$ Torproject Blog Announcement:
https://blog.torproject.org/blog/tails-112-out
$ TAILS News Announcement:
https://tails.boum.org/news/version_1.1.2/index.en.html
$ TAILS Download Site:
https://tails.boum.org/download/index.en.html
###
"TAILS, The Amnesic Incognito Live System, version 1.1.2, is out.
This release fixes numerous security issues[1] and all users must upgrade[2] as soon as possible.
We prepared this release mainly to fix a serious flaw[3] in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates.
Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site.
( Changes below the fold. )
- Security fixes
- Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
- Install Linux 3.16-1
- Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages
See the online Changelog[4] for technical details."
[1] https://tails.boum.org/security/Numerous_security_holes_in_1.1.1/
[2] https://tails.boum.org/doc/first_steps/upgrade/
[3] https://blog.mozilla.org/security/2014/09/24/rsa-signature-forgery-in-nss/
[4] https://git-tails.immerda.ch/tails/plain/debian/changelog
##############################################################
-((( Direct download )))-
( Latest release: Tails 1.1.2 ISO image )
http://dl.amnesia.boum.org/tails/stable/tails-i386-1.1.2/tails-i386-1.1.2.iso
( Cryptographic Signature - Tails 1.1.2 signature )
https://tails.boum.org/torrents/files/tails-i386-1.1.2.iso.sig
( SHA256 checksum for ISO )
f8a15f7c63662815a7087d36e1f614c9382675dd2424c2cd336aca6b72203ea2
##############################################################
-((( BitTorrent download )))-
( Latest release: Tails 1.1.2 torrent )
https://tails.boum.org/torrents/files/tails-i386-1.1.2.torrent
"The cryptographic signature of the ISO image is also included in the Torrent. Additionally, you can verify the signature of the Torrent file itself before downloading it."
( Cryptographic Signature: )
https://tails.boum.org/torrents/files/tails-i386-1.1.2.torrent.sig
##############################################################
-- TAILS Website:
https://tails.boum.org/
-- About:
https://tails.boum.org/about/index.en.html
-- Getting Started:
https://tails.boum.org/getting_started/index.en.html
-- Documentation:
https://tails.boum.org/doc/index.en.html
-- Help & Support:
https://tails.boum.org/support/index.en.html
-- Contribute:
https://tails.boum.org/contribute/index.en.html
-- News:
https://tails.boum.org/news/index.en.html
(Score: 3, Informative) by WizardFusion on Friday September 26 2014, @12:10PM
Expect another update soon, once BASH has been fixed (properly)
(Score: 0) by Anonymous Coward on Friday September 26 2014, @12:15PM
Does this distro use systemd? If it does not, is there a guarantee that it never will?
(Score: 2) by kaszz on Friday September 26 2014, @12:15PM
Does it rely on systemd?
(Score: 1, Insightful) by Anonymous Coward on Friday September 26 2014, @04:02PM
it says on their page that it's based on Debian, so if this release doesn't come with systemd the next one will.
(Score: 2) by meisterister on Saturday September 27 2014, @12:29AM
If so, then I think that the irony here is that the "secure" operating system is allowing that octopus-like black box security abomination to play such a crucial role in running everything.
While I'm ranting, I'd might as well propose some new slogans to sell SystemD:
1. SystemD: Just the tip!
2. SystemD: Giving Linux the D since 2010!
3. SystemD: Your system is our system!
4. SystemD: synchronization is thing! our Thread
(May or may not have been) Posted from my K6-2, Athlon XP, or Pentium I/II/III.
(Score: 2) by frojack on Saturday September 27 2014, @02:52AM
Was thinking the same thing.
Why isn't this based on Openbsd? Those guys are totally paranoid about security.
Its far lighter weight than any linux kernel.
No, you are mistaken. I've always had this sig.
(Score: 1, Interesting) by Anonymous Coward on Saturday September 27 2014, @11:04AM
The whole point of having a live bootable CD is that it could potentially run on any hardware. Linux will boot just fine and at the very will probably have networking work even with weird wireless chipsets. I don't know how good the BSDs are at that at these days.
(Score: 1) by clone141166 on Saturday September 27 2014, @01:44PM
#4 made me chuckle :)
(Score: 3, Interesting) by cykros on Friday September 26 2014, @05:56PM
As much as I'm no fan of systemd, I do have to wonder how much messing around with the init system people do on T(A)ILS in the first place, being a live-ISO system not intended to ever be installed in the first place (and indeed, you'd be undoing some of the privacy oriented features it boasts by doing so). By and large, T(A)ILS is a system geared around being used specifically as-is, rather than really administrated in any way. Being open of course, you're not FORCED into that, but I guess I'm just saying I don't really see much of a use case for that kind of tinkering on this specific distro, other than I suppose if you're really interested in doing your own auditing and running into the complex mess that is systemd rather than having easy access to text based everything.
That said, given that it's Debian, and that they still do have packages for replacing systemd with sysvinit, it wouldn't be impossible to roll your own iso for it with sysvinit instead of systemd. Might even generate some ad revenue hosting it up yourself...
(Score: 1, Insightful) by Anonymous Coward on Friday September 26 2014, @07:29PM
This doesn't automagically write any files to any storage device, so the binary logfiles thing isn't an issue.
As cykros said, you aren't going to be doing any config on this thing either.
Any systemd downside I can think of is nulled by it being a live distro.
On the upside, this is 1 of those instances where a faster boot time would be an advantage.
-- gewg_