Merge branch 'bugfix/git-https' into experimental

[tails-test.git] / wiki / src / download.html

[[!meta title="Download, verify and install"]]

<strong>Tails is [[Free Software|doc/about/license]], you can download it, use it and
share it without restriction.</strong>

<div id="page-download">

[[!toc levels=1]]

<div id="first_time">

        <h1 class="bullet-number-one">First time user?</h1>

        <div class="caution">
        <ul>
        <li>If you don't know what a metadata or a man-in-the-middle attack
        is.</li>
        <li>If you think no-one can eavesdrop on your communications
        because you are using Tor.</li>
        <li>If you have no notion on how Tails works.</li>
        </ul>

        <p><strong>Then, check first the [[about]] and
        [[warning|doc/about/warning]] pages to make sure that Tails is the right tool
        for you and that you understand well its limitations.</strong></p>
        </div>

</div>

<div id="download_iso" class="container">

        <h1 class="bullet-number-two">Download the ISO image</h1>

        <p>You will download Tails in the form of an <span
        class="definition">[[!wikipedia ISO_image desc="ISO image"]]</span>: a
        single file that you will later burn on a DVD or installed onto a USB
        stick.</p>

<div id="http">

        <h2>Direct download</h2>

        <h3>Latest release</h3>

        <p>
        <a class='download-file' href=[[!inline pages="inc/stable_i386_iso_url" raw="yes"]]>
        Tails [[!inline pages="inc/stable_i386_version" raw="yes"]] ISO image</a>
        </p>

        <h3>Cryptographic signature</h3>

        [[!inline pages="lib/download_stable_i386_iso_sig" raw="yes"]]

        <p>If you're not sure what the cryptographic signature is,
        please read the part on [[verifying the ISO
        image|download#verify]].</p>

        <h3>Set up a web mirror</h3>

        <p>If you're running a web server, you're most welcome to help us spread
        Tails by [[setting up a web mirror|contribute/how/mirror]].</p>

</div> <!-- #http -->

<div id="bittorrent">

        <h2>BitTorrent download</h2>

        <h3>Latest release</h3>

        <p>
        <a class='download-file' href=[[!inline pages="inc/stable_i386_torrent_url" raw="yes"]]>
        Tails [[!inline pages="inc/stable_i386_version" raw="yes"]] torrent</a>
        </p>

        <h3>Cryptographic signature</h3>

        <p>The cryptographic signature of the ISO image is also included in the Torrent.</p>

        <p>Additionally, you can verify the <a href=[[!inline
        pages="inc/stable_i386_torrent_sig_url" raw="yes"]]>signature of
        the Torrent file</a> itself before downloading it.</p>

        <h3>Seed back!</h3>

        <p>Seeding back the image once you downloaded it is also a nice
        and easy way of helping spread Tails.</p>

</div> <!-- #bittorrent -->

</div> <!-- #download_the_image .container -->

<div id="verify">

        <h1 class="bullet-number-three">Verify the ISO image</h1>

        <p>It is important to check the <span class="definition">[[!wikipedia
        Data_integrity desc="integrity"]]</span> of the ISO image you downloaded
        to make sure that the download went well.</p>

        <div class="caution">
        <p>Those techniques rely on standard HTTPS and <span
        class="definition">[[!wikipedia Certificate_authority desc="certificate
        authorities"]]</span> to make you trust the content of this website.
        But, [[as explained on our warning
        page|doc/about/warning#man-in-the-middle]], you
        could still be victim of a man-in-the-middle attack while using HTTPS.
        On this website as much as on any other of the Internet.</p>

        <p>As a consequence, <strong>they don't provide you with a
        strong way of checking the ISO image <span
        class="definition">[[!wikipedia Authentication
        desc="authenticity"]]</span> and making sure you downloaded a genuine
        Tails.</strong> In a dedicated section, we will propose you some more advanced
        techniques to <a href="#authenticity-check">check the authenticity of
        the ISO image</a>.</p>
        </div>

        <p><strong>All Tails ISO image are cryptographically signed by our
        OpenPGP key.</strong>
        OpenPGP is a standard for data encryption that provides cryptographic
        privacy and authentication through the use of keys owned by its users.
        Checking this signature is the recommended way of checking the ISO image
        integrity.</p>

