Feddit.onlineTails no longer recommending balenaEtcher
tails.net/news/rufus/index.en.html
I am shocked by this - the quote in below is very concerning:
"However, in 2024, the situation changed: balenaEtcher started sharing the file name of the image and the model of the USB stick with the Balena company and possibly with third parties."
Can't see myself using this software anymore...
173 Comments
Comments from other communities
Ulrich
AllNewTypeFaceIsn’t Balena’s entire business model taking things that could easily run locally and wedging a cloud dependency in to allow them to be profitably enshittified?
What's the point of including KeePass in Tails if it's effectively wiped on reboot? Am I misunderstanding?
Andromxda 🇺🇦🇵🇸🇹🇼Use dd, or check out the Fedora Media Writer if you want a GUI tool.
TrashboatI never really understood why etcher was the choice, it was a crazy bloated program that was like 100 or 150mb? To do the same job as Rufus could do in like a dozen or so, and if you’re on Linux you can just use gnome disks or something, never had any issues there either. Just made no sense to me why they recommended it in the first place.
Sometimes rufus-made usb drives wouldn't work for me, but etcher did. Shrug. I didn't believe it either until I tried it.
Doesn’t Rufus only work on Windows though?
DiscoShrewYes, thats why it's in the windows installation instructions.
That's interesting, apparently it was mentioned on github but nothing seems to have changed in the end
https://github.com/balena-io/etcher/issues/3784
Haven't used that software in a long time but maybe there's an opt-out somewhere during runtime? Although I don't see why a user needs to be required to opt out of nonsense like this when just writing firmware to a USB disk.
Only ever touched balenaEtcher when some project or distro recommended it. Overall prefer Rufus for this sort of thing when working on Windows.
I've used Sardu on Windows for making multi-iso bootable USB sticks a long time ago in the past, but I'd admittedly never looked at their ToS or Privacy Policy. My use case was slapping some live boot antivirus scanners, data recovery tools, and one or two lightweight liveboot-Linux ISOs on one USB as a portable toolkit.
When I'm making anything else from Windows, I've always stuck with Rufus. Had never heard of BalenaEtcher before now.
I"m horrible with names of programs and mess with a lot of junk comps switching out OS's and just tinkering around so I'm always using crazy utility programs. BalenaEtcher is used in a lot of tutorials or guides for installations, I think recently both Elementary OS and even Ubuntu had instructions pointing towards BalenaEtcher.
I never thought it was a great program, it was finicky to use and errors out quickly multiple times. Looking back I saw the signs, weird new program being promoted above other "well established" burn programs, ads, and now scrolling down their webpage it's just a bunch of promotional subscription bullshit. I think I just threw up in my mouth a little bit looking at the "balenacloud" and "balenasense", like if they're collecting your data through etcher then all of that shit is probably compromised. Another fucking google wannabe corp.
dd
Never understood why you would use anything else. It's in coreutils!!!
There are people coming from Windows, which does not have
dd.J think the best solution for window$ ppl is Rufus?
Install Linux! /s
https://stackoverflow.com/questions/37598040/windows-powershell-command-line-equivalent-of-dd
Or just WSL
"just" setting that up takes much longer than installing a small app to do it.
OK so keep using the small app that is reporting your usage activity
Or just dont use windows
Because GNU dd-rescue exists
Many won't touch the command line.
I know, but just because someone doesn't understand something or ignores it doesn't mean it isn't the best/simplest choice for 90% of cases.
It's faster to drag and drop a downloaded ISO and choose the target from a dropdown, than do it on a command line. And get a progress bar. As much as command line is usually faster, it isn't in this case.
Yes you can also get a progress bar on the command line but it's more typing again, and realistically you need to look the option up every time if you use dd once every 3 months.
Lmao. Uses a computer, typing is too much. It took more typing to write your comment than to craft a tab-completed dd command, even if you had to call the help menu to refresh your available options, jus' sayin'
I get it though, the general public are scared of the big bad 'puter magic and need GUIs.
