Commit dc44ec7a authored by Tails developers's avatar Tails developers

Merge remote-tracking branch 'origin/master' into devel

Conflicts:
	wiki/src/doc/first_steps/persistence/configure.mdwn
parents 5e318afe 013b838b
......@@ -10,7 +10,6 @@ msgstr ""
"PO-Revision-Date: 2013-10-13 17:08-0000\n"
"Last-Translator: \n"
"Language-Team: \n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
......
......@@ -22,7 +22,7 @@ Seems really easy to write and maintain policies, many already exist.
A [critical problem with stacked
filesystems](<https://lists.ubuntu.com/archives/apparmor/2012-April/002623.html>),
such as aufs, must be fixed at [[!taglink todo/upstream]] level before
such as aufs, must be fixed at upstream level before
we can use AppArmor in Tails. It *should* be fixed in AppArmor 3.0,
which is scheduled for 2013 Q3.
......@@ -126,5 +126,3 @@ Resources
- [yet another comparison](http://elinux.org/Mandatory_Access_Control_Comparison)
- [An exploit that was able to bypass SELinux and AppArmor protections](http://lwn.net/Articles/341773/) by the author
of grsecurity, which was safe.
[[!tag release/3.0]]
......@@ -5,8 +5,6 @@ Persistence of client certicicates in the browser would make their use a lot eas
Research
========
[[!taglink todo/research]]
Import method
-------------
......
......@@ -137,5 +137,3 @@ Resources
* how much size does Icedove + Enigmail + l10n packages add to the
SquashFS compared to Claws Mail? -> *9MB* (as of Tails pre-0.8 devel
branch with XZ SquashFS compression)
[[!tag priority/high]]
......@@ -4,8 +4,6 @@ tails-greeter is shipped in Tails 0.11 and later.
Remaining action items and bugs are split into individual pages in
[[!tails_todo "" desc="todo"]] and [[!tails_bug "" desc="bugs"]].
[[!tag todo/done]]
Archive
=======
......
[[!tag todo/research]]
[[!toc levels=2]]
This is an "unfunded mandate", I'm afraid; I can't work on this. And
......
For Tails [[!taglink release/2.0]], we want at least basic UEFI boot
including Mac.
For Tails 2.0 we want at least basic UEFI boot including Mac.
Some hardware (ThinkPad X220, recent Mac) cannot boot
Tails from USB, due to firmware limitations.
......@@ -72,6 +71,7 @@ would fix this problem on such hardware.
the solution from Ubuntu 13.10 (beta): the shim bootloader and
a corresponding GRUB binary which passes secure boot. See their
[build script](https://www.privacy-cd.org/en/tutorials/build-your-own-cd/79).
* [Managing EFI Boot Loaders for Linux by Rod Smith](http://www.rodsbooks.com/efi-bootloaders/index.html)
Matthew Garrett:
......@@ -106,5 +106,3 @@ Secure Boot
-----------
* Matthew Garrett's [Handling UEFI Secure Boot in smaller distributions](http://mjg59.dreamwidth.org/17542.html)
[[!tag priority/high]]
......@@ -22,7 +22,7 @@ Roadmap
=======
It looks like Linphone 3.5.1 or newer has everything Tails need, so it
would be good to [[!taglink todo/test]] it (probably with OnionCat).
would be good to test it (probably with OnionCat).
The new OnionCat unidirectional mode (default since r555) should be
tested for VoIP.
......@@ -217,5 +217,3 @@ Resources
* [[!tor_bug 5699]]: Make Tor able to handle VoIP applications people
already want to use
* [Whonix about Voip](https://sourceforge.net/p/whonix/wiki/Voip/)
[[!tag priority/normal]]
......@@ -11,8 +11,6 @@ build issues.
Research to do
==============
[[!tag todo/research]]
Windows Camouflage
------------------
......@@ -44,5 +42,3 @@ What works
* Tails-additional-software works
* Unsafe browser
* Orca
[[!tag release/1.1]]
......@@ -69,5 +69,3 @@ for some people with sight impairment; such features Compiz includes are:
On the other hand, Compiz requires modern graphics hardware, seems
pretty hard to get working on Debian Squeeze, and won't be in Wheezy
=> discarded.
