You need

1 USB-隨身碟

Only for Tails!

8 GB minimum

你的 Tails

1 USB-隨身碟

All data will be lost!

8 GB minimum

Why?

It is currently impossible to manually upgrade a Tails USB stick while running from itself. This scenario requires creating an intermediary Tails on another USB stick, from which to upgrade your Tails.

Windows 7

or later

macOS 10.10

Yosemite
or later

Linux

any distribution

Debian

Ubuntu

or another derivative

Another Tails

USB stick or DVD

2 GB of RAM

64-bit

Intel processor

not Apple M1 or M2

2 GB of RAM

64-bit

Smartphone

or printer
to follow the instructions

1 hour in total

½ hour

¼ hour

1.4 GB to download

½ hour to install

½ hour to upgrade

Detailed system requirements and recommended hardware.

Summary

  • Tails works on:

    • Most PC computers that are less than 10 years old
    • Some older Mac computers with an Intel processor
  • Tails does not work:

    • Newer Mac computers with an Apple processor (M1 or M2)
    • Smartphones or tablets
    • Raspberry Pi
  • Tails might not work on:

    • Some older computers, for example, if they don't have 2 GB of RAM.

    • Some newer computers, for example, if their graphics card is incompatible with Linux. Nvidia or AMD Radeon cards often do not work in Tails.

See our list of known hardware compatibility issues.

Detailed hardware requirements

  • A USB stick of 8 GB minimum or a recordable DVD.

    All the data on this USB stick or DVD is lost when installing Tails.

  • The ability to start from a USB stick or a DVD reader.

  • A 64-bit x86-64 IBM PC compatible processor.

    • Tails does not works on ARM or PowerPC processors.

    • Tails does not work on 32-bit computers since Tails 3.0 (June 2017).

  • 2 GB of RAM to work smoothly.

    Tails can work with less than 2 GB RAM but might behave strangely or crash.

Recommended hardware

Laptop models evolve too rapidly for us to be able to provide an up-to-date list of recommended hardware. Below are some guidelines if you, or your organization, are considering acquiring a laptop dedicated to running Tails.

For PC

  • Avoid "gaming" models with Nvidia or AMD Radeon graphics cards.

  • Consider buying a refurbished laptop from a high-end (professional) series. These are cheaper and will last longer than new but lower-quality laptops.

    • For example, the Lenovo ThinkPad series work well with Tails, including the X250, X1 Carbon, T440, T480, and T490 models.

    • If you live in a part of the world where buying refurbished laptops is uncommon, look on eBay and Amazon. Amazon offers a 90-day Amazon Renewed Guarantee.

  • Consider buying a new laptop from vendors who guarantee the compatibility with Linux and Tails like ThinkPenguin.

For Mac

Unfortunately, we don't know of any Mac model that works well in Tails and can run the latest macOS version.

步驟

Warnings: Tails is safe but not magic!

Tails is safer than any regular operating system. But Tails, or any software or operating system, cannot protect you from everything—even if they pretend to.

The recommendations below will keep you even safer, especially if you are at high risk.

Protecting your identity when using Tails

Tails is designed to hide your identity.

But some of your activities could reveal your identity:

  • Sharing files with metadata, such as date, time, location, and device information
  • Using Tails for more than one purpose at a time

Limitations of the Tor network

Tails uses the Tor network because it is the strongest and most popular network to protect from surveillance and censorship.

But Tor has limitations if you are concerned about:

  • Hiding that you are using Tor and Tails
  • Protecting your online communications from determined, skilled attackers

Reducing risks when using untrusted computers

Tails can safely run on a computer that has a virus.

But Tails cannot always protect you when:

  • Installing from an infected computer
  • Running Tails on a computer with a compromised BIOS, firmware, or hardware

Because you always have to adapt your digital security practices to your specific needs and threats, we encourage you to learn more by reading the following guides:

Verify the Tails signing key

If you already certified the Tails signing key with your own key, you can skip this step and start downloading and verifying the USB image.

