[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNU-linux-libre] Fully FOSS Tails OS

From: Denis 'GNUtoo' Carikli
Subject: Re: [GNU-linux-libre] Fully FOSS Tails OS
Date: Thu, 12 Jan 2017 23:23:27 +0100

On Thu, 12 Jan 2017 15:04:44 +0100
hellekin <address@hidden> wrote:

> Parazyd is working on
There is also a HEADS distribution at

> that provides an alternate Tails with the linux-libre kernel.
> Joining forces?
This is great! I hope it will respect the free software distribution
guidelines(FSDG). If so we could have freedom and privacy.

Having to choose between both is a very difficult dylema.
It also often leads to lot of ultra complicated and time consuming
discussions[1], which could be avoided in the first place if there was
no such dylema.

Fixing the dylema technically is probably faster than waiting for an
outcome of such discussions.

Beside using linux-libre, I also think that the following has to be
- Tails has debian repositories enabled. This also includes the
  non-free repository (It is probably there for the firmwares).
  As far as I know the usability of the debian package system within
  Tails is not great:
  - The user is expected to install packages from the command line.
  - To install packages, the user must have chosen to enable the root
    account at login time. If not the user must reboot and enable the
    root account before being able to install packages.
  - The user can then install packages, but even if the storage is
    enabled, they are not kept across reboots. As the persistence
    settings also have a setting to keep pakcages, it might also be
    because I did something wrong or that I didn't do something?
  Given the issues above the debian repositories can be disabled
  without a lot of downside. If that is done, only what is shipped in
  the livecd has to be compliant with the Free Software Distributions
  That's probalby doable without much work.
- Firefox and the tor-browser have an internal package manager (The Get
  add-ons button) in about:addons. Searching for "Ghostery" shows up
  some proprietary software add-on that can easily be installed.
  Here again, disabling the add-ons might be the right thing to do,
  since the Tor documentation very very strongly advise people not to
  install any add-on since it has a huge probability of de-anonymizing
  users by rendering their copy of the tor-browser unique.
  This can probably be done easily by changing some of the about:config
  Looking in about:config finds many addresses.
  Again this shound't be too hard nor time consuming.

Assuming that this is done, and that the distribution is FSDG
compliant, and listed in the fsf website, it is strongly advised to
find a way to verify if the websites that are being visited can
distinguish between Tails[3] and it's FSDG counterpart.
Asking the tor developers about it on their mailing list might be a
good way to find out.

[1]Ideally we want to live in a world which protects both
   freedom and privacy , and here the dylema is just the result of the
   absence of browsers(like the tor-browser) and distributions(like
   tails) that respects the Free Software Distribution Guidelies(FSDG).
   This is why I personally think, given my incomplete[2] knowledge on
   the topic, that is pointless.
[2]A human being can't know everything on a topic.
[3]Tails ships different add-ons than the tor-browser and because of
   that it might be distinguishable from it[4]. There was a bugreport in
   one of the projects tracker about it.
   At some point, the bug report might also contains some pointers as
   how to test if two browsers or distributions can be distinguished.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]