        <p>If you already know how to use an OpenPGP key you can download it
        straight away:</p>

        [[!inline pages="lib/download_tails_signing_key" raw="yes"]]

        <p>Otherwise, read our instructions to check the ISO image integrity:</p>
        <ul>
          <li>
          [[!toggle id="verify_the_iso_image_using_gnome"
          text="Using Linux with Gnome: Ubuntu, Debian, Tails, etc."]]
          </li>
          <li>
          [[!toggle id="verify_the_iso_image_using_the_command_line"
          text="Using Linux with the command line"]]
          </li>
          <li>
          [[!toggle id="verify_the_iso_image_using_other_operating_systems"
          text="Using other operating systems"]]
          </li>
        </ul>

        [[!toggleable id="verify_the_iso_image_using_gnome" text="""
        <span class="hide">[[!toggle id="verify_the_iso_image_using_gnome" text=""]]</span>

        <h2>Using Linux with Gnome: Ubuntu, Debian, Tails, Fedora, etc.</h2>

        [[!inline pages="doc/get/verify_the_iso_image_using_gnome" raw="yes"]]

        """]]

        [[!toggleable id="verify_the_iso_image_using_the_command_line" text="""
        <span class="hide">[[!toggle id="verify_the_iso_image_using_the_command_line" text=""]]</span>

        <h2>Using Linux with the command line</h2>

        [[!inline pages="doc/get/verify_the_iso_image_using_the_command_line" raw="yes"]]

        """]]

        [[!toggleable id="verify_the_iso_image_using_other_operating_systems" text="""
        <span class="hide">[[!toggle id="verify_the_iso_image_using_other_operating_systems" text=""]]</span>

        <h2>Using other operating systems</h2>

        [[!inline pages="doc/get/verify_the_iso_image_using_other_operating_systems" raw="yes"]]

        """]]

        <h2><a name="authenticity-check"></a>So how can I check better the ISO
        image authenticity?</h2>

        <p>But the Tails signing key that you downloaded from this website could
        be a fake one if you were victim of a [[man-in-the-middle
        attack|doc/about/warning#man-in-the-middle]].</p>

        <p>Finding a way of trusting better Tails signing key would allow you to
        authenticate better the ISO image you downloaded. The following page
        will give you hints on how to increase the trust you can put in the
        Tails signing key you downloaded:</p>

        <ul>
          <li>[[Trusting Tails signing key|doc/get/trusting_tails_signing_key]]</li>
        </ul>

        <!-- <h2>FIXME: What to do if the image is bad?</h2> -->

</div> <!-- #verify -->

<div id="media">

        <h1 class="bullet-number-four">Burn a DVD or install onto a USB stick</h1>

        <h2>Burning a DVD</h2>
        <ul>
          <li>DVDs are read-only so your Tails can't be altered by a virus or an
          attacker.</li>
          <li>DVDs are cheap but you will need to burn a new DVD each time you
          will update your version of Tails.</li>
          <li>You could also use a DVD-RW but those are not read-only.</li>
        </ul>

        <p>For detailed instructions on how to burn an ISO image under Linux,
        Windows or Mac OS X you can consult <a
        href="https://help.ubuntu.com/community/BurningIsoHowto">the
        corresponding Ubuntu documentation</a>: just replace the Ubuntu ISO
        image by the Tails ISO image you downloaded and ignore the part on
        verifying the data integrity since you've already done that.</p>

        <h2>Installing onto a USB stick</h2>

        <p><strong>The content of the USB stick will be lost in the
        operation.</strong></p>

        <ul>
          <li>An attacker with physical access to your USB stick or through a
          virus could alter your Tails.</li>
          <li>USB sticks can be reused across different versions of Tails.</li>
          <li>You can store documents in the space left on the USB stick and
          use persistence.</li>
          <li>USB sticks are smaller to fit in your pocket.</li>
          <li>Older computers might not be able to start from a USB stick.</li>
          <li>This technique also works for <span
          class="definition">[[!wikipedia SD_card desc="SD cards"]]</span>. Some
          SD cards have a read-only switch that can prevent your Tails from
          being altered. But be aware that this protection is most probably not
          ensured by the SD card itself: do not rely on untrusted computers to
          respect this feature.</li>
        </ul>

