-
Tails OSOPERATING SYSTEM
12-0
6-2
015
sad
ee
da
me
en
@g
ma
il.co
m
1
-
INTRODUCTION
Tails is an operating system like Windows or Mac OS, but one
specially designed
to preserve your anonymity and privacy
Tails or The Amnesic Incognito Live System is a security-focused
Debian-
based Linux distribution aimed at preservingprivacy and
anonymity
All its outgoing connections are forced to go through Tor,[4]
and direct (non-
anonymous) connections are blocked
The system is designed to be booted as a live DVD or live USB,
and will leave no
trace (digital footprint) on the machine unless explicitly told
to do so. The Tor
Project has provided most of the financial support for its
[email protected]
2
-
IMPORTANCE
TAILS: THE AMNESIC INCOGNITO LIVE
SYSTEM
USE IT EVERYWHERE, LEAVE NO TRACES
ONLINE ANONYMITY WITH TOR
BEST ENCRYPTION TOOLS
[email protected]
3
-
THE AMNESIC INCOGNITO LIVE SYSTEM
It allows you to use the Internet anonymously almost
everywhere online and on any computer, but leaves no trace
of what you have done, unless you want to
Tails is a live system, that is to say, it is meant to be run
from a DVD or USB stick independently of the system installed on
the computers hard disk.
t is free software based on Debian GNU/Linux. Tails comes
with
applications that have been configured with security in
mind:
web browser, instant messaging client, email client, office
suite, image and sound editor and so on
[email protected]
4
-
[email protected]
5
-
USE IT EVERYWHERE, LEAVE NO TRACES
You can use it at home, at a friends or at the local library
Once you have removed the Tails DVD or USB stick from the
computer, it can restart with its usual operating system
Tails is configured so as not to use the computer hard disk
or
even its swap space
The only space use by Tails is the RAM memory, which is
automatically erased when the computer is turned off,So
your use of Tails will leave no trace. That is why it is
called
[email protected]
6
-
USE IT EVERYWHERE, LEAVE NO TRACESCONT
This allows you to work on a sensitive file on any computer and
prevent the
data being recovered after the computer is turned off.
This allows you to work on a sensitive file on any computer and
prevent the
data being recovered after the computer is turned off.
[email protected]
7
-
ONLINE ANONYMITY WITH TOR
Tails relies on the Tor networks to protect your online
privacy
All software is configured to connect through Tor and direct
connections
(that do not guarantee your anonymity) are blocked.
Tor is free software that allows you to protect your privacy and
guarantee
your confidentiality online.
It protects you by sending your communications around a
distributed
network of relays run by volunteers all over the world
It prevents anyone who may be monitoring your Internet
connection from
discovering which sites you visit, and it prevents the sites you
visit from discovering where you are.
[email protected]
8
-
BEST ENCRYPTION TOOLS
Tails also includes a range of tools for protecting your data by
means of strong encryption
Encrypt your USB stick or external hard disks with LUKS, the
Linux standard for volume
encryption.
Automatically encrypt your communications with websites using
HTTPS Everywhere, a
Firefox extension developed by the Electronic Frontier
Foundation.
Use OpenPGP, the standard in its field, to encrypt and sign your
emails and documents
from the Tails email client, text editor or file browser.
Protect your instant messaging conversations using OTR, a
cryptographic tool that
provides encryption, authentication and deniability.
Delete your files safely and clean your disk space using
Nautilus Wipe.
[email protected]
9
-
TAILS OS
General characterestics Tails
Supported hardware x86 compatible and/or Virtual
Machines
Based on Tor, Debian
Gateway and torify any operating
system [Not a torifying Gateway.
Responsible for building Tor
circuits(Network)
Tor client running on workstation
Workstation does not have to trust
Gateway
Not a gateway
Local Disk Encryption Yes, for persistent USB.
Cold Boot Attack Protection Yes
[email protected]
10
-
GNOME Desktop
The main drawback of GNOME is that it requires quite a lot
of
resources to work properly, but it has many advantages. The
GNOME Desktop is:
Well integrated, especially for new Linux users.
Very well translated and documented.
Doing relatively good regarding accessibility features.
Actively developed.
Well maintained in Debian, where it is the default desktop
[email protected]
11
-
[email protected]
12
-
Hardware compatibility
Tails automatically detects the type of
processor of the computer and loads a 32-
bit or a 64-bit kernel accordingly.
