"Tails or The Amnesic Incognito Live System is a security-focused Debian-based Linux distribution aimed at preserving privacy and anonymity. It is the next iteration of development on the previous Gentoo-based Incognito Linux distribution. All its outgoing connections are forced to go through Tor, and direct (non-anonymous) connections are blocked. The system is designed to be booted as a live DVD or live USB, and will leave no trace (digital footprint) on the machine unless explicitly told to do so. The Tor Project has provided most of the financial support for development. Laura Poitras, Glenn Greenwald, and Barton Gellman have each said that Tails was an important tool they used in their work with Edward Snowden"
Thanks for posting this! I know I can just google it, but since the link from this item does absolutely nothing to just say what the hell Tails actually is, I probably wouldn't have bothered. Glad you posted this because it's actually good stuff to know about!
This also has some good information about some practical uses of Tails. Not sure much about the claims of the article and their truths (was an entertaining read though), but it gives some further details about Tails for the inquiring mind.
Do note that write-protect switches often only ask that software not write to the drive (Host protect), and are not sufficient to protect against a malicious entity.
Unless an examination revealed otherwise it is wise to assume that the write protection media is a software protection, not a hardware protection.
SD cards have a physical switch to write-protect them, but the logic & protection is done in software.
For example, there's a project that provides replacement firmware for Canon cameras - http://chdk.wikia.com/wiki/CHDK - stored on the SD card. The new firmware is selected by moving the write-protect switch on the card. In either configuration, the camera can still save new photos to the storage.
It would be nice if their bootloader "just" loaded the entire image into RAM and let the user continue booting and running without the USB drive attached. Optical drives are on their way out, USB drives with a trustworthy write switch are obscure (if they exist at all) and this seems quite secure. I'm using scare quotes because I don't know how difficult this is.
I agree that this seems like the best compromise: Have the bootloader load the squashfs (or whatever) to RAM, and then unmount and prompt you to remove the media before executing the kernel. In order to compromise that, you'd have to corrupt the process which creates the flash drive originally; if that's been achieved then it's game over regardless.
Unfortunately, many/most laptops do not support booting from SD cards. If you were to store the main image on an SD card, you'd still need a cd/dvd/usb drive to load the bootloader.
If you are going to use it on a DVD drive or otherwise then make sure your update it regularly (ie: download and burn a new DVD etc) to make sure your OS and various tools have the latest patches. Otherwise you are much more vulnerable. All the time people forget and end up using a very old version.
An adversary could modify your image.
It's possible that they could have your copy phone home through a non-anonymized route, revealing information about your identity.
They could also make it so that your route all information through their nodes, or eavesdrop through a built-in microphone or camera.
All sorts of nasty things, all with persistence between boots.
Interesting. Do you mean by physically accessing the USB drive and changing it, or software that waits to modify the USB drive once connected? Thank you!
I was talking about using a USB drive as the medium for your Tails Live"CD."
The point of Tails is that unless you explicitly take action to make changes or save files, nothing that you do will be persistent across restarts. The memory of the PC you were using is wiped, and the medium on which you store the Tails OS has not been modified. The next time you start Tails you will have a fresh copy. No personal information, no settings that could distinguish you from any other vanilla Tails user. You'll be presented with the same toolkit tailored to privacy and security every time.
If an attacker is able to compromise one session it is a problem, but maybe they didn't gather the intelligence they needed to de-anonymize you. Now, if they can make it so that your copy of Tails boots with their exploits already loaded, then there's a major problem.
Can't you get one of those U3 drives that appear as a USB DVD drive? It requires loads of time and special software to reflash, but I'm not sure if they're available any more.
Then again, a malicious actor may just go through the trouble of bypassing the protections.
The planned update to Wheezy is important because it brings an update to OpenSSL. Updating OpenSSL on Squeeze is time-consuming and buggy, and a later version is required to run several software packages including Bitmessage.
I can't wait for the pending UEFI support[1] so that I can use the official installer for Tails and boot with my Mac. Currently I have to use a custom installer[2] to get it to work.
Please don't start using it as your permanent OS. As soon as you start regular browsing in tails you are overdoing it.
Tails is excellent for posting anonymous information to the internet, as long as it is a one time thing. If you first browsed reddit, read your (g)mail or looked at facebook, you are still quite easily identifiable!
"Tails or The Amnesic Incognito Live System is a security-focused Debian-based Linux distribution aimed at preserving privacy and anonymity. It is the next iteration of development on the previous Gentoo-based Incognito Linux distribution. All its outgoing connections are forced to go through Tor, and direct (non-anonymous) connections are blocked. The system is designed to be booted as a live DVD or live USB, and will leave no trace (digital footprint) on the machine unless explicitly told to do so. The Tor Project has provided most of the financial support for development. Laura Poitras, Glenn Greenwald, and Barton Gellman have each said that Tails was an important tool they used in their work with Edward Snowden"
http://en.wikipedia.org/wiki/Tails_(operating_system)