sadeedameen@gmail.
com
1
12-06-2015
Tails OS
OPERATING SYSTEM
2
INTRODUCTION
Tails is an operating system like Windows or Mac OS, but one specially designed
to preserve your anonymity and privacy
Tails or The Amnesic Incognito Live System is a security-focused Debian-
based Linux distribution aimed at preservingprivacy and anonymity
All its outgoing connections are forced to go through Tor,[4] and direct (non-
anonymous) connections are blocked
The system is designed to be booted as a live DVD or live USB, and will leave no
trace (digital footprint) on the machine unless explicitly told to do so. The Tor
Project has provided most of the financial support for its development.
sadeedameen@gmail.com 12-06-2015
3
IMPORTANCE
TAILS: THE AMNESIC INCOGNITO LIVE
SYSTEM
USE IT EVERYWHERE, LEAVE NO TRACES
ONLINE ANONYMITY WITH TOR
BEST ENCRYPTION TOOLS
sadeedameen@gmail.com 12-06-2015
4
THE AMNESIC INCOGNITO LIVE SYSTEM
It allows you to use the Internet anonymously almost
everywhere online and on any computer, but leaves no trace
of what you have done, unless you want to
Tails is a “live” system, that is to say, it is meant to be run from a
DVD or USB stick independently of the system installed on the
computer’s hard disk.
t is free software based on Debian GNU/Linux. Tails comes with
applications that have been configured with security in mind:
web browser, instant messaging client, email client, office
suite, image and sound editor and so on
sadeedameen@gmail.com 12-06-2015
5
sadeedameen@gmail.com 12-06-2015
6
USE IT EVERYWHERE, LEAVE NO TRACES
You can use it at home, at a friend’s or at the local library
Once you have removed the Tails DVD or USB stick from the
computer, it can restart with its usual operating system
Tails is configured so as not to use the computer hard disk or
even its swap space
The only space use by Tails is the RAM memory, which is
automatically erased when the computer is turned off,So
your use of Tails will leave no trace. That is why it is called
“amnesic
sadeedameen@gmail.com 12-06-2015
7
USE IT EVERYWHERE, LEAVE NO TRACES
CONT
This allows you to work on a sensitive file on any computer and prevent the
data being recovered after the computer is turned off.
This allows you to work on a sensitive file on any computer and prevent the
data being recovered after the computer is turned off.
sadeedameen@gmail.com 12-06-2015
8
ONLINE ANONYMITY WITH TOR
Tails relies on the Tor networks to protect your online privacy
All software is configured to connect through Tor and direct connections
(that do not guarantee your anonymity) are blocked.
Tor is free software that allows you to protect your privacy and guarantee
your confidentiality online.
It protects you by sending your communications around a distributed
network of relays run by volunteers all over the world
It prevents anyone who may be monitoring your Internet connection from
discovering which sites you visit, and it prevents the sites you visit from
discovering where you are.
sadeedameen@gmail.com 12-06-2015
9
BEST ENCRYPTION TOOLS
Tails also includes a range of tools for protecting your data by means of strong encryption
Encrypt your USB stick or external hard disks with LUKS, the Linux standard for volume
encryption.
Automatically encrypt your communications with websites using HTTPS Everywhere, a
Firefox extension developed by the Electronic Frontier Foundation.
Use OpenPGP, the standard in its field, to encrypt and sign your emails and documents
from the Tails email client, text editor or file browser.
Protect your instant messaging conversations using OTR, a cryptographic tool that
provides encryption, authentication and deniability.
Delete your files safely and clean your disk space using Nautilus Wipe.
sadeedameen@gmail.com 12-06-2015
10
TAILS OS
General characterestics Tails
Supported hardware x86 compatible and/or Virtual
Machines
Based on Tor, Debian
Gateway and torify any operating Not a torifying Gateway.
system [
Responsible for building Tor Tor client running on workstation
circuits(Network)
Workstation does not have to trust Not a gateway
Gateway
Local Disk Encryption Yes, for persistent USB.
Cold Boot Attack Protection
sadeedameen@gmail.com Yes 12-06-2015
11
GNOME Desktop
The main drawback of GNOME is that it requires quite a lot of
resources to work properly, but it has many advantages. The
GNOME Desktop is:
Well integrated, especially for new Linux users.
Very well translated and documented.
Doing relatively good regarding accessibility features.
Actively developed.
Well maintained in Debian, where it is the default desktop
environment.
sadeedameen@gmail.com 12-06-2015
12
sadeedameen@gmail.com 12-06-2015
13
Hardware compatibility
Tails automatically detects the type of
processor of the computer and loads a 32-
bit or a 64-bit kernel accordingly.