[[!tag priority/normal]]
......@@ -114,6 +114,3 @@ play with buildbot and understand its logic :
* [Chromium's buildbot config](http://src.chromium.org/viewvc/chrome/trunk/tools/build),
which is the one driving their [builbot instance](http://build.chromium.org/)
* [Buildbot's documentation](http://buildbot.net/buildbot/docs/latest/)
[[!tag category/continuous_integration]]
[[!tag release/2.0]]
......@@ -11,5 +11,3 @@ OTR
- [[todo/better_link_to_the_OTR_homepage]]
- [[todo/integrate_with_external_OTR_documentation]]
[[!tag priority/normal]]
......@@ -353,5 +353,3 @@ confirm the general idea is workable.
One has to decrease the build-dep on gem2deb to 0.2.7~.
1. Restart WEBrick.
[[!tag release/2.0]]
......@@ -106,5 +106,3 @@ and Gmail email accounts only).
Until a solution is found for this issue, we should probably [[hide this
button|todo/hide_Find_bridges_button]].
[[!tag release/1.0]]
......@@ -17,5 +17,3 @@ We're going to move all our repos there but the website.
1. [[todo/migrate_Git_repositories_to_immerda]] **done**
1. [[setup IRC commit notifications|todo/find_another_irc_commit_bot]]
[[!tag todo/done]]
[[!toc levels=2]]
Relevant ticket: [[!tails_ticket 5768]]
# not displayed in about:config
We set these settings in our config files, but they don't appear in about:config:
* xpinstall.whitelist.add.103
# different value in about:config than in our configuration files
## Expected
* `noscript.subscription.lastCheck`: setting this to the TBB's value
(-142148139) in about:config immediately sets it to
a positive value.
* `extensions.torbutton.startup`: expected to be set to false, as
`torbutton_do_startup()` sets this to false after it has done
its job.
[[!meta title="Contribute"]]
[[!meta title="Contribute section"]]
How to restructure the huge set of links from the second half of the contribute
page? Here is a proposal.
Reference documents
===================
- [[Design documents|contribute/design]]
- [[Blueprints|blueprint]]
- [[Merge policy|contribute/merge_policy]]
Tools for contributors
======================
- Source code: [[Git repositories|contribute/git]]
- [Redmine bug tracker](https://labs.riseup.net/code/projects/tails/issues?query_id=108)
- [Roadmap](https://labs.riseup.net/code/projects/tails/roadmap)
- [Easy tasks](https://labs.riseup.net/code/projects/tails/issues?query_id=112)
- Tasks by type of work:
[code](https://labs.riseup.net/code/projects/tails/issues?query_id=119),
[documentation](https://labs.riseup.net/code/projects/tails/issues?query_id=118),
[website](https://labs.riseup.net/code/projects/tails/issues?query_id=115),
[test](https://labs.riseup.net/code/projects/tails/issues?query_id=116),
[sysadmin](https://labs.riseup.net/code/projects/tails/issues?query_id=113)
- [[Building a Tails image|contribute/build]]
- [[Build the website|contribute/build/website]]
- [[Customize Tails|contribute/customize]]
- [[Debian package builder|contribute/Debian_package_builder]], to automatically build our custom Debian packages
- [[APT repository|contribute/APT_repository]], to store our custom Debian packages
Release cycle
=============
- [[Release schedule|contribute/release_schedule]]
- [[Release process|contribute/release_process]]
- [[Test suite|contribute/release_process/test]]
Relationship with upstream
==========================
- [[Relationship with upstream|contribute/relationship_with_upstream]]
- [Bugs that we are interested in on the Debian BTS](http://bugs.debian.org/cgi-bin/[email protected])
Collective process
==================
- [[Meetings|contribute/meetings]], and minutes from past meetings
- [[Criteria for easy tasks|contribute/working_together/criteria_for_easy_tasks]]
- [[Document progress|contribute/working_together/document_progress]]
- Roles
- [[Front desk|contribute/working_together/roles/front_desk]]
- [[Release manager|contribute/working_together/roles/release_manager]]
- [[Ticket gardener|contribute/working_together/roles/ticket_gardener]]
- [[Welcome and annoying nitpicker|contribute/working_together/roles/welcome_and_annoying_nitpicker]]
Talk with us
============
*As it is*
*Left over*
===========
- *FAQ (probably merged into /faq)*
- *l10n_tricks (move into translator role?)*
......@@ -65,5 +65,3 @@ Beta testers
* San Bergmans <[email protected]>: FON network, KPN hotspots in the
Netherlands
[[!tag todo/research]]
......@@ -52,5 +52,3 @@ recognize any of the video formats available."
Later I entered <https://www.youtube.com/html5> where I verified that
my browser does not support h.264, also I had the msg "You are not
currently in the HTML5 trial." Hope that helps.
