Tails installation using img

Why does tails use an .img installation file instead of an ISO? This would allow local SHA256 verification of the ISO instead of using the “select your download”, Tails - Install Tails from Linux to verify the download ?

Hi,

Local verification of sha256 has nothing to do with it being a .img or an .iso file. You can check sha256 in both case. Tails (and TorBrowser, and many other security sensitive projects) prefer to use PGP over sha256 because it provides better security against downloads from a rogue (or hacked) mirror.
Tails actually has iso releases, they are linked from the guide to burn Tails on a DVD, which are signed the same way as .img releases.

If you don’t like the “select your download” way of verifying your download, you can use gpg to do the same locally. Tails thinks this provides little benefit for people who don’t already know about gpg, while TB (which has no such “verify my download” afaik) provides a guide on how to verify your download locally

2 Likes

Why does tails use an .img installation file instead of an ISO?

Because you were looking at instructions for USB drives.
Here are instructions for DVDs:

https://tails.net/install/dvd/index.en.html

1 Like