In this step, you will download and verify the Tails signing key which is the OpenPGP key that is used to cryptographically sign the Tails USB image.

依照這些指示,需要有準備自己的 OpenPGP-金鑰。

要了解如何建立自己的 OpenPGP-密鑰,請見 管理 OpenPGP 密鑰 (英文) 版 Riseup

This verification technique uses the OpenPGP Web of Trust and the certification made by official Debian developers on the Tails signing key.

  1. 把Tails 簽名金鑰滙入到你的GnuPG-金鑰圈中。

    wget https://tails.net/tails-signing.key

    gpg --import < tails-signing.key

  2. 安裝 Debian 密鑰錬,其包含了所有 Debian 開發人員的 OpenPGP-密鑰:

    sudo apt update && sudo apt install debian-keyring

  3. Import the OpenPGP key of Chris Lamb, a former Debian Project Leader, from the Debian keyring into your keyring:

    gpg --keyring=/usr/share/keyrings/debian-keyring.gpg --export chris@chris-lamb.co.uk | gpg --import

  4. 核實 Tails 簽名密鑰所弄的證明:

    gpg --keyid-format 0xlong --check-sigs A490D0F4D311A4153E2BB7CADBB802B258ACD84F

    在此指令的輸出結果中,找到下列這行:

    sig!2        0x1E953E27D4311E58 2020-03-19  Chris Lamb <chris@chris-lamb.co.uk>
    

    Here, sig!2 means that Chris Lamb verified and certified the Tails signing key with his key and a level 2 check.

    也有可能這個核實的證明是其它人所發。 如果你的密鑰圈中有他們的密鑰, 他們的電郵地址會出現在證書列表上。

    如果證書的查核失敗,則可能是 下戴到了一個遭到惡意竄改版本的Tails 簽名或是 我們的安裝指示文件太老舊了。 請 直接聯絡我們.

    The line 175 signatures not checked due to missing keys or similar refers to the certifications (also called signatures) made by other public keys that are not in your keyring. This is not a problem.

  5. 用自己的金鑰來證明 Tails 簽名金鑰。

    gpg --lsign-key A490D0F4D311A4153E2BB7CADBB802B258ACD84F

Download Tails

  1. Download the USB image:

    wget --continue https://download.tails.net/tails/stable/tails-amd64-6.3/tails-amd64-6.3.img

Verify your download

In this step, you will verify your download using the Tails signing key.

  1. Download the signature of the USB image:

    wget https://tails.net/torrents/files/tails-amd64-6.3.img.sig

  2. Verify that the USB image is signed by the Tails signing key:

    TZ=UTC gpg --no-options --keyid-format long --verify tails-amd64-6.3.img.sig tails-amd64-6.3.img

    The output of this command should be the following:

    gpg: Signature made Wed May 15 16:02:40 2024 UTC
    gpg:                using RSA key 05469FB85EAD6589B43D41D3D21DAD38AF281C0B
    gpg: Good signature from "Tails developers (offline long-term identity key) <tails@boum.org>" [full]
    gpg:                 aka "Tails developers <tails@boum.org>" [full]

    核實這個結果為:

    • 簽名的日期相同。

    • The signature is marked as Good signature since you certified the Tails signing key with your own key.

Install Tails using dd

  1. Make sure that the USB stick on which you want to install Tails is unplugged.

  2. Execute the following command:

    ls -1 /dev/sd?

    It returns a list of the storage devices on the system. For example:

    dev/sda
    
  3. Plug in the USB stick on which you want to install Tails.

    All the data on this USB stick will be lost.

  4. Execute again the same command:

    ls -1 /dev/sd?

    Your USB stick appears as a new device in the list.

    /dev/sda
    /dev/sdb
    
  5. Take note of the device name of your USB stick.

    In this example, the device name of the USB stick is /dev/sdb. Yours might be different.

    如果不確定設備名稱,你最好停止操作否則 會造成覆寫掉系統上任何一顆硬碟的風險.