Tab complete? Just ^R that shit!
Shhh, that's too advanced. Besides, CLI is outdated and slower than GUIs, this is just insane behavior /s
I honestly didn't even need to specify tab-completed. It's still less typing than their comment unless your paths are miles long.
Let me try:
Lmao. Uses a computer, still does stuff the slower way because learning new things is too difficult.
To be serious, I am looking for the best solutions for my use cases, not adequate ones. Yes dd works perfectly fine and as you noted doesn't take long to use anyway. But just because it's fine doesn't mean other approaches aren't better.
A GUI tool can offer or take a list of download URLs for common distros so downloading isn't a separate step, it can check if the target device is a flash drive and not a hard drive by mistake, it can automatically choose the optimal block size for the device, it can verify the process by reading it back from the device, can show you the current filesystem, label, and usage of the target device to confirm, it can handle flashing to multiple devices at the same time with separate and total progress bars.
If I wanted to do all that on the command line it'd be quite a lot of commands or a sizeable script to write. Or I can use a simple dd command and lose out on all of the above. Either way it's a worse option. I will only use dd when a GUI tool isn't installed, or when I'm on a system without a DE.
We will have to agree to disagree.
At least you came back with reasons beyond "I don't like typing."
ETA: > learning new things is too difficult.
I could use this argument for folks that don't want to learn CLI as well, doesn't really track in either direction.
It is indeed the best way, but somehow I am still anxious using this command, even after flashing countless USB drives 😅
I've made it a habit to type out the command without sudo at first, then when it yells at me about permissions I am reminded to go back and double-check.
*♬ Hello
ddmy old friend**I’ve come
sudowith you again ♬*Hello cat or cp or pv... Or anything else that works with files
Huh this is news to me. Wonder why dd has been the defacto standard in guides everywhere for the past 15-20+ years
.. and the sign said the bytes of the distro are written to the SD card …. if they’re un-tar’d ..
Is no one aware of Fedora Media Writer? It's FOSS and the most trustworthy ISO burning software in existence. It's only issue is that its named as if it is written only for producing Fedora bootable media. It works for everything.
Or gnome disks, which also adds an "open with 'write to drive'" option to isos and images
Opensuse has one too. And dd exists for the brave or the foolish
The article at the end mentions they suggest dd as alternative for MacOS (due to Unix user space). It seems the balena -> rufus decision is about the easiest-onramp Mac+Win-portable option, for those uncomfortable dropping to low-level device-writing CLI tools in their current system.
Side-note: Last time I was on a friend's Windows I installed dd simply enough both as mingw-w64 (native compiled) and under Cygwin. So for Windows users who *are* comfortable using dd it only requires a minor step. When I once used WSL devices were accessible too, but that was WSL1 (containerized), whereas WSL2 (virtualized) probably makes device-mapping complex(?) enough to not be worth it there.
WSL2 has relatively easy (a few powershell commands iirc) device mounting, provided you aren't trying to mount C: or the windows install drive (not necessarily the same).
Thanks, that's good to know, but for raw-writing a bootable image to a device do you (or anyone reading) know if there are also straightforward powershell commands for mapping devices at the block level? (as opposed to mounting at filesystem level)
Meh i find it slow.
I dunno... I just use dd.
cat works perfectly fine too 👌
Eh, I prefer being able to specify block sizes, to maximize the throughput.
Seeing progress, too
I remember a while back, years before this surfaced, there was a thread on /g/ with a group photo of Balena's employees and a caption like "why does it take so many people to develop an electron wrapper around dd". Obviously it was low effort engagement bait (balena does much more than etcher), but the comments were full of people calling the company a glowie honeypot and the like. Moral of the story: Trust the schizos, they sense spyware form lightyears away.
So tor is compromised?
Sudo dd if=tails.iso of=/dev/sdb
for Windows?
Rufus.
