Eventual plans for integration into Tails OS?

[nofacemap]

I'm a Tails user who would love a way to sanitize attachments in that OS. As of right now I have to decide between the benefits of using Tails (without easy ability to 'trust' email attachments) or the benefits of dangerzone (with the risks of persistence of non-tails operating systems).

As someone relatively new to all of this maybe I'm over-looking an easy solve, but from what I can tell dangerzone (and dangerzone-converter) can't be automatically downloaded through the Tails Synaptic Package Manager or apt because neither are in the debian repositories. So there is a question that precedes whether there are plans to integrate into Tails eventually - are there plans to be hosted in the debian repos?

If so, would it be safe to install Dangerzone as it is now, or are there things that might break Tails anonymity in the way that Dangerzone is designed or configured?

I considered putting this question to the Tails Gitlab instance, but figured it would make more sense to check in with the dangerzone devs about any plans, or opinions about compatibility. Thank you for the work you do!

[sajolida]

Downstream bug report: https://gitlab.tails.boum.org/tails/tails/-/issues/18135

I'm curious whether @micahflee has any plans regarding this.

[micahflee]

Thanks @nofacemap @sajolida. I think Dangerzone would be an excellent addition to Tails, and I would be interested in helping make it happen. The main things to note are:

• Dangerzone depends on docker (though any container runtime should work fine, like podman). I believe docker is in debian repos, but know docker recommends installing Docker CE from their own repo
• Dangerzone isn't currently packaged in Debian, though we do run a Debian repo for it: https://github.com/firstlookmedia/dangerzone/wiki/Installing-Dangerzone#install-in-linux

I can't think of any privacy issues that Dangerzone might introduce. The only use of internet is to pull the latest dangerzone container image from Docker Hub, and this is done without any cookies/persistence or anything and should work fine over Tor: https://hub.docker.com/r/flmcode/dangerzone

The actual containers that get executed use --network none, and the only volumes they mount are the input file and a temporary folder to save the output file. So even if, for example, Docker Hub is compromised and served a malicious container image, the harm that can be done is minimum since the malware running in the container won't have network access and can't access the filesystem. (However what it could potentially do is replace the output file, the "safe PDF", with malware that then tries to hack Evince if the user opens it.) Still though I think this risk is low.

Another thing to consider about Dangerzone in Tails is making docker's storage persistent. The dangerzone container is a few hundred mb, so it will take awhile to download in Tails, and it would be inconvenient to have to re-download this each time you rebooted. However, there are now new containers generated weekly to make sure it always has the latest updates installed, and so you'll have to redownload updated containers each week in any case.

I will set up a Tails to test with and see if I can get Dangerzone working, and then report back.

[micahflee]

I'm working on seeing how easy it is to install Dangerzone in Tails, and at the moment I'm stuck on getting Docker working. Specifically, the docker daemon (/usr/sbin/dockerd) is failing to make a DNS request when trying to pull a container:

root@amnesia:~# docker pull hello-world
Using default tag: latest
Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on 127.0.0.1:53: write udp 127.0.0.1:50639->127.0.0.1:53: write: operation not permitted

I've tried all sorts of things but I can't get it to work. Like, I've edited /lib/systemd/system/docker.service and changed the command to use --dns 127.0.0.1, which is the same, or --dns 127.0.0.1:5353 (the DNSPort from torrc) which throws an error. I've also tried running /usr/sbin/dockerd using torify and torsocks which didn't seem to work.

I've found various documentation on making a ~/.docker/config.json file to specify socks5h proxies in Docker, but the DNS is still failing in the same way.

I just install docker.io from the debian repo. @sajolida any ideas?

[sajolida]

Nice to see that you're trying to get it work on Tails! We might be able to add doc about this to our website even if the Dangerzone software is not included in the Tails image.

For some reason that I ignore, root is not allowed to do DNS queries. I could work around this with:

sudo iptables -I OUTPUT -p udp --dport 5353 -m owner --uid-owner root -j ACCEPT

But then I get:

root@amnesia:~# docker pull hello-world
Using default tag: latest
Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp 52.55.168.20:443: connect: connection refused

I guess that's when you need to configure it to go through the socks proxy 😉

Maybe you can continue your experiments and then we can have a deeper conversation about the proper way of solving the DNS issue with our engineers, as it's definitely not my field of expertise.

[huertanix]

Adding another smol issue related to Tails support: I'm on Tails 4.7 following the instructions for Debian here: https://packagecloud.io/firstlookmedia/code/install#manual-deb but I get a Failed to connect to packagecloud.io port 443: Connection refused error when I run the curl -L https://packagecloud.io/firstlookmedia/code/gpgkey | sudo apt-key add - . Wondering if the connection is being refused due to the Tor connection?

[deeplow]

Dynamic discovery of OCR languages #448 will significantly reduce the image size from 839M to 371MB of the container. This is at the cost of having to download language models for OCR on runtime. Maybe they can be made persistent after download, though.

[almet]

Instructions on how to use Dangerzone on Tails have been added recently, and you can find them on the Tails documentation.

(Dangerzone is not included by default in Tails, though, mainly because it is too big right now).

I'm closing this issue, but we will update it if/when we find a way to be included directly in Tails.