- Notizie
Subscribe to our newsletter to receive the same news by email:
Changes and updates
Update Tor Browser to 14.5.3.
Update the Linux kernel to 6.1.140.
For more details, read our changelog.
Get Tails 6.16
To upgrade your Tails USB stick and keep your Persistent Storage
Automatic upgrades are available from Tails 6.0 or later to 6.16.
If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.
To install Tails 6.16 on a new USB stick
Follow our installation instructions:
The Persistent Storage on the USB stick will be lost if you install instead of upgrading.
To download only
If you don't need installation or upgrade instructions, you can download Tails 6.16 directly:
Nine months ago Tails and Tor set out to unite forces for Internet Freedom. The goal was to integrate Tails into the organizational structure of the Tor Project to pool resources instead of duplicating them, and deliver a more robust shield against censorship and surveillance. Today we're happy to report that we're already seeing the transformative impact of our united efforts.
Delivering on our promises
The integration of two organizations requires careful planning and collaboration. When we first began our discussions, we made it a point to focus on better serving the shared communities that depend on Tor and Tails. The merger has already delivered on our core commitments in concrete ways:
Countering censorship and surveillance more effectively
Our combined anti-censorship expertise is yielding immediate results. Whenever a new or previously unknown censorship event occurs, we can figure out how best to tackle the issues. China is one such example in action: When obfs4 bridges increasingly became the target of censors, our teams were able to jointly coordinate a strategic response, determining whether to address the issue through improved bridge distribution mechanisms or by adding support for newer pluggable transports in Tails itself. This kind of coordinated response to censorship events was more challenging and time-consuming when we operated separately.
More robust treatment of overlapping threat models
We've ensured that Tails' specific needs are now directly integrated into Arti development, creating a more comprehensive solution for users who need both network and system-level security in high-risk environments. Having both Tor Browser and Tails developers collaborate more closely means that Tails users benefit from smoother, earlier releases that provide user protections faster.
Expanded training and outreach opportunities
Empowering our users through access and digital rights education has been a top priority for both Tails and Tor. Earlier this year, we successfully ran a Tails training in partnership with the Open Culture Foundation the day before RightsCon 2025, reaching activists and journalists who urgently need these tools. By tapping into Tor's Privacy Resilience Grants, we're now supporting more groups in the Global South to run Tails trainings directly in their communities, expanding Tails' reach to new territories and user groups.
Operational resilience to advance our shared mission
The benefits extend far beyond individual projects. Our unified sysadmin team has created a comprehensive 5-year roadmap for merging our digital infrastructures, eliminating redundancies while strengthening both organizations' technological foundations. We've already merged critical services including calendars, GitLab projects, password stores, and documentation systems, with security policies, monitoring systems, and authentication mechanisms currently in progress.
The merger has also clarified roles and responsibilities across teams while providing Tails teams with access to the Tor Project's mature organizational structure and improving system monitoring and management. Our expanded fundraising capacity means we can pursue larger grants and coordinate funding requests that support both tools simultaneously. It allows us to stay resilient in a dynamic fundraising landscape, and maximize the impact of every dollar.
This is a meaningful achievement for every supporter: Your donations now go further toward creating real-world impact rather than duplicating administrative overhead. Our resources are now fully directed toward developing stronger privacy tools and reaching more people who need protection from surveillance and censorship.
Upcoming changes for PayPal donors
Tails, just like Tor, has always been powered by your donations. As part of our organizational merge, we are taking the opportunity to upgrade the way we manage donations, donor records, and communication with you about your donations.
If you have made a donation to Tails through PayPal, your information will be imported into Tor's CiviCRM Customer Relationship Management (CRM) database, which collects only the minimal amount of information and hosts all donor data on Tor infrastructure. Rest assured that Tor will never sell or share your data. Ever. You can read the Tor Project's privacy policy here.
The following information will be imported:
- Name - Email - Address, if given - Past donation history
All of this data will be merged by June 30, 2025. Once the data is completely merged, all PayPal monthly donations will be terminated. If you have an active monthly donation to Tails through PayPal, please watch out for a message from us about migrating your donation.
What you can do today
Thank you for being defenders of online privacy, anonymity, and censorship circumvention tools. We invite all our supporters to join us as part of the unified Tor community, working together to safeguard the digital human rights of individuals worldwide. Please consider renewing your donation today for the Tor Project and help make privacy possible.
The Tor Project is a 501(c)(3) nonprofit committed to transparency. The Tor Project has a Four-Star Charity rating from Charity Navigator, and has been awarded Candid's Platinum Seal of Transparency. This demonstrates the Tor Project's commitment to openness and honesty in how the organization manages its finances and uses your investment for a greater impact. Your donation is in good hands and goes a long way.