And who cares if there's spyware on windows, you're already using windows so there *is,* it's *windows.* At that point you may as well just use etcher, but I'd use Rufus anyway because let's be real it's just better. The only reason not to use Rufus is because it's windows exclusive, but if you're using windows that probably doesn't bother you, so...
Install wsl lol.
Install WSL
Oh, sorry. I didn't realize you were on Windows. That's a Linux command. I haven't used Windows very much since about 2018, so I don't even consider Windows anymore unless it's brought up.
The article was about Windows. And, no, I'm not on Windows. i use GrapheneOS on my phone and triple-boot Arch/Debian/Fedora on my laptop. I'm just making the point that the article was about Windows so replying with UNIX commands doesn't really make sense.
bash: Sudo: command not found
Lol, nice one
Sudontplease :P
Ah, a
doasuser, I see!Or working on a case sensitive system
Oh, damn, that was the joke!? Went right over my head lol
In my early days of Linux, I royally fucked up a USB thumb drive (back when they were expensive) using
ddand as a result do not trust myself with it.I would use Hannah Montana Linux if it was the only GUI option to burn a USB ISO.
Weird. I can't even tell you how many times I've used that command. But it's probably been several thousand. And I've never screwed up a flash drive that way.
There has been once or twice where I've pulled the flash drive out too quickly after it finished writing and it actually hadn't finished writing and had to redo it, but other than that, I've not actually screwed up any drives beyond repair or anything.
i still don't understand why anyone would use etcher. it's an electron wrapper over
dd. it's 80MB where rufus is 1.5. when it appeared there were already other programs that did its job better.I've typically used Etcher when I have to write an ISO on Windows
use rufus.
Rufus seems to be just for Windows and dd does not have a gui
that's correct. on windows, rufus is a better tool, and on linux or mac it's just a built-in command with a manual packed in.
also, ubuntu ships with startup image creator, and gnome disks ships as a flatpak, if those are more your speed.
Thanks for the info, I'm on linux mint and after checking these out it isn't immediately apparent from their websites whether or how I could install them. Still think etcher occupies a niche that alternatives don't fill, its website directs you straight to installing it, it's cross platform, and using it is very easy, so it's something that could reasonably be linked to in various install tutorials.
on mint you install them as packages.
I used it because that's what the instructions on the Linux Mint website for creating a bootable USB stick from Windows say to do.
I have no clue what "electron wrapper", "dd", or "rufus" are. I'm trying to learn more, but can't learn it all in one day.
https://linuxmint-installation-guide.readthedocs.io/en/latest/burn.html#in-windows-mac-os-or-other-linux-distributions
weird that the installation guide is hosted on a separate website that hasn't been updated in eight years. that's irresponsible of them. anyway rufus is a better version of etcher that you can download for windows.
Friendship ended with Balena
Now Rufus is my new best friend
I tried belenaEtcher once on my Mac... And it seemed to me more like a spyware than an actual software, I was a bit confused and never used it again.
If you need a FOSS, cross platform GUI for bootable USB sticks, Raspberry Pi Imager is a really good solution.
It is mainly used to flash SD cards for RPIs, but also you can burn any ISO on any support with it.
I used to use the fedora media writer but the RPi imager software is so easy I switched
Rufus is great! I worked with the maintainer to fix a bug in hardware they didn't have and it was a very pleasant experience.
Here's a wildcard people might not know about: Raspberry Pi Imager
I use it because it's faster than Etcher and it also has a bunch of quick links to download popular images (mainly for RPI and other arm-based SBCs) in one click which is handy if you use those regularly.
Deleted by author
Can always use dd but I always go stupid when I need to set boot flags and all that crap, which is so much easier with etcher. I think I've done dd with gparted in the past.
i've never needed to set a single flag with dd. i just do
if=the_iso of=the_disk. what flags?Don't you need to mark usb disks as bootable if you want to boot from them to install Linux or whatever
that's not something i've ever had to do, i've only done that for hard drives.
i think it depends on the image you get - for archlinux you can simply cat (or dd) the file onto a usb stick and it works perfectly fine, bootable. but i think i have seen an image at some point where it didn't work, but i don't recall what it was.
