Tails 3.4 privacy-focused Linux distro now available with Meltdown and Spectre fixes
With everything going on in the world these days, it can feel like you are naked when using your computer. If you previously felt safe and secure, these last several years have probably eroded all of your confidence. Between Edward Snowden's revelations and the many vulnerabilities constantly hitting the news, it is tempting to just live in the woods without electricity.
Before you sell your house, buy a tent, and become a nomad, you should consider a Linux distribution that helps you fight back against evil governments, nefarious hackers, and other bad people. Called "Tails," this Linux-based operating system is designed to be run from a live environment, such as on a DVD or flash drive, so you can hide your tracks and enjoy your God-given right to privacy. Today, version 3.4 becomes available and if you are already a Tails user, you should upgrade immediately. Why? Because it includes kernel 4.14.12 which offers fixes for Meltdown and Spectre (partially).
"Tails 3.4 is out. This release fixes many security issues and users should upgrade as soon as possible. In particular, Tails 3.4 fixes the widely-reported Meltdown attack, and includes the partial mitigation for Spectre," says the Tails developers.
The developers share the following fixed problems, known issues, and patched security holes (there are many).
- Fix an issue that made Tails start very slowly, in particular on DVD. (#14964)
- Don't delete downloaded Debian packages after installing them. This is mostly relevant for users of the APT Packages persistence feature. (#10958)
- Fix an issue that prevented some Debian packages to install properly with the Additional software feature. (#6038)
- Update uBlock Origin to restore its icon in Tor Browser, and make its settings dashboard work again. (#14993)
- The graphical splash screen usually displayed during Tails startup quickly disappears and is replaced by garbled text messages. As long as Tails appears to work fine for you otherwise, please ignore these messages, including the alarming message about a "kernel BUG" (which was reported to Debian): they do not affect the safety of your Tails system.
- Due to an issue in Tor Browser, the documentation shipped in Tails doesn't open in Tor Browser anymore and lacks our sidebar. The warning page of the Unsafe Browser also lacks graphical design. (#14962)
Patched Security Holes
- imagemagick: Debian Security Advisory 4040, Debian Security Advisory 4074
- libxml-libxml-perl: Debian Security Advisory 4042
- samba: Debian Security Advisory 4043
- ffmpeg: Debian Security Advisory 4049
- curl: Debian Security Advisory 4051
- libxcursor: Debian Security Advisory 4059
- openssl1.0: Debian Security Advisory 4065
- rsync: Debian Security Advisory 4068
- enigmail: Debian Security Advisory 4070
- sensible-utils: Debian Security Advisory 4071
- linux: Debian Security Advisory 4073, Debian Security Advisory 4078
- gimp: Debian Security Advisory 4077
- poppler: Debian Security Advisory 4079
Based on all of the above patched vulnerabilities, you should clearly upgrade to 3.4 ASAP. After all, the whole point of using Tails is to be secure and focus on privacy. Using an outdated version with many security holes defeats the purpose entirely.
Ready to download Tails 3.4? You can get started here.