The Tails project announced the release of Tails 6.11, featuring a series of important security patches and usability enhancements. The update addresses several vulnerabilities identified during an external security audit by Radically Open Security, which have not been observed in real-world attacks so far.
One of the most significant vulnerabilities resolved in Tails 6.11 involved Tails Upgrader. In previous versions (6.10 or earlier), an attacker could potentially abuse a Tails Upgrader flaw after first gaining control of an application to install a malicious software upgrade.
This malicious package would persist even after Tails restarts. Fortunately, performing a manual upgrade to 6.11 eliminates any chance of residual malicious software remaining on the Tails USB stick.
Additional vulnerabilities involved compromises that could have undermined user privacy or anonymity. For instance, an attacker with control over an application in Tails might have exploited flaws in other tools, including Onion Circuits, Unsafe Browser, Tor Browser, or Tor Connection, to either reveal the user’s identity or block access to the Tor network.
Fortunately, the newly released updates address these issues. Moreover, this release prevents an attacker from modifying the Persistent Storage settings without authorization.
Beyond security enhancements, Tails 6.11 introduces a practical new feature to detect partitioning errors on Tails USB sticks. Here’s what it’s about. Sometimes, partitions become corrupted due to faulty hardware, software glitches, or accidentally removing the USB stick while Tails is in use.
Now, Tails proactively warns users if it detects partitioning issues, even before a Persistent Storage is set up. This timely alert offers guidance on whether to reinstall Tails or switch to a different USB stick, helping to prevent further data corruption or upgrade failures.
Other notable changes include:
- Tor Browser has been updated to version 14.0.4, ensuring the latest security patches and performance improvements.
- Thunderbird has been upgraded to 128.5.0esr.
- Electrum no longer supports hardware wallets, following Trezor wallets’ incompatibility with Debian 12 (Bookworm).
- GNOME Text Editor no longer automatically reopens the last file upon restart.
- A new link in the Tor status icon menu leads directly to the Tor Connection assistant, simplifying the process of reconfiguring or troubleshooting Tor.
- Minor modifications in WhisperBack facilitate more efficient reporting and debugging for the Tails team.
For a full list of changes, consult the changelog or refer to the release announcement.
If you are currently running Tails 6.0 or later, you can upgrade automatically to 6.11. A manual upgrade is recommended if the automatic upgrade fails to start or if Tails does not boot correctly afterward. Performing a manual upgrade also helps users who want to be absolutely sure that no attacker-controlled files remain on their USB sticks.
If you are new to Tails or wish to do a fresh installation without preserving your Persistent Storage, you can follow the installation instructions for Windows, macOS, and Linux.
Please note that if you choose a fresh install instead of an upgrade, the Persistent Storage on your old Tails USB stick will be lost.
