldn't they also control/limit the sites
Tails users visit according to settings on their registered
OpenDNS accounts?
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] SSD Advisory – Wget Arbitrary Commands Execution

2016-07-04 Thread Anonymous Remailer (austria)

"Vulnerability Description
A vulnerability in the way wget handles redirects allows attackers that are 
able to hijack a connection initiated by wget or compromise a server from which 
wget is downloading files from, would allow them to cause the user running wget 
to execute arbitrary commands. The commands are executed with the privileges 
with which wget is running. This could prove to be quite severe when wget is 
launched as ‘root’.

Vulnerable Version

Wget version 1.17 and prior"

More delish meaty bits:
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Filling remaining space on DVDR from /dev/random

2016-06-08 Thread Anonymous
Hello my good friends,

I would like to fill remaining space on DVDR from /dev/random
after I have burned the Tails 2.4 ISO.

How would I do this? Can you verify the following instructions
as the correct method, please?


"When creating the CD-R image, also remember to use /dev/random to fill the 
remaining CD-R space so that any malware trying to hide inside the CD-R 
(assuming you create the CD-R image from a more secure environment without 
being infected in the first place) when mounting the CD-R on a public computer."

How is this accomplished?


After writing the ISO to the CD-R, query the CD-R for the amount of disk space 
and then make a file with the same size as the remaining disk space and then 
pipe /dev/random output into that file.

To find out CD-R space after copying Tails onto CD-R:
fdisk -l /dev/cdrom

Fill up the CD-R with random stuff:
dd if=/dev/random of=/dev/cdrom/ bs=2048 count=

Open the CD-R and it indicate it has no more free space (by some file manager 
or fdisk again).

You may want to SHA-256 hash the CD-R content, write down the hash on a paper 
and keep in your wallet in case you need to verify the CD-R as your Tails 

To get the SHA-256 hash do:
sha256sum /dev/cdrom

Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] The PTB rely on HUMAN FLESH in the FOOD SUPPLY

2016-04-15 Thread Anonymous Remailer (austria)

The PTB rely on HUMAN FLESH in the FOOD SUPPLY to maintain their human 

Human flesh exists in a lot of foods today. Sometimes it makes the news. These 
are PTB slip ups, and/or conditioning this reality.

They rely on the consumption of human flesh to retain their human appearance. 
They all have the same scent. They exist from the bottom to the top of the 
pyramid. Some are bums, some are middle/upper class, some are those dancing for 
you on TV, in a web of deceit to keep your mind and body occupied.

If you want to try and let one of them know that you know what they are, you 
might say to them:

"This hamburger is really quite human"
(inhale deeply) "This planet is filled with creatures which all smell the same"
"I hope you enjoyed your flesh burger"
"How long did your last regeneration period last?"
"What office do you work for?"
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] What's with the spam on this list?

2016-03-10 Thread Anonymous
I'm going blind!
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] dconf-editor dropped, gedit-plugins, systemd, w32codecs

2016-03-06 Thread Anonymous
1. Why was dconf-editor dropped from Tails?

I found it very useful in previous versions of Tails.
Please reintroduce it in the next version of Tails.

2. gedit-plugins

This is a good package to have installed.

3. Systemd private directories in /tmp

Why are there so many "systemd-private-" directories in /tmp
There's systemd-private(long string of numbers and letters) with
the following:


4. win32 codecs

If you're shipping libdvdcss2, why haven't you included
the win32 codecs like the official MPlayer website has on
their download page?
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] is it safe to update these files in synaptic?

2016-02-24 Thread Anonymous
hi is it safe to update these files in synaptic?

[23 Feb 2016] DSA-3487 libssh2 - security update 
[19 Feb 2016] DSA-3483 cpio - security update 

there's a few others, too. the updates refuse to display
a changelog, IDK why.

there's one glibc or libc or something similar in Synaptic
which wants updating of 2 separate packages. but don't those
type of updates want a reboot?

i usually backup updates and reinstall them in new Tails
session, but i want to know what is safe to d/l without
waiting for a new Tails .ISO and without upgrading a usb.

