The Amnesic Incognito Live System (Tails) released version 3.7.1 of their GNU/Linux distribution on Sunday June 10, and it promises to be even more secure and private than their previous releases. All outgoing connections sent from a machine running Tails are forced to go through Tor, and it blocks any non-anonymous connections that the system attempts to make. Since it runs primarily from USB memory sticks or microSDXC cards, Tails leaves no digital footprint on the machine unless the user specifically requests it to.
According to the release notes, this update upgrades the Tor browser to version 7.5.5 and corrects a critical flaw in Firefox. It also ships with Thunderbird 52.8, which mitigates the EFAIL problem to some degree. This fix imports OpenPGP keys with Enigmail, and it helps to overcome some of the concerns that Linux security experts have been making in regards to encrypted email messages over the past few months.
Users are now able to set screen locker passwords with non-ASCII characters. Those who do so will need a way to enter special glyphs, but otherwise this makes it far more difficult for attackers with physical access to guess a password on a locked machine.
Tails 3.7.1 has no known issues, which makes it a solid release as of the time of this writing. Automatic upgrades are available for users who currently have any of the following versions of the operating system:
Those who are still currently using any of these versions are urged to switch to the newest edition of Tails in order to take advantage of critical security updates. After updating, users shouldn’t expect to need to make further changes for some time. Linux security experts connected with the Tails project have announced that the next version isn’t going to be released until June 26.
It will be interesting to see which direction the software moves in over the long term. Developers want to eventually try to base Tails on rolling snapshots of Debian Testing so that they can bring upstream changes over quickly.