[[!tag priority/normal]]
[[!meta title="Easy tasks for new contributors"]]
The tasks marked as "easy" in our bug tracker have been determined to be great
starting points for new contributors. The description of the tasks should
provide useful pointers as well as at least one expert who will be available to
help you if you have questions.
These tasks include all kinds of work: testing, design, writing, coding, etc.
XXX It would be good to have a reference person for each one of these tasks. How to do that with Redmine?
[Easy tasks ordered by XXX](https://labs.riseup.net/code/projects/tails/issues?query_id=112)
You can also have a look at the tasks marked as [low priority](XXX) in our bug
tracker. We marked them as of low priority according to our
[roadmap]((https://labs.riseup.net/code/projects/tails/roadmap) but they might
be very interesting, useful and fun to work on!
Recommendations
===============
- Once you choose a task that fits your skills... XXX shall we tell them to
assign the task to themselves on Redmine or to send a mail to tails-dev?
- Keep XXXthe bug tracker or tails-devXXX updated with your progress each week
or so.
- If you realize that you cannot complete a task reset the assignee to
default.
- Even if you are deeply skilled, please consider doing one little easy hack,
to get used to the process. After that, you are invited to move on up to the
more difficult tasks, leaving some of the easy tasks to others so they can
get involved and achieve change themselves.
More Information
================
- [[Contribute|contribute]] section.
- [[Criteria for easy tasks|contribute/working_together/criteria_for_easy_tasks]] for developers.
This page was inspired by the [Easy
Hacks](https://wiki.documentfoundation.org/Easy_Hacks) project of
[LibreOffice](https://www.documentfoundation.org/).
This diff is collapsed.
......@@ -5,46 +5,74 @@
Current status
==============
The `feature/ff24` builds, boots and basically works fine.
The `feature/ff24` branch builds, boots and basically works fine.
Guidelines for testers
======================
1. **What to test?** — Test an ISO built from the `feature/ff24`
branch. The most recent [nightly
built](http://nightly.tails.boum.org/build_Tails_ISO_feature-ff24/)
one should do. See the *Needs to be checked* section below, and
test whatever should work fine in the Tails web browser.
1. **Information we need** — Always report the exact *commit* the ISO
you are testing was built from (if it is a nightly built one,
report its filename; if you built it yourself, you can get this
information in *About Tails*).
1. **Reporting problems** — If you discover something suboptimal,
first please check *Known issues* below and the sub-tasks of
[[!tails_ticket 6370]]. Then, please check if it's a regression
compared to the current stable Tails, and then:
* If it is a regression, file a sub-task of [[!tails_ticket 6370]].
* If it is not a regression, report a complete bug
with WhisperBack.
Note that the main goal of this testing session is *to discover
regressions* in `feature/ff24`, and gain confidence in it;
basically, everything else will be treated as low-priority.
Let's keep focus, please :)
1. **Reporting success** — When something works fine, please add it to
the *Known working* section below. If you don't have Git commit
bit, and have no personal Tails Git repo, report success to the
email thread on the tails-dev mailing-list, or to intrigeri on IRC.
1. **If in doubt** — Ask intrigeri on IRC (`#tails-dev`).
Needs to be checked
===================
Prefs in a weird state
----------------------
*Empty for now.*
We already have a list of prefs that are in a weird state
([[!tails_ticket 5768]]). It can be useful to check what follows, and
perhaps the move to FF24 would be a great time to clean them up,
update the list, and if possible finally empty it and be done with
that task.
Known issues
============
Differing user-set prefs
------------------------
Fingerprinting
--------------
* `browser.startup.homepage_override.buildID`
* `browser.startup.homepage_override.mstone`
Comparing to TBB 3.0b1:
New(ly) user-set prefs
----------------------
* ip-check.info says TBB 3.0b1 has JavaScript version 1.8, while the
Tails browser 24.1 has version 1.5
- It says 1.8 too for Tails 0.21 and TBB 2.3.25-14-dev, so that
looks like a regression.
- It says 1.5 too for iceweasel 24.1.0esr-1 and for Firefox 24.1,
both running on Debian sid.
- No downgraded package in that ISO vs. 0.21.
* `dom.mozApps.used`
* `extensions.ui.*`
* `pdfjs.*`
* `plugin.disable_full_page_plugin_for_types`
* ip-check.info returns a line "Screen" with Tails 0.21, TBB 2.4.17~rc1, and TBB
3.0b1 running from inside Tails 0.22 but not with Tails browser 24.1:
`Screen: 1000 x 567 pixels (inner size), Zoom: 100%`.