  6. Execute the following commands to copy the USB image that you downloaded earlier to the USB stick.

    Replace:

    • tails.img with the path to the USB image

    • device with the device name found in step 5

    dd if=tails.img of=device bs=16M oflag=direct status=progress

    應該會得到像這樣的東西:

    dd if=/home/user/tails-amd64-3.12.img of=/dev/sdb bs=16M oflag=direct status=progress

    If no error message is returned, Tails is being copied on the USB stick. The copy takes some time, generally a few minutes.

    If you get a Permission denied error, try adding sudo at the beginning of the command:

    sudo dd if=tails.img of=device bs=16M oflag=direct status=progress

    The installation is complete after the command prompt reappears.

Well done!

You have installed Tails on your USB stick.

In the next step, you will make your computer start on this USB stick.

Tails might not work on your computer, so good luck!

If you already started on the other Tails, go directly to step 3: Verify that the other Tails is up-to-date.

Open these instructions on another device

In the next step, you will shut down the computer. To be able to follow the rest of the instructions afterwards, you can either:

  • Scan this QR code on your smartphone or tablet:

  • Print these instructions on paper.

  • Take note of the URL of this page:

    https://tails.net/install/windows?back=1

    https://tails.net/install/mac?back=1

    https://tails.net/install/linux?back=1

    https://tails.net/install/expert?back=1

    https://tails.net/install/clone/pc?back=1

    https://tails.net/install/clone/mac?back=1

    https://tails.net/upgrade/tails?back=1

    https://tails.net/upgrade/windows?back=1

    https://tails.net/upgrade/mac?back=1

    https://tails.net/upgrade/linux?back=1

    https://tails.net/upgrade/clone?back=1

Restart on the intermediary Tails

Restart on the other Tails

Restart on your Tails USB stick

Make the computer start on the USB stick

  1. Make sure that you have installed Tails using either:

  2. Click on the Start button.

  3. Press and hold the Shift key while you choose Power ▸ Restart.

  4. In the Choose an option screen, choose Use a device.

    If the Choose an option screen or the Use a device option don't appear, refer to the instructions on starting Tails using the Boot Menu key.

  5. In the Use a device screen, choose Boot Menu.

    Windows shuts down, the computer restarts, and a Boot Menu appears.

    Plug in your Tails USB stick shortly after choosing Boot Menu and while Windows is shutting down.

    If your Windows has no Boot Menu option available, make sure that your Tails USB stick is plugged in and choose your USB stick directly in the list of devices.

    In the future, we We recommend that you only plug in your Tails USB stick while Windows is shutting down. Otherwise, a virus in Windows could infect your Tails USB stick and break its security.

    Such an attack is possible in theory but very unlikely in practice. We don't know of any virus capable of infecting Tails. See our warning on plugging Tails in untrusted systems.

    The Boot Menu is a list of possible devices to start from. The following screenshot is an example of a Boot Menu:

  6. In the Boot Menu, select your USB stick and press Enter.

  7. If the computer starts on Tails, the Boot Loader appears and Tails starts automatically after 4 seconds.

    Black screen
('GNU GRUB') with Tails logo and 3 options: 'Tails' and 'Tails
(Troubleshooting Mode)' and 'Tails (External Hard Disk)'.

    • The Troubleshooting Mode entry disables some features of the Linux kernel and might work better on some computers. You can try this option if you think you are experiencing hardware compatibility errors while starting Tails.

    • The External Hard Disk entry makes it possible to start from an external hard disk and some problematic USB sticks.

Most computers do not start on the Tails USB stick automatically but you can press a Boot Menu key to display a list of possible devices to start from.

If Windows 8 or 10 is also installed on the computer, you can refer instead to the instructions on starting Tails from Windows 8 or 10. Starting Tails from Windows is easier than using the Boot Menu key.

The following screenshot is an example of a Boot Menu:

This animation summarizes how to use the Boot Menu key to start on the USB stick:

The following instructions explain in detail how to use the Boot Menu key to start on the USB stick:

  1. Make sure that you have installed Tails using either:

  2. Shut down the computer while leaving the USB stick plugged in.

    Shut down the computer and plug in the Tails USB stick.