It won't depend. I think it's because back in the day we never had an easy way to force boot a device, if a device wasn't flagged as bootable it wouldn't boot
https://circle.gnome.org? Never tried their ISO software, I just use dd.
Linux mint factory USB creator just right click and make bootable.
Wow, I was not aware of that. I really liked balena. Thankfully, I haven't been using it since installing Mint.
Yet another reason for people to run a default prompt (deny until prompt answer) firewall.
A what?
Good question. I will attempt to clarify:
OP is saying that individual should run firewalls on their machines, that block port activity by default, and only allow traffic upon an approved request by the administrator account.
An interactive firewall.
One that blocks programs from accessing the internet and prompts the first time they try until you click a button that says allow or you choose the alternative which is deny. A program like this you'd have no reason to give it internet access, it's something whose operations should be entirely local.
Balenaetcher has, for me at least, failed to write to USBs for the last 3 years or so that I've tried to use it - meanwhile random iso writers from flatpak have been more reliable for me. Very obnoxious that so many iso related sites recommend it. Rufus kicks tons of ass, if for whatever reason you're still on windows.
Also on most distros I've tried, the disk utility has some sort of right click or context menu that gets you a 'restore disk image' button that works great as well.
Edit= I used Popsicle USB writer from flatpak on steam deck with no issue today! Made by system76 (makers of popOS) and found on flatpak. It is absolutely no frills, but works well enough to write an SD card image for a raspberry pi! 🙂
Flatpack? You are using Linux and you need "iso writers"? Is your dd broken, son?
This sounded like a techy Ron Swanson.
Are the scissors broken in your house, son?
At least one person got the reference!
😂 I also read this as Ron's voice!
Nah as much as i love doing stuff via terminal, I am extra paranoid specifically about writing to the wrong device and losing data; I prefer as many confirmations as possible that I'm writing to the correct drive, and graphical installers tend to give me just a few more reassurances. A few examples would be stuff like
I'm also the kind of person who stares at a written email worrying about every last nuance of my phrasing, so 🤷♂️😂 definitely a me problem, I think!
have they tried also tracking for errors, cause it fucks up every second image unlike rufus
Truth. Etcher is garbage. Rufus is king.
i still had issues using 150MB electron based bloated and heavy software instead of rufus, not that it worked for me anyway
I only tried to use it once, and same. 150MB of a Web app to copy an ISO? I think I was using a Macbook to flash it and decided to use ventoy instead, with my PC.
I understand that it needed a GUI, but 150 megs?? When :
Yeah Mac has dd too, I often forget about the terminal existing there. I wish Ventoy for Mac was a thing tho.
Ventoy is life!
Real
did they ever clear up that random unexplained binaries issue?
From what I could gather, they're taken from Fedora and OpenSUSE. They're signed blobs for secure boot support.
What options are there for flashing to SD cards? Something that works on Mac too would be nice. A gui is preferred.
Plug your usb drive in and run lsblk to figure out which letter to use instead of x in /dev/sdx
sudo dd if=image.iso of=/dev/sdx bs=1M status=progress
EDIT: I totally didn't read your request. This is not gui or Mac based, but it still might help someone.
Thanks for trying.
I'm not against terminal, but I'd just have to look up commands every time that I rarely use.
I'm pretty sure mac, being based off freebsd, would include dd
Mac should have dd,
I'd assume lsblk as wellnot lsblk though. There's fdisk thoughThe comment said "SD Card" so it would be
/dev/mmcblk*I use a microSD to usb adapter and have 2 spinning rust disks. So it's /sdc for me, but i still always double check. Dd isn't called the disk destroyer for nothing.
Doesn't the official guide recommend using GNOME Disk Utility anyway?
Just use
dd. It's not that hard. You pass it 2 arguments:if=the file you want to flash, andof=the destination. If you're feeling fancy, pass in somestatus=progress. And don't forget to prepend it withsudo. That's it.I just tried this the other day and was unable to boot from the USB. Any chance you could shed some light on what I might have screwed up?