Torbrowser prefs bundled into omni.ja
-------------------------------------
The `0022-Tor-Browser-s-Firefox-preference-overrides.patch` Torbrowser
patch bundles their prefs directly into `omni.ja`.
Most of them are probably just what we want, so we could just drop
them from our own `/etc/iceweasel/{pref/iceweasel.js,profile/user.js`:
this would be a nice first step for [[!tails_ticket 5706]].
Some others default Torbrowser prefs may not be what we want, and then
we have to check that they are correctly overriden by our own prefs.
* ip-check.info returns a slightly different "Browser Window" size, even if run
in the same context (freshly started browser in a virtual machine with the
same screen size). That's [[!tails_ticket 6377]] and [[!tor_bug
10095]], not much we can do about it yet.
- `Browser window: 1000 x 600` with Tails browser 24.1
- `Browser window: 1000 x 567` with Tails 0.21
- `Browser window: 1000 x 591` with TBB 3.0b1
- `Browser window: 1000 x 564` with TBB 2.4.17~rc1
Known working
=============
......@@ -54,3 +82,37 @@ Basic fingerprinting
A build from `feature/ff24` is seen by ip-check.info just the same way
is Tails 0.20.1's browser.
Comparing to TBB 3.0b1:
* panopticlick: same results, modulo screen size
Misc
----
- eepsites via I2P work
- Tor hidden services work
Persistent bookmarks feature
----------------------------
* bootstrapped on this branch
* created with an older Tails, upgrading
Working with tails-i386-feature_ff24-0.22-20131111T0855Z-10f5a19.iso.
Prefs
-----
... were cleaned up ([[!tails_ticket 5768]]), many were merged with
Torbrowser's ones, and they are in the intended state at runtime.
Unsafe browser
--------------
Successfully tested French, Portuguese (both Brazil's and Portugal's
flavours), German, and Arabic.
Repeatedly opening and closing works as expected.
Connects fine to the web as of 0f5eab28.
This diff is collapsed.
......@@ -14,7 +14,7 @@ RAM if that matters) with both Tails 0.8 and 0.7.2.
Roadmap
=======
* [[!taglink todo/wait]] for [[todo/hugetlb_mem_wipe]] to be fine
* wait for [[todo/hugetlb_mem_wipe]] to be fine
tuned and finished.
Implementation ideas
......@@ -112,5 +112,3 @@ Other ideas
process. This makes it harder to implement a nice progress bar...
But yeah, combination of dd, pv and a tmpfs should also be able to
do a faire amount of wiping.
[[!tag priority/normal]]
......@@ -22,5 +22,3 @@ Archive
* de-activate PCMCIA and ExpressCard on systems that don't have any
PCMCIA or ExpressCard devices after running for 5 minutes. This is
going to byte some users, but probably only the first time.
[[!tag release/3.0]]
We'll need to migrate our custom programs to python3
# Python 3 libraries we need that are missing in Jessie
$ git grep "^ *import " config/
$ git grep "^ *from [^ -]* import " config/
## Python imports in tails repository
Modules not inculded in standard library follow:
### config/chroot_local-includes/etc/whisperback/config.py
None
### config/chroot_local-includes/usr/local/bin/lc.py
None
### config/chroot_local-includes/usr/local/bin/shutdown_helper_applet
- `gtk`: depercated, replaced by `python3-gi` and `gir1.2-gtk-3.0`
- `gnomeapplet`: deprecated, replaced by `python3-gi` and `gir1.2-panelapplet-4.0`
### config/chroot_local-includes/usr/local/bin/tails-about
- `gtk`: depercated, replaced by `python3-gi` and `gir1.2-gtk-3.0`
### config/chroot_local-includes/usr/local/sbin/autotest_remote_shell.py
- `serial`: OK, `python3-serial`
### config/chroot_local-includes/usr/local/sbin/boot-profile
- `pyinotify`: OK, `python3-pyinotify`
### config/chroot_local-includes/usr/local/sbin/tails-additional-software
- `posix1e`: OK, `python3-pylibacl`
## Python imports in WhisperBack
- `GnuPGInterface`: **no python3 version, unmaintained**
- `gtk`: deprecated, replaced by `python3-gi` and `gir1.2-gtk-3.0`
- `gobject`: deprecated, replaced by `python3-gi`
- `webkit`: deprecated, replaced by `python3-gi` and `gir1.2-webkit-3.0`
- `gnutls`: no python3 version, seems replaced by <https://gitorious.org/pygnutls> but we might not need it anymore
- `urlparse`: renamed `urllib.urlparse`
......@@ -6,8 +6,6 @@ user those packages in the GUI, notifications, etc.
