Linux Distro: Tails - You Can Never Be Too Paranoid
Tails is a live media Linux distro designed boot into a highly secure desktop environment. You may remember that we looked at a US government distro with similar aims a few months ago, but Tails is different because it is aimed at the privacy conscious “normal user” rather than government workers.
Tails takes the form of a bootable live image that can be used from a CD ROM, a USB stick or via a network boot. Once booted, it executes from RAM, taking care not to make use of a swap partition. The desktop is Gnome 2.0 and the applications are a fairly standard selection. The web browser is an old, but usable, version of Iceweasel 3.5 (Debian Firefox). There are other applications to handle graphics work, audio editing, media playback, text editing, instant messaging and a email client - basically, everything you need when you’re on the run from enemy agents. Extra software can be added via the Synaptic package manager which pulls directly from the Debian repositories. So far, so similar to most other live desktop distros. Security and limited footprint on the the host machine are the areas in which the distro differs from the run of the mill.
All interactions with the Internet are passed through Tor an anonymization system. Using Tor, Tails pipes all Internet traffic emanating from your computer through a constantly shifting set of relays that are operated by a network of volunteers. Consequently, it’s then difficult for anyone to monitor your activity on the web or for web hosts to pinpoint your location. In short, your web activities are anonymous. It’s hardly an exhaustive test, but sure enough, when I visited Google News, it presumed that was located in a different country after each reboot.
The desktop itself is pretty standard fare.
The supplied version of Iceweasel comes with an extension to enable end to end encryption (HTTPS) whenever possible in order to further increase security and another one to switch Tor on and off. Many of the applications that are supplied have been tweaked in this way, to improve security. Tails also wipes the contents of RAM on shutdown, and it has a little onscreen keyboard to bypass hardware key loggers. Note that it isn't loaded down with security tools, such as those for penetration testing, although such tools can be added via the package manager. The aim of the distribution is clearly to provide a secure client and tools rather than to provide a ready-made platform for hacking.
There’s nothing to stop you using Tor to give you a secure general purpose desktop whenever you are forced to use a machine that you are not 100% sure about, security wise. Handy, if you want to check financial or other sensitive information. Beyond that, it comes into its own for denizens of oppressive regimes in which governments actively monitor Internet use and persecute free expression.
From the walkthough document:
So, what should you do when you hear them knocking? You should calmly make a clean shut-down [...] Then you wait, possibly trying to buy valuable time by barricading your door.
The Tails website.
UK based freelance writer Michael Reed writes about technology, retro computing, geek culture and gender politics.
- High-Availability Storage with HA-LVM
- March 2015 Issue of Linux Journal: System Administration
- DNSMasq, the Pint-Sized Super Dæmon!
- Localhost DNS Cache
- Real-Time Rogue Wireless Access Point Detection with the Raspberry Pi
- Days Between Dates: the Counting
- PostgreSQL, the NoSQL Database
- The Usability of GNOME
- Linux for Astronomers
- Multitenant Sites