When you receive untrusted documents, for example, email attachments, Dangerzone allows you to convert them into safe PDFs before opening.

Dangerzone is particularly useful for journalists who might receive dangerous documents from anonymous sources or download them from the Internet.

Dangerzone is created by Freedom of the Press Foundation, a non-profit that protects public-interest journalism. Edward Snowden and Laura Poitras are on its Board of Directors.

You can install Dangerzone in Tails using the Additional Software feature.

We are not including Dangerzone in Tails only because it would be too big (over 1 GB), but we highly recommend it.

Learn more about how Dangerzone works.

Supported formats

Dangerzone works on many file formats, including:

  • PDFs

  • Microsoft Office documents, such as .docx, .xlsx, and .pptx

  • LibreOffice documents, such as .odt and .ods

  • Images, such as .jpg, .gif, .svg, .tiff, and .png

  • EPUB ebooks

Differences between Dangerzone and Metadata Cleaner

Tails also includes Metadata Cleaner to clean files, but the use cases for Dangerzone and Metadata Cleaner are very different.

We recommend that you use:

  • Metadata Cleaner to remove metadata from your files before you publish or share them.

  • Dangerzone to sanitize untrusted documents shared with you by others.

DangerzoneMetadata Cleaner
Safe to use onOther people's filesYour files only
Clean audio and video filesNoYes
Remove malware and trackersYesNo
Remove visual metadata and fingerprints ¹NoNo
Allow selecting text in generated PDFsYesNo
SpeedSlowerFaster
Included in Tails by defaultNoYes
  1. For example printer tracking dots, printing imperfections, or intentional misspellings

System requirements

Dangerzone requires a lot of memory in the computer and space in your Persistent Storage because it relies on software containers to manipulate dangerous files securely.

To install Dangerzone, you need at least:

  • 8 GB of RAM

  • 12 GB available in the Persistent Storage

Installing Dangerzone

To install Dangerzone as additional software in Tails, you have to:

  1. Configure the Dangerzone APT repository

  2. Install the Dangerzone package

  3. Convert a test document

Configure the Dangerzone APT repository

  1. When starting Tails, set up an administration password.

  2. Choose Applications ▸ Persistent Storage to open the Persistent Storage settings.

    Create a Persistent Storage if you don't have one already.

    Make sure that the Additional Software feature is enabled.

    Close the Persistent Storage settings.

  3. Choose Applications ▸ Utilities ▸ Terminal to open a terminal without administration rights.

  4. Execute the following command to open the configuration of your Persistent Storage in the Text Editor with administration rights.

    gnome-text-editor admin:///live/persistence/TailsData_unlocked/persistence.conf
    

    Add the following line to store the configuration of third-party APT repositories in your Persistent Storage.

    /etc/apt/sources.list.d  source=apt/sources,link
    

    Add the following line to store Podman containers in your Persistent Storage. Podman is the containerization technology used by Dangerzone.

    /home/amnesia/.local/share/containers    source=podman
    

    Save your changes and close the Text Editor.

  5. Choose Applications ▸ System Tools ▸ Root Terminal to open a terminal with administration rights.

  6. Execute the following commands to configure the Dangerzone repository as additional APT repository.

    mkdir /live/persistence/TailsData_unlocked/apt/sources

    ln -s /usr/share/tails/apt/dangerzone.sources /live/persistence/TailsData_unlocked/apt/sources/

    We include this sources file in Tails for convenience, but installing Dangerzone relies on the APT repository hosted by Freedom of the Press Foundation. As a consequence:

    • You need to trust the packages from this repository not to break the security of your Tails.
    • Dangerzone might stop working in Tails outside of the control of the Tails team.
  7. Restart Tails.

Install the Dangerzone package

  1. When starting Tails, set up an administration password.

  2. Connect to the Tor network.

  3. Choose Applications ▸ System Tools ▸ Root Terminal to open a terminal with administration rights.

  4. Execute the following commands to install the dangerzone package and its dependencies.

    apt update

    apt install dangerzone fuse-overlayfs uidmap

  5. After the packages are installed, a notification appears to ask if you want to install dangerzone, fuse-overlayfs, and uidmap every time you start Tails in the future.

    Choose to Install Every Time.

  6. Close the Root Terminal.

Convert a test document

  1. Choose Applications ▸ Office ▸ Dangerzone to start Dangerzone.

    When started for the first time, Dangerzone installs its container.

    This operation can take several minutes.

    After the setup finishes, a button appears to Select suspicious documents.

  2. Select a simple document to test the conversion process, like an empty LibreOffice document or an image.

    Converting this first document can also take several minutes. After this first document, converting other documents will be faster.

    If converting fails with the error Unknown error code '125', restart Tails and try again.

    Dangerzone needs a lot of available RAM when running for the first time. Restarting Tails frees as much RAM as possible.

    Dangerzone requires at least 8 GB of RAM to install.

  3. After the conversion finishes, the original document is moved to a new unsafe folder and the name of the safe document that has been created includes safe. For example:

    ├── document-safe.odt
    └── unsafe
        └── document.odt