Tails is only available on the x86 and x86_64
architectures
Tails does not work on the ARM
architecture
sadeedameen@gmail.com 12-06-2015
14
INSTALLATION
This is not possible using the recommended installation methods. Tails is
designed to be a live system running from a removable media: DVD, USB
stick or SD card.
This is a conscious decision as this mode of operation is better for what we
want to provide to Tails users: amnesia, the fact that Tails leaves no traces
on the computer after a session is closed.
Tails provides upgrades every 6 weeks, that are thoroughly tested to
make sure that no security feature or configuration gets broken
If you upgrade the system yourself using apt-get or Synaptic, you might
break things. Upgrading when you get a notification from Tails Upgrader
is enough
sadeedameen@gmail.com 12-06-2015
15
WEB BROWSER
Tor Browser(Javascript enabled)
Many websites today require JavaScript to work correctly. As a
consequence JavaScript is enabled by default in Tails to avoid
confusing many users. But the Torbutton extension, included in Tails,
takes care of blocking dangerous JavaScript functionalities
Tor Browser also includes a security slider and the NoScript extension to
optionally disable more JavaScript. This might improve security in some
cases. However, if you disable JavaScript, then the fingerprint of your
browser will differ from most Tor users. This might break your anonymity
sadeedameen@gmail.com 12-06-2015
16
NETWORKING
USING A VPN INSTEAD OF TOR
It is a very fundamental assumption of Tails to force all outgoing traffic to
anonymity networks such as Tor or I2P. VPN are not anonymity networks, because
the administrators of the VPN can know both where you are connecting from and
where you are connecting to. Tor provides anonymity by making it impossible for a
single point in the network to know both the origin and the destination of a
connection
sadeedameen@gmail.com 12-06-2015
17
NETWORKING
CONT
USING A VPN TO CONNECT TO TOR (VPN BEFORE TOR)
In some situations, you might be forced to use a VPN to connect to the Internet,
for example by your ISP. This is currently not possible using Tails.
Tor bridges can also be useful to bypass the limitations imposed by your ISP.
CONNECTING TO A VPN USING TOR (VPN AFTER TOR)
In some situtations, it can be useful to connect to a VPN through Tor:
To access services that block connections coming from Tor.
To access ressources only available inside a VPN, for example at your company
or University.
This is currently not possible easily using Tails.
sadeedameen@gmail.com 12-06-2015
18
Software not included in Tails
This software is already available in Debian, as this is a requirement
to be included in Tails. Adding to Tails software which is not in
Debian imply an additional workload that could compromise the
sustainability of the project. On top of that, being in Debian brings
many advantages:
It is included in the Debian process for security updates and
new versions.
It is authenticated using OpenPGP signatures.
It is under the scrutiny of the Debian community and its many
users and derivatives, including Ubuntu.
sadeedameen@gmail.com 12-06-2015
19
Software not included in Tails
cont
Developers also try to limit the amount of software included in Tails, and we only
add new software with a very good reason to do so:
We try to limit the growth of the ISO image and automatic upgrades.
More software implies more security issues.
We avoid proposing several options to accomplish the same task.
If a package needs to be removed after its inclusion, for example because of
security problems, then this might be problematic as users might rely on it.
sadeedameen@gmail.com 12-06-2015
20
OTHER SECURITY ISSUES
Tails on a compromised system
Tails runs independently from the operating system installed on
the computer. So, if the computer has only been compromised
by software, running from inside your regular operating system
(virus, trojan, etc.), then it is safe to use Tails. This is true as long
as Tails itself has been installed using a trusted system.
If the computer has been compromised by someone having
physical access to it and who installed untrusted pieces of
hardware, then it might not be safe to use Tails.
sadeedameen@gmail.com 12-06-2015
21
Other security issues
cont
Integrity of a Tails device
To verify the integrity of a DVD from a separate trusted system,
you can verify the signature of the ISO image as documented
in verify the ISO image using the command line against the DVD
itself.
There is no documented method of verifying the integrity of a
USB stick or SD card installed using Tails Installer. However, if you
have another trusted Tails device, you canclone it onto the
untrusted device to reset it to a trusted state.
sadeedameen@gmail.com 12-06-2015
22
Tails is a live system that aims to preserve your privacy and anonymity. It
helps you to use the Internet anonymously and circumvent censorship
almost anywhere you go and on any computer but leaving no trace
unless you ask it to explicitly.
It is a complete operating system designed to be used from a DVD, USB
stick, or SD card independently of the computer's original operating
system. It is Free Software and based on Debian GNU/Linux.
sadeedameen@gmail.com 12-06-2015
23
sadeedameen@gmail.com 12-06-2015