14 DAY TRIAL // A new stable release of Tails, the beloved anonymous Live CD that helps you stay hidden when navigating various websites on the Internet, is being prepared.
Tails 2.10 will soon be the new stable version of the Debian-based amnesic incognito live system that uses the latest TOR anonymous network and Tor Browser anonymous web browser technologies. A first Release Candidate is already available for public testing, bringing with it numerous improvements and bug fixes.
Among the most important ones, we can mention that the distribution is now upgraded to use the Linux 4.8 kernel, despite the fact that the branch reached end of life on January 9, 2017, as well as Tor 0.2.9.8, Icedove 45.6.0, and Electrum 2.7.9, all ported from the Debian GNU/Linux 8 "Jessie" software repositories.
The OnionShare tool that lets users anonymously and securely share files of any size has been installed from Debian Jessie Backports, and it looks like the tor-controlport-filter component has been completely rewritten and ported to Python 3 to safely support OnionShare.
exFAT support lands, AdBlock Plus replaced with uBlock Origin
Based on the recently released Debian GNU/Linux 8.7 "Jessie" operating system, Tails 2.10 will also enable and use the Debian Jessie proposed-updates APT repository, the per-tab circuit view in Tor Browser, add support for the exFAT file system, and replace the AdBlock Plus add-on with the more popular and resource-friendly uBlock Origin.
There are numerous other small improvements implemented in Tails 2.10, including OpenPGP Applet 1.0 from Debian Jessie Backports, support for OnionCircuits and Tor Launcher to use the filtered control port, the ability to run OnionCircuits as the live user, which finally makes it compatible with the Orca screen reader utility.
Among other adjustments, we can mention that tor-controlport-filter will now run on port 9051, the tor-arm (Nyx) anonymizing relay monitor was removed, the APT package manager is now configured to use Debian's Onion services, and the unprivileged Berkeley Packet Filter (BPF) is now disabled by default.
"Since upgrading to kernel 4.6, unprivileged users can use the bpf() syscall, which is a security concern, even with JIT disabled. So we disable that. This feature wasn't available before Linux 4.6, so disabling it should not cause any regressions," explained the Tails developers in the release notes.
Last but not least, Tails 2.10 promises to add and enable AppArmor profiles for both OnionShare and OnionCircuits, implement support for up to 32 loop devices, drop the kernel.dmesg_restrict customization since it's now enabled by default in Linux kernel 4.8, and improve both the Tails Installer and Greeter.
All amd64-microcodes have been included in the upcoming release, and you can now download the first, and probably the only Release Candidate build of Tails 2.10 right now from our website if you want to take it for a test drive, but please try to keep in mind that this is a pre-release version, not suitable for production use.