The command was:
The USB stick was not mounted and the fedora image was verified. The command completed successfully but I couldn't boot from it. When I used fedora writer to burn the same image to the same USB stick it booted no problem.
Edit: spelling & capitalization
Don't use Fedora myself, but it may not be a hybrid ISO that becomes bootable when written... so I looked and you are missing a flag
From https://docs.fedoraproject.org/en-US/quick-docs/creating-and-using-a-live-installation-image/
I don't think
oflags=directhas any influence on the result. Apparently that's about disabling the page cache in the kernel, which can avoid a situation in which the system slows down due to buildup yet-to-write pages.Perhaps not. But the flag allows for direct I/O for data, bypassing buffers which can be overrun with certain size blocks, potentially causing dirty buffer depending on the machine being used. My understanding is that it's "more reliable" for writing (especially on shitty USB Flash drives) and getting the exact ISO properly written.
But it could be useless all the same - I'm just pointing out that OPs command is not the one recommended by Fedora when writing their ISO. Also OP is less likely to pull the drive before buffers have flushed this way.
Oh yeah that's where I was getting at, but I didn't have time to write that out earlier. I agree that OP probably pulled out the usb stick before buffers were flushed. I imagine that direct I/O would mitigate this problem a lot because presumably whatever buffers still exist (there would some hardware buffers and I think Linux kernel I/O buffers) will be minimal compared to the potentially large amount of dirty pages one might accumulate using normal cached writes. So I imagine those buffers would be empty very shortly (less than one second maybe?) after dd finishes, whereas I've seen regular dd finish tens of seconds before my usb stick stopped blinking it's LED. Still if you wait for that long the result will be the same.
Ah! Thank you! I knew it was something I screwed up!
You didn't screw up, you beautifully proved why the CLI is never a simple solution.
It reminded me when I told a coworker he could force the Windows shutdowns with the command 'shutdown -p -f" from either a Run.exe or a cmd window.
Then he said it wasn't working, and that the cmd window would just open and close quickly but no shutdown.
Imagine my surprise when he was doing shutdown -pf
.
Thats a shame, it was one of the few disk imagers that "just worked"
Happy user of Ventoy here
Last I heard it was also suspect: Ventoy source code contains some unknown BLOBs, still no word on the issue from the dev after months
Good luck with the binary blob!
For some more context:
https://lemmy.one/post/19193506
💀💀 seems like dd commands and gnome's MultiWriter might be the only ways to flash stuff on linux
Fedora Writer is another one (also works on Windows and maybe Mac), and there's also GLIM for multiboot, similar to Ventoy.
There's also Popsicle which is made by the folks over at System76.
Gonna look into GLIM, thanks
The linked article lists Raspberry Pi Imager as an option for writing Tails from macOS, and that is also available on Linux and Windows.
https://www.raspberrypi.com/software/
Though the site only shows how to install on Ubuntu, the GitHub repo for the tool does have an AppImage that should work on any distro.
https://github.com/raspberrypi/rpi-imager/releases
I thought the binary blob thing was explained?
Basically UEFI booting requires shims and those *need* to be signed so the Ventoy author is re-using the ones from Fedora and OpenSUSE. This can be verified by comparing hashes, which the author of that comment shows how to do.
This whole thing seems to come down to people freaking the F out because they don't understand how the software works and the Author of the software is currently PO'd off at the community and stopped answering questions.
A reason was given but no source was provided, and their response to the question was very slow. I don't trust it.
The price of doing business with UEFI. There are ways around it but it works so fucking smooth. I'm down with it.
Completely aside from the blob issue mentioned, the Tails team has recommended against using a multiboot utility like Ventoy to install Tails. Ventoy works fine for basically any other operating system (again, aside from the blob issue), just not Tails, which is what this post is about.
My luck with Ventoy has been very poor. The isos will work a few times and then something breaks and I need to re download all my isos and format and try again.