        <p>[[See the corresponding
        documentation.|doc/first_steps/usb_installation]]</p>

</div> <!-- #support -->

<div id="stay_tuned">

        <h1 class="bullet-number-five">Stay tuned</h1>

        <p>
        <strong>It's very important to keep your version of Tails up-to-date, otherwise
        your system will be vulnerable to numerous security holes.</strong> The
        development team is doing its best to release new versions fixing known
        security holes on a regular basis.
        </p>

        <p>New versions are announced on our <a
        href='https://mailman.boum.org/listinfo/amnesia-news'>news
        mailing-list</a>. Drop your email address into this box, then hit the
        button to subscribe:

        <form method="POST" action="https://mailman.boum.org/subscribe/amnesia-news">
                <input class="text" name="email" value=""/>
                <input class="button" type="submit" value="Subscribe"/>
                to the news mailing-list.
        </form>
        </p>

        <p>There also are <a href='/torrents/rss/index.rss'>RSS</a> and
        <a href='/torrents/rss/index.atom'>Atom</a> feeds that announce new
        available BitTorrent files.</p>

        <p>Refer to our [[security announcements|/security]] feed for more
        detailed information about the security holes affecting Tails.
        Furthermore you will be automatically notified of the security holes
        affecting the version you are using at the startup of a new Tails
        session.</p>

        <p>Since Tails is based on Debian, it takes advantage of all the
        work done by the Debian security team. As quoted from <a
        href="http://security.debian.org/">(http://security.debian.org/)</a>:</p>

        <blockquote>Debian takes security very seriously. We handle all
        security problems brought to our attention and ensure that they are
        corrected within a reasonable timeframe. Many advisories are coordinated
        with other free software vendors and are published the same day a
        vulnerability is made public and we also have a Security Audit team that
        reviews the archive looking for new or unfixed security bugs.
        </blockquote>

        <blockquote>Experience has shown that "security through obscurity" does
        not work. Public disclosure allows for more rapid and better solutions
        to security problems. In that vein, this page addresses Debian's status
        with respect to various known security holes, which could potentially
        affect Debian.</blockquote>

</div> <!-- #stay_tuned-->

<div id="start">

        <h1 class="bullet-number-six">Start Tails!</h1>

        <p>Now that you have a Tails DVD or USB stick you can shutdown your
        computer and start using Tails without altering your existing operating
        system.</p>

        <p><strong>If you're using a DVD:</strong> Put the Tails DVD into the
        CD/DVD-drive and restart the computer. You should see a welcome screen
        prompting you to choose your language.</p>

        <p>If you don't get this menu, you can consult the Ubuntu documentation
        about <a href="https://help.ubuntu.com/community/BootFromCD">booting
        from the CD</a> for more information, especially the part on the <a
        href="https://help.ubuntu.com/community/BootFromCD#BIOS%20is%20not%20set%20to%20boot%20from%20CD%20or%20DVD%20drive">
        BIOS settings</a>.</p>

        <p><strong>If you're using a USB stick:</strong> Shutdown the computer,
        plug your USB stick and start the computer. You should see a welcome
        screen prompting you to choose your language.</p>

        <p>If your computer does not automatically do so, you might need to edit
        the BIOS settings. Restart your computer, and watch for a message
        telling you which key to press to enter the BIOS setup. It will usually
        be one of F1, F2, DEL, ESC or F10. Press this key while your computer is
        booting to edit your BIOS settings. You need to edit the Boot Order.
        Depending on your computer you should see an entry for 'removable drive'
        or 'USB media'. Move this to the top of the list to force the computer
        to attempt to boot from USB before booting from the hard disk. Save your
        changes and continue.</p>

        <p>For more detailed instruction on how to boot from USB you can read <a
        href="http://pcsupport.about.com/od/tipstricks/ht/bootusbflash.htm">About.com:
        How To Boot your Computer from a Bootable USB Device</a></p>

        <p>If you have problems accessing the BIOS, try to read <a
        href="http://www.pendrivelinux.com/how-to-access-bios/">pendrivelinux.com:
        How to Access BIOS</a></p>

</div><!-- #boot" -->
</div> <!-- #download -->