Usability is a security feature

The Tails design goals (https://tails.boum.org/contribute/design/) should hopefully clarify that the goal of the project is *not* to produce the most secure OS ever. There is quite some room for improvement, and we plan to focus on such matters in the 3.0 milestone (roadmap: https://labs.riseup.net/code/projects/tails/roadmap). Help is certainly welcome: with a stronger team, this effort could be started earlier :)

We could certainly have focused on hardening more strongly in the first few years of the project. However, given our limited resources, doing so would likely mean spending less time on making Tails usable for its intended audience. I believe the net result would be that fewer people would use Tails, and more people would instead use solutions that are much worse, for their threat model, than the current state of Tails. We strongly believe that usability is a security feature, when considering the state of the world globally, when thinking of security at a collective level instead of from the "given a theoretical user X, who will use our stuff regardless of how usable it is, then X would be more secure if Tails was hardened in this way, or if it did not ship that software" angle.

Anyone interested in the "usability as a security feature" topic: I suggest listening to Eleanor Saitta's talk at OHM2013 (https://noisysquare.com/ethics-and-power-in-the-long-war-...), or reading the transcript.

Cheers!