This release is an emergency release to fix important security vulnerabilities in Tor Browser.
Changes and updates
Update Tor Browser to 14.5.2, which fixes Mozilla Foundation Security Advisory 2025-37. These vulnerabilities allow an attacker to perform an out-of-bounds read or write on a JavaScript object, but don't allow breaking out of the Firefox sandbox.
Update Thunderbird to 128.10.1.
Remove the Tor Browser and Tor Browser (persistent) folders: they are not necessary anymore, thanks to the more flexible confinement of Tor Browser we introduced in Tails 6.14.1. (#15028)
Fixed problems
Fix the Unsafe Browser appearing in the window list with the Tor Browser icon. (#20934)
Make reporting an error using WhisperBack more robust. (#20921)
Fix USB tethering. (#20940)
For more details, read our changelog.
Get Tails 6.15.1
To upgrade your Tails USB stick and keep your Persistent Storage
Automatic upgrades are available from Tails 6.0 or later to 6.15.1.
If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.
To install Tails 6.15.1 on a new USB stick
Follow our installation instructions:
The Persistent Storage on the USB stick will be lost if you install instead of upgrading.
To download only
If you don't need installation or upgrade instructions, you can download Tails 6.15.1 directly:
Late 2024, Radically Open Security conducted another security audit of critical parts of Tails.
To better protect our users, we addressed the security vulnerabilities as soon as they were discovered and reported to us, without waiting for the audit to be complete and public.
We can now share with you the final report.
The auditors concluded that:
The Tails operating system leaves a strong security impression, addressing most anonymity-related concerns. We did not find any remote code execution vulnerabilities, and all identified issues required a compromised low-privileged
amnesia
user – the default user in Tails.Looking back at the previous audit, we can see the Tails developers have made significant progress, demonstrating expertise and a serious commitment to security.
Findings
The auditors did not identify any vulnerability in:
The creation of the Persistent Storage with LUKS2, introduced in Tails 5.14 (June 2023)
Our security improvements to Thunderbird
The random seed feature, introduced in Tails 6.4 (June 2024)
The auditors found 4 issues in:
The automatic upgrade mechanism
Other important changes since Tails 5.8 (November 2023)
ID | Impact | Description | Issue | Status | Release |
---|---|---|---|---|---|
OTF-001 | High | Local privilege escalation in Tails Upgrader | #20701 | Fixed | 6.11 |
OTF-002 | High | Arbitrary code execution in Python scripts | #20702 | Fixed | 6.11 |
#20744 | Fixed | 6.12 | |||
OTF-003 | Moderate | Argument injection in privileged GNOME scripts | #20709 | Fixed | 6.11 |
#20710 | Fixed | 6.11 | |||
OTF-004 | Low | Untrusted search path in Tor Browser launcher | #20733 | Fixed | 6.12 |
Postmortem
Our team went further than simply fixing these issues. We conducted a postmortem to understand how we introduced these vulnerabilities in our releases and what we could do to avoid similar vulnerabilities in the future. This analysis led to technical, policy, and culture changes.
This analysis was useful and we'll definitely consider doing postmortems again after future audits. It might also be useful for other projects to understand how we worked on these long-lasting improvements.
Technical improvements
Postmortem of OTF-001
While preparing a major Tails release based on a new version of Debian, for example, Tails 7.0, we will look for Perl code included in Tails that modifies
@INC
in a dangerous way. (#19627)Furthermore, we now automatically check for potentially vulnerable Mite code and fail the build if we find any.
Postmortem of OTF-002 (#20719 and !1911)
Our CI now ensures that all our custom Python software runs in isolated mode.
Postmortem of OTF-003 (#20711 and !1979)
Our
sudo
configuration is now generated from a higher-level description, which has safer defaults and demands explanations when diverging from them.Postmortem of OTF-004 (#20817 and !2040)
Our CI now ensures that we don't write software that does unsafe
.desktop
file lookup.We will also periodically audit the configuration of
onion-grater
, our firewall for the Tor control port. (#20821)
Policy and culture improvements
During the audit, we noticed that we lacked a policy about when we should make confidential security issues public.
This was problematic because:
We have sometimes been too secretive.
As a temporary measure, this protected our users by erring on the safe side. But, without a disclosure process, we were not meeting our own standards for transparency and openness to third-party reviews.
Different team members were working with different assumptions, which caused communication issues.
To have better guidelines for confidentiality and disclosure, we created our security issue response policy, based on the policy of the Tor Project's Network Team.
We will be more intentional about when it's worth the effort and risk to do large code refactoring.
While refactoring is necessary for a healthy software development process, this postmortem showed that large refactoring can also introduce security vulnerabilities.
