Tails 6.4 enhances security with random seed storage on USB stick and updated software
Tails, the portable operating system designed to protect against surveillance and censorship, has released version 6.4, just a month after its previous 6.3 update. This latest version introduces significant improvements, including the storage of a random seed on the USB stick to enhance cryptographic strength. This random seed is crucial for various cryptographic functions within Tails, such as those used in Persistent Storage, Tor, and HTTPS, and is stored outside of Persistent Storage to benefit all users.
Tails 6.4 has also transitioned to using HTTPS addresses for the Debian and Tails APT repositories, improving the reliability of the Additional Software feature. The update includes Tor Browser 13.0.16, Tor client 0.4.8.12, and Thunderbird 115.12.0.
Other notable fixes address issues with unlocking Persistent Storage and connecting to mobile broadband networks on certain hardware. Additionally, the PDF reader in Thunderbird, which was disabled in Tails 6.3 for security reasons, has been re-enabled in this release.
Correct me if I'm wrong, but doesn't having persistent storage go against the point of TailsOS?
For example, aside from obvious physical dangers, wouldn't it lead to more user-error in terms of lack of anonymity, possible side-channel attacks, and vulnerabilities within what you store itself?
With persistent storage, you can save WiFi passwords, PGP keys, password databases and additional apps for the future. Imagine having to type in your WiFi pw every time you boot up your machine. Horrible. Also, apps are sandboxed and can‘t just access your entire filesystem. Without persistent storage, no one would use Tails.
Reply written Jun 19, 2024