That's..... Interesting. I've been using Ventoy professionally for like... 2-3 years now and I've not once had an issue with daily use. Unironically like 2500-3000 uses without issue.
This has been my experience as well. Some people love it, but I'm not gonna rely on it for critical backup or recovery tools (also, there's that whole binary blob thing, besides).
I have had no complaints about it, but with that said, I absolutely would not use it for any vital backup your recovery tools.
It was fantastic however, to use to load up with handfuls of different live distro ISOs to play around with.
Thank you for pointing it out.
I've been avoiding it ever since the Balena moniker change.
...and that's how I met your
motherforkWhy use a fancy GUI tool when good old
dddoes the trickcp command works well too
pvfor life.dd status=progresscan also tell you how far along the operation is.Dang, nice! I've been using dd for nearly 30 years and have never seen that. I actually used to used dcfldd because it had better progress reporting than dd (and supported repeated patterns for input). Thanks for sharing!
cat is the tool of distinguished gentlemen
Because of the risk of accidentally wiping the main drive if you're just copy pasting stuff
If that happens to you, that's both a great reminder that mindlessly copy-pasting commands from the internet is a terrible idea, and a chance to practice your restore-from-backup routine! I see no downsides.
Not using Ventoy in 2025?
I guess I could install Ventoy on the raspberry Pi's SD card, but I prefer it to be bare, since the idea is to keep it simple.
Ventoy uses several blobs without any instructions of compiling them yourself?
Not used it since I discovered this nonsense. Shows how seriously they take security.
https://github.com/balena-io/etcher/issues/3410
Glad I saw this. I downloaded the tool on recommendation from a forum post when I was reviving my homelab. I’ll nuke it for sure.
balenaEtcher never worked for me. No image that I flashed has been usable to boot. The RPi imager has been working flawlessly
The MX Linux live USB maker should work well on Debian based distros.
Ahh too bad because balenaEtcher just werks for me.
If you actually read the post, you would have known, it does work, but there are some privacy concerns with it:
I did read the post before constructing my comment and that's why I feel sad for seeing privacy concerns popping up at balena, because that's just my fav.
Generally Ventoy is better than both. Choose a dedicated flash storage, flash Ventoy to it, then click and drag as many ISO's as can fit on your drive and you can boot from any one of them at any time.
Much better than Etcher or Rufus, IMO.
Who tf is downvoting? Ventoy is the best
Deleted by author
From literally the same thread: https://lemm.ee/comment/14867214
Unrelated to balenaEtcher but I haven't been able to flash ISO files from Windows 11, either by using Rufus, Etcher, Fedora Media Writer, or even the WSL. I need to borrow a computer running a FLOSS operating system or to install OpenBSD first, and then from OpenBSD to download and burn an ISO file.
That sounds like an issue with your computer rather than W11. I just used Etcher on my W11 desktop to flash Mint XFCE yesterday with no issues.
Thanks for the tip, I'll try that with different computers.
Honestly, if you're using Windows, then you most likely already sent any and all of your secrets to Microsoft anyway. Including that you installed Tails.
I mean for privacy things it makes sense to avoid leaking anything. But I fail to understand where the danger is to have anonymous data that says a user installed "Ubuntu-24.04-wappity-whatever.iso" to "KINGSTON DATA TRAVELER 32GB" at some point.
If anything that seems like worthwhile analytics for the dev team to have access to.
Most software lets you opt out of sending anonymous analytics data though.
They could just ask. "Please allow us to know what you flash and on what device so we can improve the software" yes, no, tell me more, show me the data
Then I would have no problem using the SW, transparency is important to me
It is a trap for people not knowing and government may use it as excuse to activate executive
I used it less than a week ago for a Mint install, worked fine.
If you actually read the post, you would have known, it does work, but there are some privacy concerns with it:
I seriously DGAF who knows which Mint edition I installed or the brand of flash drive I used.
Dude really goes to a cyber security community and hits them with the 'i have nothing to hide'