    Shut down the computer.

    Plug in the other Tails USB stick that you want to install upgrade from.

    Unplug your Tails USB stick while leaving the intermediary USB stick plugged in.

  3. Identify the possible Boot Menu keys for the computer depending on the computer manufacturer in the following list:

    ManufacturerKey
    AcerF12, F9, F2, Esc
    AppleOption
    AsusEsc
    ClevoF7
    DellF12
    FujitsuF12, Esc
    HPF9
    HuaweiF12
    IntelF10
    LenovoF12, Novo
    MSIF11
    SamsungEsc, F12, F2
    SonyF11, Esc, F10
    ToshibaF12
    Others…F12, Esc

    On many computers, a message is displayed very briefly when switching on that also explains how to get to the Boot Menu or edit the BIOS settings.

  4. Switch on the computer.

    Immediately press several times the first possible Boot Menu key identified in step 2.

  5. If the computer starts on another operating system or returns an error message, shut down the computer again and repeat step 3 for all the possible Boot Menu keys identified in step 2.

    If a Boot Menu with a list of devices appears, select your USB stick and press Enter.

  6. If the computer starts on Tails, the Boot Loader appears and Tails starts automatically after 4 seconds.

    Black screen ('GNU GRUB') with Tails
       logo and 3 options: 'Tails' and 'Tails (Troubleshooting Mode)' and 'Tails (External Hard Disk)'.

  1. Make sure that you have installed Tails using either:

  2. Shut down the computer.

    Shut down the computer while leaving the USB stick plugged in.

    Plug in the other Tails USB stick that you want to install from.

  3. Plug in your Tails USB stick.

  4. Switch on the computer.

    Immediately press-and-hold the Option key ( or Alt key) when the startup sound is played.

    Hold the key pressed until a list of possible startup disks appears.

    'Option' or
'alt' key in the bottom left of Mac keyboard

  5. Choose the USB stick and press Enter. The USB stick appears as an external hard disk and might be labeled EFI Boot or Windows like in the following screenshot:

    Screen
with the logo of an internal hard disk labeled 'Macintosh HD' and an
external hard disk labelled 'Windows' (selected)

    If the USB stick does not appear in the list of startup disks:

    1. Wait 2–3 minutes and try again. Some USB sticks need some rest after installing.

    2. Try all other USB ports on the computer. Some USB ports cannot be used to start from.

    3. Make sure that you have installed Tails using either:

    4. Make sure that you have verified your download of Tails.

    5. Make sure that you have verified your download.

    6. Try to install again on the same USB stick.

      Try to install again on the same USB stick.

      Try to install again on the same USB stick.

      Try to install again on the same USB stick.

      Try to install again on the same USB stick.

      Try to install again on the same USB stick.

      Try to install again on the same USB stick.

      Try to install again on the same USB stick.

      Try to install again on the same USB stick.

      Try to install again on the same USB stick.

      Try to install again on the same USB stick.

      Try to install again on the same USB stick.

    7. Try to install on a different USB stick.

    8. Try to use the same USB stick to start on a different computer.

    If your computer still does not display the Boot Loader, it might currently be impossible to start Tails on your computer.

  6. If your Mac displays the following error:

    Security settings do not allow this Mac to use an external startup disk.

    Then you have to change the settings of the Startup Security Utility of your Mac to authorize starting from Tails.

    To open Startup Security Utility:

    1. Turn on your Mac, then press and hold Command(⌘)+R immediately after you see the Apple logo. Your Mac starts up from macOS Recovery.

    2. When you see the macOS Utilities window, choose Utilities ▸ Startup Security Utility from the menu bar.

    3. When you are asked to authenticate, click Enter macOS Password, then choose an administrator account and enter its password.

    Startup Security Utility

    In the Startup Security Utility:

    • Choose No Security in the Secure Boot section.

    • Choose Allow booting from external media in the External Boot.

