Tails 4.4 Released Fixing a Host of Security Vulnerabilities

• Tails 4.4 has been released, updating its core elements and fixing severe security flaws.
• The live Linux distribution supports anonymous and untraceable web browsing and communications.
• Tails can run entirely from the RAM, on a virtual machine, or get nested on your hard drive.

Tails or The Amnesic Incognito Live System, has released version 4.4, which brings many fixes to previously identified security vulnerabilities. Besides that, the new "live" system has updated its core apps and drivers to their latest available version. So, in 4.4, we have the Linux Kernel v5.4.19, Thunderbird v68.5, Tor Browser v9.0.6, VirtualBox v6.1.4, Evince v3.30.2, and DogTail v0.9.11, all coming as pre-installed.

Tails is a Debian-based live Linux distribution that you can run from a DVD or USB, as it's just over a GB of size. Of course, if the user wishes, they may permanently install Tails on the disk. The system is meant to provide a completely anonymous platform that is pre-loaded with everything you'll need to access the internet, communicate with others, and test software in a secure sandbox environment. Tails is using the Tor network to anonymize all network traffic and make the user's movements hard to trace.

Version 4.4 fixes the following security flaws that affect 4.3 and all previous versions:

• Tor Browser – CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2019-20503, CVE-2020-6812, and CVE-2020-6814
• Thunderbird – CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6797, CVE-2020-6798, CVE-2020-6792, CVE-2020-6800
• Linux Kernel – CVE-2019-3016, CVE-2019-14896, CVE-2019-14897, CVE-2020-8428, CVE-2019-19046, CVE-2019-19043
• Curl – CVE-2019-5436, CVE-2019-5481, CVE-2019-5482
• Evince – CVE-2017-1000159, CVE-2019-11459, CVE-2019-1010006
• pillow – CVE-2019-16865, CVE-2019-19911, CVE-2020-5311, CVE-2020-5312, CVE-2020-5313
• ppp – CVE-2020-8597
• Webkit2GTK – CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868

Tails is by design loaded in RAM and don't write any data on drives unless the user specifically wants it to. For this purpose, one can set up an encrypted persistence volume where they may save personal files such as documents, additional applications, etc. When Tails is shut down, it automatically overwrites the RAM space that was allocated for its operation, so that side-channel attacks aimed at performing memory dumping are rendered useless. The system also supports "emergency shutdown" by physically removing the medium, be it a DVD disk or a USB drive. Doing so will initiate the memory zeroing process.

If you need instructions on how to flash the Tails image in a USB stick or burn the ISO on a DVD, check out our detailed guide on how to do it. If you're already experienced with this process, and you simply need a tool that will do the job quickly and easily, I suggest the Etcher by Balena, which features a modern interface, supports flashing validation, and is available for the three major desktop platforms (Windows, Mac, and Linux).