Tails is only available on the x86 and x86_64
architectures
Tails does not work on the ARM
architecture
[email protected]
13
-
INSTALLATION
This is not possible using the recommended installation methods.
Tails is
designed to be a live system running from a removable media:
DVD, USB
stick or SD card.
This is a conscious decision as this mode of operation is better
for what we
want to provide to Tails users: amnesia, the fact that Tails
leaves no traces on the computer after a session is closed.
Tails provides upgrades every 6 weeks, that are thoroughly
tested to
make sure that no security feature or configuration gets
broken
If you upgrade the system yourself using apt-get or Synaptic,
you might break things. Upgrading when you get a notification from
Tails Upgrader
is [email protected]
14
-
WEB BROWSER
Tor Browser(Javascript enabled)
Many websites today require JavaScript to work correctly. As
a
consequence JavaScript is enabled by default in Tails to
avoid
confusing many users. But the Torbutton extension, included in
Tails,
takes care of blocking dangerous JavaScript functionalities
Tor Browser also includes a security slider and the NoScript
extension to
optionally disable more JavaScript. This might improve security
in some
cases. However, if you disable JavaScript, then the fingerprint
of your
browser will differ from most Tor users. This might break your
anonymity
[email protected]
15
-
NETWORKING
USING A VPN INSTEAD OF TOR
It is a very fundamental assumption of Tails to force all
outgoing traffic to
anonymity networks such as Tor or I2P. VPN are not anonymity
networks, because
the administrators of the VPN can know both where you are
connecting from and
where you are connecting to. Tor provides anonymity by making it
impossible for a
single point in the network to know both the origin and the
destination of a
connection
[email protected]
16
-
NETWORKINGCONT
USING A VPN TO CONNECT TO TOR (VPN BEFORE TOR)
In some situations, you might be forced to use a VPN to connect
to the Internet,
for example by your ISP. This is currently not possible using
Tails.
Tor bridges can also be useful to bypass the limitations imposed
by your ISP.
CONNECTING TO A VPN USING TOR (VPN AFTER TOR)
In some situtations, it can be useful to connect to a VPN
through Tor:
To access services that block connections coming from Tor.
To access ressources only available inside a VPN, for example at
your company
or University.
This is currently not possible easily using Tails.
[email protected]
17
-
Software not included in Tails
This software is already available in Debian, as this is a
requirement
to be included in Tails. Adding to Tails software which is not
in
Debian imply an additional workload that could compromise
the
sustainability of the project. On top of that, being in Debian
brings
many advantages:
It is included in the Debian process for security updates
and
new versions.
It is authenticated using OpenPGP signatures.
It is under the scrutiny of the Debian community and its many
users and derivatives, including Ubuntu.
[email protected]
18
-
Software not included in Tailscont
Developers also try to limit the amount of software included in
Tails, and we only
add new software with a very good reason to do so:
We try to limit the growth of the ISO image and automatic
upgrades.
More software implies more security issues.
We avoid proposing several options to accomplish the same
task.
If a package needs to be removed after its inclusion, for
example because of
security problems, then this might be problematic as users might
rely on it.
[email protected]
19
-
OTHER SECURITY ISSUES
Tails on a compromised system
Tails runs independently from the operating system installed
on
the computer. So, if the computer has only been compromised
by software, running from inside your regular operating
system
(virus, trojan, etc.), then it is safe to use Tails. This is
true as long
as Tails itself has been installed using a trusted system.
If the computer has been compromised by someone having
physical access to it and who installed untrusted pieces of
hardware, then it might not be safe to use Tails.
[email protected]
20
-
Other security issuescont
Integrity of a Tails device
To verify the integrity of a DVD from a separate trusted
system,
you can verify the signature of the ISO image as documented
in verify the ISO image using the command line against the
DVD
itself.
There is no documented method of verifying the integrity of
a
USB stick or SD card installed using Tails Installer. However,
if you
have another trusted Tails device, you canclone it onto the
untrusted device to reset it to a trusted state.
[email protected]
21
-
Tails is a live system that aims to preserve your privacy and
anonymity. It
helps you to use the Internet anonymously and circumvent
censorship
almost anywhere you go and on any computer but leaving no
trace
unless you ask it to explicitly.
It is a complete operating system designed to be used from a
DVD, USB
stick, or SD card independently of the computer's original
operating
system. It is Free Software and based on Debian GNU/Linux.
[email protected]
22
-
[email protected]
23