    To still protect your Mac from starting on untrusted external media, you can set a firmware password, available on macOS Mountain Lion or later. A firmware password prevents users who do not have the password from starting up from any media other than the designated startup disk.

    If you forget your firmware password you will require an in-person service appointment with an Apple Store or Apple Authorized Service Provider.

    Read more on Apple Support about:

  7. If the computer starts on Tails, the Boot Loader appears and Tails starts automatically after 4 seconds.

    Black screen
('GNU GRUB') with Tails logo and 3 options: 'Tails' and 'Tails
(Troubleshooting Mode)' and 'Tails (External Hard Disk)'.

    • The Troubleshooting Mode entry disables some features of the Linux kernel and might work better on some computers. You can try this option if you think you are experiencing hardware compatibility errors while starting Tails.

    • The External Hard Disk entry makes it possible to start from an external hard disk and some problematic USB sticks.

Troubleshoot Tails not starting

Starting the computer using a Boot Menu key can be faster than starting the computer on Windows first and then on Tails. We recommend you learn how to start Tails using the Boot Menu key if you use Tails regularly.

Apple does not prioritize collaborating with Free Software projects. Their newest hardware is usually very hard for Free Software developers to get working with Linux, and thus Tails. PC hardware tends to be more open and work better with Linux.

Welcome to Tails!

Starting Tails

  1. After the Boot Menu, a loading screen appears.

  2. One to two minutes after the Boot Loader and the loading screen, the Welcome Screen appears.

    Welcome to Tails!

  3. In the Welcome Screen, select your language and keyboard layout in the Language and Formats section. Click Start Tails.

    If your keyboard or touchpad doesn't work, try using a USB keyboard or mouse.

  4. After 15–30 seconds, the Tails desktop appears.

Welcome to your new Tails!

You made it!

You managed to start your new Tails on your computer!

Congratulations on staying safe :)

To continue discovering Tails, read our documentation.

Test your Wi-Fi

Problems with Wi-Fi are unfortunately quite common in Tails and Linux in general. To test if your Wi-Fi interface works in Tails:

  1. Open the system menu in the top-right corner:

  2. Choose Wi-Fi Not Connected and then Select Network.

  3. After establishing a connection to a local network, the Tor Connection assistant appears to help you connect to the Tor network.

If your Wi-Fi interface is not working, you might experience the following:

  • There is no Wi-Fi menu in the system menu:

  • The interface is disabled because MAC address anonymization failed:

    Notification: MAC address anonymization failed

    In this case, you can disable MAC address anonymization in the Welcome Screen. Doing so has security implications, so read carefully our documentation about MAC address anonymization.

  • The following notification appears:

    Activation of network connection failed
    

To connect to the Internet, you can try to:

  • Use an Ethernet cable instead of Wi-Fi if possible. Wired interfaces work much more reliably than Wi-Fi in Tails.

  • Share the Wi-Fi or mobile data connection of your phone using a USB cable. Sharing a connection this way is called USB tethering.

    See instructions for:

    Tails cannot hide the information that identifies your phone on the local network. If you connect your phone to a:

    • Wi-Fi network: the network can see the MAC address of your phone.

      This has security implications that we explain in our documentation on MAC address anonymization. Some phones have a feature to hide the MAC address of the phone.

    • Mobile data network: the network is able to know the identifier of your SIM card (IMSI) and the serial number of your phone (IMEI).

  • Buy a USB Wi-Fi adapter that works in Tails:

    VendorModelSizeSpeedPriceBuy offlineBuy online
    Panda WirelessUltraNano150 Mbit/s$18NoAmazon
    Panda WirelessPAU05Small300 Mbit/s$65NoAmazon
    ThinkPenguinTPE-N150USBNano150 Mbit/s$74NoThinkPenguin

    If you find another USB Wi-Fi adapter that works in Tails, please let us know. You can write to tails-support-private@boum.org (private email).

  • Check in our list of known Wi-Fi issues if there is a workaround to get your Wi-Fi interface to work in Tails.