This feature will be implemented in several steps.
[[!tag release/2.0]]
Past research
=============
......
......@@ -22,7 +22,7 @@ target sites themselves.
> parties are prevented from tracking users between sites by the
> implementation"; we should read the Implementation section in
> details, see if this is true for iceweasel + torbutton, or merely
> for torbrowser. Thus tagging todo/research too.
> for torbrowser. Thus tagging research too.
(Long, hard to follow discussion moved to the [[discussion
page|remove adblock?/discussion]].)
......
......@@ -33,5 +33,3 @@ Upstream (udisks) feature request:
and tcplay, it make easy to manage Truecrypt
volumes through a GUI, but it's not packaged in Debian yet
([[!debbug 703911 desc="RFP #703911"]]).
[[!tag release/2.0]]
......@@ -406,5 +406,3 @@ Would a simplified version of this project be easier to implement, and could it
* Would it be preferred to have the screenlock software installed as well so the server can run with a locked screen. Would need to have the ALT+F1,F2 etc gettys disabled or password protected.
* A simpler version that does provide a hidden service, but only the bare minimum other features, would not prevent all the other useful features specified in this document from being implemented at a later date, and may get more people interested in using it
* Some of the features in this document make more work to get them running, but would actually decrease security and anonymity (advertising on LAN, administering from a LAN PC)
[[!tag priority/low]]
[[!toc levels=2]]
[[!tag category/greeter]]
[[!tag release/2.0]]
Rationale
=========
......@@ -243,9 +241,9 @@ thanks :-)
Possible roadmaps
=================
0. [[Decide what DM and language / UI toolkit we will use for the
greeter in Wheezy|todo/tails-greeter vs. Wheezy]]
0. Adapt following plans accordingly
0. **done** Decide what DM and language / UI toolkit we will use for the
greeter in Wheezy
0. **done** Adapt following plans accordingly
0. Gather more input from people who have strong opinions about the
t-g UX: the idea is to encourage work on the greeter by bringing
early positive input rather than late negative feedback.
......@@ -281,5 +279,3 @@ Plan B - full UI rewrite with usability study
0. Design and sketch prototypes
0. Organize a usability study
0. Implement the winner idea
[[!tag priority/high]]
[[!map pages="blueprint/tails-greeter:_revamp_UI/mockups/*"]]
To test mockups:
$ ./mockup.py [-v <variant>] [-p]
Options:
-v <variant> use <variant> where variant is the number of the .ui file
-p act as if booted from USB with persistence
#!/usr/bin/python
#*-* coding=utf-8
import sys
import optparse
from gi.repository import Gtk, Gdk, GObject, GdkPixbuf
class GreeterMockup:
def __init__(self, version="5", persistence=False):
uifilename = "tails-greeter" + version + ".ui"
ui = Gtk.Builder()
ui.add_from_file(uifilename)
ui.connect_signals(self)
self._main_window = ui.get_object("window_main")
self._notebook = ui.get_object("notebook_main")
self._previous = ui.get_object("button_previous")
self._locale_label = ui.get_object("label_locale")
self._linkbutton_language = ui.get_object("linkbutton_language")
self._persistence = ui.get_object("box_persistence")
self._persistence_setup = ui.get_object("button_persistence_setup")
self._persistence_entry = ui.get_object("box_persistence_entry")
self._persistence_activate = ui.get_object("box_persistence_activate")
self._persistence_info = ui.get_object("box_persistence_info")
self._iconview_locale = ui.get_object("iconview_locale")
self._iconview_options = ui.get_object("iconview_options")
language = ui.get_object("languages_treeview")
self._persistence.set_visible(persistence)
if language:
tvcolumn = Gtk.TreeViewColumn("Language")
language.append_column(tvcolumn)
cell = Gtk.CellRendererText()
tvcolumn.pack_start(cell, True)
tvcolumn.add_attribute(cell, 'text', 1)
self.cb_languages()
self._iconview_locale.connect("selection-changed", self.cb_option_selected)
self.fill_view(self._iconview_options,
[("Keyboard", "preferences-desktop-keyboard", "cb_show_keyboard"),
("Bridges", "network-vpn", "cb_show_briges"),
("Widows camouflage", "preferences-desktop-theme", "cb_show_camouflage"),
("Administrative rights", "dialog-password", "cb_show_password"),