When changing security-sensitive code, such as our
sudo
configuration or any code that elevates privileges, we now require an extra review focused on security.We will communicate about security issues more broadly within our team when we discover them so that every team member can learn along the way.
Robin is an activist in struggle against a nuclear project in France. He has been using Tails as his default operating system for all his activism since 5 years, creating a clear separation between his activism (using Tails) and personal life (using encrypted Debian).
At his place, many nomadic activists use Tails USB sticks instead of having personal computers, allowing them to maintain privacy while using shared devices.
After facing repression, encrypting all their data became a baseline practice in his group. He prefers training others on Tails because it's easier to implement than teaching full computer encryption.
Because Tails is easy to share, even people with low technical abilities are able to use it. For the security of a group, what matters is the lowest security level within that group.
Changes and updates
Update Tor Browser to 14.5.1.
Update the Linux kernel to 6.1.135.
Fixed problems
Make sure Tails cannot store data in UEFI variables or ACPI tables when crashing. (#20813)
Fix the appearance of the GRUB Boot Loader with Secure Boot. (#20899)
For more details, read our changelog.
Known issues
Remove firmware for the Wi-Fi interfaces based on the BCM4301 and BCM4306 chips. (#20887)
We believe that these interfaces are only available on computers that are too old to start Tails. Please let us know if your Wi-Fi stopped working in Tails 6.15.
The Unsafe Browser appears in the window list bar with the Tor Browser icon. (#20934)
Additional software may initially fail to install the first time you start Tails after upgrading. This should be fixed shortly after you connect to Tor.
Connecting to the Internet with USB tethering is broken with some phones. (#20940)
Get Tails 6.15
To upgrade your Tails USB stick and keep your Persistent Storage
Automatic upgrades are available from Tails 6.0 or later to 6.15.
If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.
To install Tails 6.15 on a new USB stick
Follow our installation instructions:
The Persistent Storage on the USB stick will be lost if you install instead of upgrading.
To download only
If you don't need installation or upgrade instructions, you can download Tails 6.15 directly:
This release is an emergency release to fix security vulnerabilities in the Linux kernel and the implementation of the Perl programming language.
Changes and updates
Update Linux to 6.1.133, which fixes multiple security vulnerabilities that may lead to a privilege escalation or information leaks.
Update perl to 5.36.0-7+deb12u2, which fixes a heap-based buffer overflow vulnerability, which may result in denial of service, or potentially the execution of arbitrary code.
For more details, read our changelog.
Get Tails 6.14.2
To upgrade your Tails USB stick and keep your Persistent Storage
Automatic upgrades are available from Tails 6.0 or later to 6.14.2.
If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.
To install Tails 6.14.2 on a new USB stick
Follow our installation instructions:
The Persistent Storage on the USB stick will be lost if you install instead of upgrading.
To download only
If you don't need installation or upgrade instructions, you can download Tails 6.14.2 directly:
Today, we are releasing 6.14.1 instead of 6.14 because we discovered an important issue while testing 6.14 on Tuesday and had to start the release process again to fix it.
New features
More flexible confinement of Tor Browser
We improved the confinement technology that we use to protect your files from possible security vulnerabilities in Tor Browser.
Until now, Tor Browser could only save downloads to and read files from a limited number of folders.
With Tails 6.14.1, you can safely access any folder in your Home folder or Persistent Storage from Tor Browser.
This new integration also solves other usability and accessibility issues:
The Large Text accessibility feature works in Tor Browser. (#19266)
The Cursor Size accessibility feature works in Tor Browser. (#19572)
The minimize and maximize buttons are available again in the title bar. (#19328)
These improvements rely on 2 security technologies: the flexibility of the new XDG Desktop Portals of Flatpak allowed us to relax the AppArmor confinement, improving usability without compromising on security.
Changes and updates
Update Tor Browser to 14.0.9.
Update the Tor client to 0.4.8.16.
Fixed problems
Fix the Welcome Screen freezing after unlocking the Persistent Storage. (#20783)
Add a clearer border to the Kleopatra window when on white background. (#20861)
Fix the error when closing the check for upgrades from About Tails. (#20861)
For more details, read our changelog.
Get Tails 6.14.1
To upgrade your Tails USB stick and keep your Persistent Storage
Automatic upgrades are available from Tails 6.0 or later to 6.14.1.
If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.
To install Tails 6.14.1 on a new USB stick
Follow our installation instructions:
The Persistent Storage on the USB stick will be lost if you install instead of upgrading.
To download only
If you don't need installation or upgrade instructions, you can download Tails 6.14.1 directly:
[[!meta Error: cannot parse date/time: Mar, 06 giu 2023 14:00:00 +0000]]
Between 2021 and 2023 Tails, Tor, and the Guardian Project partnered to organize training and usability tests in Ecuador, Mexico, and Brazil. Our goals were to:
Promote our digital security tools and train human rights defenders in the Global South.
