What captive portals are

Many publicly accessible Internet connections (usually available through a wireless network connection) require users to sign in to the network using a captive portal in order to access the Internet.

Ein Captive Portal ist eine Internetseite, die dem Nutzer angezeigt wird, bevor er ins Inernet kann. Oftmals fordern Captive Portals, dass der Nutzer sich anmeldet oder Informationen eingibt, wie E-Mail Adressen. Captive Portals sind häufig bei Internetcafés, Bücherreien, Flughäfen, Hotels, und Universitäten anzutreffen.

Dies ist eine Beispiel eines Captive Portal ( von AlexEng):

Welcome! Please enter your credentials to connect.

Tor cannot start when the Internet connection is initially blocked by a captive portal. That is why Tails includes an Unsafe Browser to sign in to a network using a captive portal before starting Tor.

Security implications of the Unsafe Browser

For better security, the Unsafe Browser is disabled by default because:

  • The Unsafe Browser is not anonymous.

    The Unsafe Browser does not use Tor. The websites that you visit can see your real IP address.

    This is why we recommend that you:

  • The Unsafe Browser can be used to deanonymize you.

    An attacker could exploit a security vulnerability in another application in Tails to start an invisible Unsafe Browser and reveal your IP address, even if you are not using the Unsafe Browser.

    For example, an attacker could exploit a security vulnerability in Thunderbird by sending you a phishing email that could start an invisible Unsafe Browser and reveal them your IP address.

    Such an attack is very unlikely but could be performed by a strong attacker, such as a government or a hacking firm.

    This is why we recommend that you:

    • Only enable the Unsafe Browser if you need to sign to a network using a captive portal.
    • Always upgrade to the latest version of Tails to fix known vulnerabilities as soon as possible.

    We have plans to fix the root cause of this problem but it requires important engineering work.

To learn how Tails implements the Unsafe Browser, see our design documentation about the Unsafe Browser.

Using the Unsafe Browser

Um den Unsichersbrowser zu starten:

  1. When the Welcome Screen appears, click on the Add Additional Setting button.

  2. Choose Unsafe Browser in the Additional Settings dialog.

  3. Select the Enable the Unsafe Browser option.

  4. Click Start Tails.

  5. In Tails, choose Applications ▸ Internet ▸ Unsafe Browser.

To sign in to a network using a captive portal:

  1. Versuche eine beliebige Webseite mithilfe Unsicherer Browser zu besuchen.

    Choose a website that is common in your location, for example a search engine or news site.

  2. Anstelle zur Webseite, sollten Sie zur Vorschaltseite weitergeleitet werden.

  3. After you signed in to the network, Tor should start.

  4. Nachdem Tor bereit ist, wählen sie den Unsicherer Browser.

    You can use Tor Browser and any other application as usual.

To always enable the Unsafe Browser, turn on the Welcome Screen feature of the Persistent Storage.

Falls Sie Dateien mit dem Unsicheren Browser herunterladen, ist es nicht möglich auf diese außerhalb des Unsicheren Browsers zuzugreifen.