Tails, the popular privacy-focused OS, now supports the UEFI Secure Boot, this means that it could boot on systems where the UEFI Secure Boot is enabled.
Tails is a live operating system that users can start on almost any computer from a USB stick or a DVD, it aims at preserving privacy and anonymity of the users.
The Tails OS allows to use the Internet anonymously and circumvent censorship by using the Tor Network, it leaves no trace on the computer users are using and uses the state-of-the-art cryptographic tools to encrypt files, emails and instant messaging.
Tails OS version 4.5 it the first version that supports the UEFI Secure Boot.
The secure boot is a security mechanism used to secure the boot process by allowing the loading of drivers signed with an acceptable digital signature.
The secure boot prevents that malware such as a rootkit will replace the boot loader staying completely invisible and undetectable on a target system.
The security feature is part of the UEFI 2.3.1 Errata C specification (or higher), when the Secure Boot is enabled the OS is loaded only after all the firmware checks pass.
Major OSs, including Windows, Fedora, Debian, RHEL, CentOS, and openSUSE implement the support for Secure Boot … and now the list also includes Tails OS.
“Tails now starts on computers with Secure Boot enabled.” reads the Tails website.
Until today, users who wanted to use Tails operating system on their machine had to disable the Secure Boot, opening the door to firmware attacks.
With the release of Tails version 4.5 users can enable Secure Boot and run the privacy-focused OS.