The Tails project announced the release of its privacy-focused Linux distro, Tails 6.12, featuring vital security patches alongside an array of functional updates.
According to the development team, several vulnerabilities were discovered during an external security audit by Radically Open Security. In light of this, perhaps the most noteworthy highlights in Tails 6.12 are the fixes preventing attackers from monitoring Tor circuits and altering Persistent Storage settings. Here are some more details about it.
Tor Circuit Monitoring Prevention
In earlier versions (up to Tails 6.11), vulnerabilities within Onion Circuits and the Tor Browser wrapper could have allowed a hostile actor—who had already hijacked a running application—to monitor or modify Tor connections, potentially revealing user identities. The Tails developers emphasize that there is no indication these flaws were exploited in the wild.
Persistent Storage Security Enhancements
Another fix addresses a loophole that, if exploited, could have allowed attackers with existing control of an application to change Persistent Storage settings. This patch ensures that user data in the Persistent Storage remains more securely locked down even in the unlikely event of a breach.
In addition to closing these security gaps, Tails 6.12 introduces a few practical updates designed to improve user experience and streamline system operations:
- New Button for Checking Upgrades: A dedicated button has been added to the About Tails utility, making it more convenient to verify whether new updates are available.
- Quick Access Terminal: Users can now open a Terminal window instantly by pressing “Ctrl+Alt+T,” simplifying command-line access.
- Application Upgrades: Tails now include Tor Browser 14.0.5 and Thunderbird 128.6, which offer these well-known apps’ latest security and performance enhancements.
On top of that, the latest update addresses several issues aimed at ensuring stability, reliability, and user-friendliness:
- Error Message on Persistent Storage Encryption: When upgrading to LUKS2 encryption fails, Tails notifies the user, minimizing confusion during what could otherwise be a complex process.
- Isolated Mode for Python Code: Tails continues to run its Python code in isolated mode, reducing potential risks of malicious scripts gaining undue privileges.
- Simplified Troubleshooting: The development team has revised the troubleshooting instructions for cases where automatic upgrades fail, making the guidance less intimidating and easier to follow.
- Welcome Screen Freeze Fix: Activating the Persistent Storage no longer causes the Welcome Screen to freeze.
- Improved Time Synchronization: Restarting Tor now triggers more reliable time synchronization, reducing connectivity hiccups.
For a full list of changes, consult the changelog or refer to the release announcement.
If you are currently running Tails 6.0 or later, you can upgrade automatically to 6.12. A manual upgrade is recommended if the automatic upgrade fails to start or if Tails does not boot correctly afterward.
If you are new to Tails or wish to do a fresh installation without preserving your Persistent Storage, you can follow the installation instructions for Windows, macOS, and Linux.
Please note that if you choose a fresh install instead of an upgrade, the Persistent Storage on your old Tails USB stick will be lost.