Thank you.

Your pal,

Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] .xsession-errors file filled with WARNING message

2016-02-06 Thread Anonymous Remailer (austria)

Since a couple of Tails versions back, my .xsession-errors file
continues to be filled with:

(gnome-settings-daemon:(snip)): updates-plugin-WARNING **:
failed to get time: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown:
The name org.freedesktop.PackageKit was not provided by any
.service files

(snip) = removed numbers

I Googled but found nothing to indicate what this error means
and nothing on how to fix it.

Rootkit? Trojan? Any ideas?
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Any plans for an emergency release & alt spin question

2016-02-06 Thread Anonymous
A lot of updates to components of Tails are occurring.

Should I download 2.0 now or wait for another release
prior to the next stable version? Remember the last two
versions released and the distance in time between them?

The size of the ISO is very large for some of us and
I would rather know now whether 2.0 will exist
as the go-to current version for the next month or two.

& I would join any official Tails team working
on an alternative, smaller ISO perhaps with Openbox and
no large DM, video/audio tools, office suite, and so on,
[but we know that won't happen].

However, when "just the basics" are considered this could
result in a much smaller sized ISO.
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] HTTPS-Everywhere missing config page!

2015-12-25 Thread Anonymous
Since TAILS 1.7 the HTTPS-Everywhere addon only shows the
Observatory settings and does not show the site list where
the user may alter settings per site and more.

Please restore this option and if possible tell us how
we may restore it manually in 1.8.1. TIA
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Mozilla Crash Reporter

2015-12-14 Thread Anonymous Remailer (austria)

Name - webapprt.ini
Folder - /usr/local/lib/tor-browser/webapprt

File: webapprt.ini

[Crash Reporter]


Manually Changed via sudo to:

[Crash Reporter]

and saved, just in case.
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] firefox -allow-remote (what does it do?)

2015-11-25 Thread Anonymous
when i do:

$ps ax | grep firefox

i see:

/usr/local/lib/tor-browser/firefox -allow-remote --class Tor Browser -profile 

what is the "-allow-remote" value mean? I've Googled
and eventually discovered this site:


"In the TBB 4.5 they updated the star-tor-browser script,
which actually removed support for passing -allow-remote
in anyway. So I've removed support for opening external 
links, which sort of makes this issue go away. #176"

if they removed support in TBB version 4.5 for this
option, why in Tails 1.7 does it remain and what exactly
does it do?

the few websites where it's mentioned do not do a good job
of explaining this, what i have come to understand now,
outdated/removed option.
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] HTTPS-Everywhere missing domain config options

2015-11-12 Thread Anonymous
In Tails 1.7, when I click on Preferences for the HTTPS-Everywhere
Add-on, I am presented with the screen for the opt-in "Observatory".

What happened to the other section where I could add/edit domains
supported by the plugin? Some sites I would disable because of
cert issues and now I have to disable the plugin in order for this
to work because the domain config option section is now GONE!
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Updated signing key - lack of notice on d/l page for 1.7

2015-11-09 Thread Anonymous
on your TAILS download page it mentions:

"Tails transitioned to a new signing key in Tails 1.3.1."

But it fails to mention the new updated signing key for 1.7.
I verified the 1.7 ISO with an older version of TAILS and
followed this by importing the 1.7 signing key and it too
verified the 1.7 ISO.

But, you should post somewhere about the new 1.7 signing key
and recommend the download of it just in case for some
users. TIA
Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Tails Amnesic Incognito Live Linux OS Spotted on 'Homeland'

2015-10-25 Thread Anonymous Remailer (austria)


"The episode is called "Super Powers" and aired last Sunday, on October 18, 
2015. During the show, at some point, Laura Sutton makes contact with Numan, 
who gives her a USB stick with some leaked CIA documents.