Learn from their experiences and needs to help us prioritize future work.
Improve the usability of our tools based on their feedback.
Usability tests and improvements
We conducted 4 rounds of in-person moderated usability tests in Mexico, Brazil, and Ecuador to identify usability issues in the features of Tails that are most important to new users:
Installation
Tor Connection
Persistent Storage
The DesignOps tools that we used to organize these usability tests are all publicly available on our website.
The detailed methodology for each of the usability tests is explained in the corresponding GitLab issues, linked below.
Installazione
In December 2021 in Mexico, we learned that the tools for new users to install Tails worked well, but several people got lost while navigating the instructions on the website.
Based on these findings, we restructured our installation pages and fixed 30 usability issues on the website.
We tested these improvements in August 2022 in Brazil and confirmed that the new installation pages were much easier to follow. Only 1 out of 4 participants had trouble installing Tails on their own. All participants could start Tails and connect to the Tor network easily.
Details:
Usability tests of first-time use in Mexico (#18074)
Usability tests of first-time use in Brazil (#18784)
Tor Connection
In July 2021, we released the Tor Connection assistant to completely redesign how to connect Tails to the Tor network. The new assistant is most useful to people who are at high risk of physical surveillance, under heavy network censorship, or on a poor Internet connection.
In August 2022 in Brazil, we tested the usability of Tor Connection when accessing the Tor network is blocked by censorship or by a captive portal.
Despite the many usability issues that we fixed since the first release of Tor Connection, 3 test participants out of 4 failed to connect when access to the Tor network was blocked.
Since then we fixed 14 usability issues affecting Tor Connection: to understand better why connecting to Tor fails, to make it easier to configure a Tor bridge, and to make it easier to sign in to a network using a captive portal.
- Usability tests of Tor Connection (#18762)
Archivio Persistente
In March 2023 in Ecuador, we tested the usability of the new Persistent Storage, which was released in Tails in December 2022.
We didn't find any serious usability issues in the new Persistent Storage. The fact that people don't have to restart to create and enable the Persistent Storage and that their data (eg. Wi-Fi password) is stored on creation were huge improvements compared to the old Persistent Storage.
- March 2023: Usability tests of the new Persistent Storage (#18648)
Trainings
Through our combined efforts we reached 47 organizations and trained 433 human rights defenders on our family of tools based on the Tor network. For Tails only, we conducted 8 workshops and trained 84 people on using Tails: journalists, activists, feminists, lawyers, and human rights defenders.
The material used for these Tails workshops is available on our website in English, Spanish, and Portuguese.
Assistants to the workshops were able to start Tails on all their PC computers but had more frequent issues with Mac computers.
From what is already possible to do with Tails, people were most interested in using Tails to:
Handle sensitive data, for example, medical data of abortion patients, sensitive documents from political trials, or field studies from human rights violations. That said, not all journalists thought that they were manipulating data that was sensitive enough to require a tool like Tails. Sometimes it was hard to draw the line on when to use Tails and when not.
Investigate sensitive topics online, either for journalistic purposes, medical purposes, or when making safe travel plans.
Have a secure OS when using other people's computer, either when traveling or when people don't have the means to have their own computer.
From what is not possible yet to do with Tails, people were most interested in:
Doing online meetings and using mobile messaging apps like Signal and Telegram from Tails.
Using a VPN instead of Tor for speed and access to more websites.
We included both of these objectives in our 3-year product strategy. You can track our progress in the GitLab issues related to #19472.
New features
Detection of problems with Wi-Fi hardware
Problems with Wi-Fi are unfortunately quite common in Tails and Linux in general.
To help troubleshoot hardware compatibility issues with Wi-Fi interfaces, the Tor Connection assistant now reports when no Wi-Fi hardware is detected.
Changes and updates
Update Tor Browser to 14.0.7.
Update the Tor client to 0.4.8.14.
Fixed problems
Detect partitioning errors also when Tails is started for the first time. (#20797)
This solves some failures when creating the Persistent Storage on a new Tails USB stick.
Fix the Configure and Show Log buttons in the notification when installing additional software fails. (#20781)
For more details, read our changelog.
Get Tails 6.13
To upgrade your Tails USB stick and keep your Persistent Storage
Automatic upgrades are available from Tails 6.0 or later to 6.13.
If you cannot do an automatic upgrade or if Tails fails to start after an automatic upgrade, please try to do a manual upgrade.
To install Tails 6.13 on a new USB stick
Follow our installation instructions:
The Persistent Storage on the USB stick will be lost if you install instead of upgrading.
To download only
If you don't need installation or upgrade instructions, you can download Tails 6.13 directly: