- doc
- persistent storage
- additional software
- Converting dangerous documents to safe PDFs using Dangerzone
When you receive untrusted documents, for example, email attachments, Dangerzone allows you to convert them into safe PDFs before opening.
Dangerzone is particularly useful for journalists who might receive dangerous documents from anonymous sources or download them from the Internet.
Dangerzone is created by Freedom of the Press Foundation, a non-profit that protects public-interest journalism. Edward Snowden and Laura Poitras are on its Board of Directors.
You can install Dangerzone in Tails using the Additional Software feature.
We are not including Dangerzone in Tails only because it would be too big (over 1 GB), but we highly recommend it.
Learn more about how Dangerzone works.
Supported formats
Dangerzone works on many file formats, including:
PDFs
Microsoft Office documents, such as .docx, .xlsx, and .pptx
LibreOffice documents, such as .odt and .ods
Images, such as .jpg, .gif, .svg, .tiff, and .png
EPUB ebooks
Differences between Dangerzone and Metadata Cleaner
Tails also includes Metadata Cleaner to clean files, but the use cases for Dangerzone and Metadata Cleaner are very different.
We recommend that you use:
Metadata Cleaner to remove metadata from your files before you publish or share them.
Dangerzone to sanitize untrusted documents shared with you by others.
Dangerzone | Metadata Cleaner | |
---|---|---|
Safe to use on | Other people's files | Your files only |
Clean audio and video files | No | Yes |
Remove malware and trackers | Yes | No |
Remove visual metadata and fingerprints ¹ | No | No |
Allow selecting text in generated PDFs | Yes | No |
Speed | Slower | Faster |
Included in Tails by default | No | Yes |
- For example printer tracking dots, printing imperfections, or intentional misspellings
System requirements
Dangerzone requires a lot of memory in the computer and space in your Persistent Storage because it relies on software containers to manipulate dangerous files securely.
To install Dangerzone, you need at least:
8 GB of RAM
12 GB available in the Persistent Storage
Installing Dangerzone
To install Dangerzone as additional software in Tails, you have to:
Configure the Dangerzone APT repository
When starting Tails, set up an administration password.
Choose Applications ▸ Persistent Storage to open the Persistent Storage settings.
Create a Persistent Storage if you don't have one already.
Make sure that the Additional Software feature is enabled.
Close the Persistent Storage settings.
Choose Applications ▸ Utilities ▸ Terminal to open a terminal without administration rights.
Execute the following command to open the configuration of your Persistent Storage in the Text Editor with administration rights.
gnome-text-editor admin:///live/persistence/TailsData_unlocked/persistence.conf
Add the following line to store the configuration of third-party APT repositories in your Persistent Storage.
/etc/apt/sources.list.d source=apt/sources,link
Add the following line to store Podman containers in your Persistent Storage. Podman is the containerization technology used by Dangerzone.
/home/amnesia/.local/share/containers source=podman
Save your changes and close the Text Editor.
Choose Applications ▸ System Tools ▸ Root Terminal to open a terminal with administration rights.
Execute the following commands to configure the Dangerzone repository as additional APT repository.
mkdir /live/persistence/TailsData_unlocked/apt/sources
ln -s /usr/share/tails/apt/dangerzone.sources /live/persistence/TailsData_unlocked/apt/sources/
We include this sources file in Tails for convenience, but installing Dangerzone relies on the APT repository hosted by Freedom of the Press Foundation. As a consequence:
- You need to trust the packages from this repository not to break the security of your Tails.
- Dangerzone might stop working in Tails outside of the control of the Tails team.
Restart Tails.
Install the Dangerzone package
When starting Tails, set up an administration password.
Choose Applications ▸ System Tools ▸ Root Terminal to open a terminal with administration rights.
Execute the following commands to install the
dangerzone
package and its dependencies.apt update
apt install dangerzone fuse-overlayfs uidmap
After the packages are installed, a notification appears to ask if you want to install
dangerzone
,fuse-overlayfs
, anduidmap
every time you start Tails in the future.Choose to Install Every Time.
Close the Root Terminal.
Convert a test document
Choose Applications ▸ Office ▸ Dangerzone to start Dangerzone.
When started for the first time, Dangerzone installs its container.
This operation can take several minutes.
After the setup finishes, a button appears to Select suspicious documents.
Select a simple document to test the conversion process, like an empty LibreOffice document or an image.
Converting this first document can also take several minutes. After this first document, converting other documents will be faster.
If converting fails with the error Unknown error code '125', restart Tails and try again.
Dangerzone needs a lot of available RAM when running for the first time. Restarting Tails frees as much RAM as possible.
Dangerzone requires at least 8 GB of RAM to install.
After the conversion finishes, the original document is moved to a new unsafe folder and the name of the safe document that has been created includes safe. For example:
├── document-safe.odt └── unsafe └── document.odt