She immediately goes back to her office, takes a Dell XPS 13 laptop from her 
safe and boots from the USB flash drive received from Numan, which apparently 
runs the Tails amnesic incognito Live Linux operating system."

Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Potential privacy issue here

2014-04-11 Thread Anonymous

I'm nerved that Tails reconfigured the Tor browser bundle to redirect to
boum.org (Tails website) at every startup or identity change. What's the
purpose? Usage statistics? News? (There is not often important news..) 

Why can't it be empty by default or just the Torproject page, making it
hard to differentiate between a normal Tor Browser Bundle user and a
Tails user. I already saw tails.boum.org in referrer fields on my weblog.

Now every Tails start or identity change , a Tor exit node must connect
to this server, creating the possibility of passive browser
fingerprinting (browserspy.dk like , screen dimensions are the most

Besides a blank Startpage, slightly random window dimensions would be a
great feature to INCREASE privacy

I love to see this great project get even better but without my computer
potentially passing screen-dimensions to the Tails webserver 30 times on
a regular day.

Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] Need more privacy

2014-04-11 Thread Anonymous Remailer (austria)

I'm nerved that Tails reconfigured the Tor browser bundle to redirect to 
boum.org (Tails website) at every startup or identity change. What's the 
purpose? Usage statistics? News? (There is not often important news..) 

Why can't it be empty by default or just the Torproject page, making it
hard to differentiate between a normal Tor Browser Bundle user and a Tails 
user. I already saw tails.boum.org in referrer fields on my weblog.

Now every Tails start or identity change , a Tor exit node must connect to this 
server, creating the possibility of passive browser fingerprinting 
(browserspy.dk like , screen dimensions are the most important)

Besides a blank Startpage, slightly random window dimensions would be a great 
feature to INCREASE privacy

I love to see this great project get even better but without my computer 
potentially passing screen-dimensions to the Tails webserver 30 times on a 
regular day.

Tails-dev mailing list
To unsubscribe from this list, send an empty email to 

[Tails-dev] TAILS (Tor Linux distribution) contains extra root CAs ?

2013-10-17 Thread Anonymous Remailer (austria)

I have a question:

Tor Browser Bundle - Firefox ESR 17.0.9 (LATEST TOR)
Compared to: Iceweasel 17.0.9 (LATEST TAILS Linux distribution)

To be found in Tails (not found in TBB), some additional certificates:

DigiCert Inc -> DigiCert High Assurance EV CA-1
DigiCert Inc -> DigiCert High Assurance CA3
GeoTrust Inc. -> Google Internet Authority G2
StartCom Ltd. -> StartCom Class 2 Primary Intermediate Server CA
The Go Daddy Group, Inc -> Go Daddy Secure Certification Authority
The USERTRUST Network -> Gandi Standard SSL CA

All these are listed as "Software Security Device" certificaties.
The others are "Builtin Object Token" and baked in the browser.

Mozilla's documentation explains about "Software Security Devices":

"Software Security Device stores your certificates and keys that aren't stored 
on external security devices, including any CA certificates that you may have 
installed in addition to those that come with the browser. "


Question is: did TAILS added some extra CA's ?

tails-dev mailing list

[T(A)ILS-dev] Feature Request: SSL-DNS+DNSSEC

2010-11-28 Thread Anonymous
I tried posting this on the wiki, but it kept getting flagged as spam.

Feature request: secure/validated DNS lookups

The Swiss/German Privacy Foundation(s) run some servers that accept encrypted 
https/ssl dns requests.  There is a howto on how to implement this using socat 
and stunnel.  www dot privacyfoundation dot de backslash wiki backslash SSL-DNS

They can also use dnssec, which could be coupled with the firefox/iceweasel 
extensions like DNSSEC-{tools,validator,drill} 

tails-dev mailing list