You have probably heard of Edward Snowden, the former NSA contractor who has leaked documents about the NSA’s spying activities. He needs to keep his communications private and secure, so the question is, what operating system does he use? Linux, of course! He doesn’t use just any old Linux distribution, but one specially designed to protect a user’s privacy and anonymity. Tails (The Amnesic Incognito Live System) is a Linux distro built to preserve your privacy and anonymity, and it has just reached V1.0. We first looked at Tails a couple of years ago when it was just getting started; however, a lot has changed since then.
Tails is a live distribution and is designed to be booted from either a DVD or a USB stick. The advantage of the DVD version is that the system can not be tampered with; however, you can’t store any of your own files. Using a USB stick (or SD card) means that you can store your documents and configuration information on an encrypted part of the flash. On the down side, it is technically possible for a hacker (or spy) to alter the system files on the USB stick and gain access to your communications and data.
To get started, download Tails from https://tails.boum.org/ and burn it onto a DVD drive. Even if your plan is to use it from a USB stick, the best way to install Tails on a USB drive is to boot from the DVD and use the Tails Installer. The Tails website has full instructions about Installing onto a USB stick or SD card.
After boot-up, but before the desktop appears, you will see the Tails Greeter. The Greeter allows you to either log in directly to Tails or set a few options, like Window camouflage mode or MAC address spoofing, before entering the desktop.
The desktop is a fairly vanilla GNOME configuration; however, the power of Tails is in the programs that have been pre-installed. Along with the normal desktop apps, like OpenOffice, Audacity and GIMP, Tails comes with several security-related packages including the Tor Browser, KeePassX, Tails OpenPGP Applet and even a virtual keyboard. The idea behind the virtual keyboard is that it is untraceable by any key-loggers that could have been installed on your system.
At the heart of Tails is Tor (The Onion Router). Tor bounces your web traffic between some of the several thousand relays across the world making it difficult, but not impossible, for anyone to spy on your online activity. This means you should be able to use your webmail and other websites without worrying about eavesdroppers.
Tor starts automatically when you boot Tails, and the Tor Browser home page has a link to check.torproject.org, which will verify if Tor is correctly configured and functioning.
If you don’t use webmail, then Tails includes the Claws email client. As well as being fast and lightweight, Claws has full built-in support for GnuPG. GPG is an open source public key cryptography system based on Phil Zimmerman’s famous PGP program. It allows a user to publicly publish an encryption key which can be used by anyone to send a message to the user, but the message can only be read via the private key, something the user has kept secret and secure.
When you use Tails from a USB stick or SD card you have the option to use the free space to create an encrypted volume where you can store your files, encryption keys and any configuration data. Using this “encrypted persistence volume” allows you to save data between working sessions. You could boot Tails on a laptop, do some work, save your data in the encrypted volume and then shutdown. The next time you boot Tails, not necessarily on the same PC, your data is still there, ready for you to use.
The encrypted storage is configured by the persistent volume assistant, which can be found under Applications -> Tails -> Configure persistent storage. See the Tail’s documentation for more details about using the persistent volume.
Files can also be managed securely thanks to the extensions built into the Nautilus file manager. Instead of simply deleting a file, Nautilus allows you to wipe a file and ensure that nothing of the file remains on the disk. The file will be filled with random data and then deleted. This means that if a hacker was to recover the file, all they would get would be garbage. You can also encrypt files using GPG and public key cryptography.
Tails v1.0 is a significant milestone for the project, and it certainly achieves its goals. It is easy to use and yet offers sophisticated security and anonymity tools which work straight out of the box. The ability to take a USB stick with you anywhere and have access to your data while remaining secure is certainly an attractive prospect. It is really quite clear why Edward Snowden is using it.
If you have any questions about Tails, please feel free to ask them in the comments section and we will see if we can help.