Privacy with Tails
Nate Drake explores the latest additions to the Tails armoury to keep your data private online.
Attendees of Eurocrypt 2016 in Vienna, earlier this year, were lucky enough to receive an information sheet and a USB with a live version of Tails preinstalled. Since 1987, the conference has been set up to promote the privacy of your data through encryption and anonymising techniques and Tails has often been a subject of presentations. Now it seems the conference organisers have decided that privacy lovers should have their own copy. For those who are new to Tails, it’s, in simple terms, an OS which has been created primarily with security in mind. This is achieved by using a carefully handpicked suite of applications as well as routing all internet traffic through the Tor network, which results in much higher anonymity and much slower speeds.
Used in the past by the likes of Edward Snowden, the result is an out-of-the-box privacy OS with its own set of advantages and drawbacks. Linux lovers will be aware that most iterations of popular OS’ can be used in a ‘live’ mode whereby the system boots entirely from a DVD or USB stick.
This is an excellent feature to help you get a feel for a particular flavour of Linux to see if it’s really meant for you. The other advantage, which Tails exploits, is that once you remove the DVD/USB, no trace of your activities are left on the machine —the hard drive is left out of the loop entirely.
The case for Tails
When the subject of privacy comes up among Linux users, people usually fall between two camps. The first camp claim that there’s no such thing as online privacy and that the only way to keep your data safe is to go and live in an underground cavern while wrapping your head in tinfoil.
The other extreme are those people who feel that they cannot imagine any situation in which they would ever need an OS like Tails as they have nothing to hide. At this point, it’s usually a good idea to ask if they have curtains, if they’d give you their credit card number or indeed why they don’t walk around naked with all their secrets written on their skin.
For the rest of us in the middle, who may be concerned about the Investigatory Powers Bill in the UK or Apple’s fight with the FBI to weaken encryption in the US, the new features in Tails 2.5 offer stronger ways of remaining anonymous online than the previous iteration [see Reviews, p18, LXF204].
First, Tails has become much easier to download, depending on the platform you’re using. Visitors to the website ( https://tails.boum.org) will see that the site is much more polished and all you do is select your operating system to download right version.
The team behind Tails has also closed down its IRC channel and set up a chatroom using XMPP. This is easily set up using Pidgin, the built in instant messenger. As in previous versions, Pidgin comes with OTR (Off the Record) messaging built in, which means that messages are encrypted before they ever leave your device and is a must to keep your conversations private.
Since our previous review, the clunky and outdated Vidalia software has also now been replaced with a simple system status icon indicating whether or not Tails is connected to the Tor network. The latest version of Tails also patches a few major vulnerabilities from previous versions. Back in February, the Tails project announced that the email client used at the time, Claws Mail was in fact storing plain text copies of all emails accessed by IMAP on the server. There wasn’t a quick and easy way to fix this vulnerability therefore the mail client has now been replaced with Ice Dove, an unbranded version of MozillaThunderbird.
IceDove includes the fantastic Enigmail plugin, which not only now uses the secure HKPS OpenPGP server but has an excellent setup wizard to generate your own keypair to encrypt your e-mails. A mail setup assistant is now also included out of the box meaning IceDove will load your configuration settings if you have a common email provider. ( seeFortheKey-RingsofIceDovebox,p36.)
Under the hood, both the firewall and kernel have been hardened and numerous security vulnerabilities from Tails 2.3 and 2.4 have been fixed.
The TorBrowser has been updated to version 6.0.3 which is based on Firefox45.3. The usual extensions Adblock Plus and HTTPS Everywhere have been included to remove pesky ads and enforce SSL where possible.
Since February of 2016, Tails2.x has been based on Debian 8 (Jessie) with the Classic Gnome Shell desktop environment, which makes for a much slicker look and feel than before. Live systems will usually take a little longer to respond than those installed on a hard drive, but the admittedly spartan desktop reacts with lightning speed.
Although Tails isn’t recommended for day-to-day use, it’s good to see that some effort has been made in the past year to make it more accessible in other ways.
Support for playing DRM protected DVDs out of the box has now been included. Media die-hards will also appreciate the inclusion of updated versions of Audacity and Traverso, which are multi-track audio recorders and editors, as well as
SoundJuicer for ripping CDs. Those in need of a video editor to splice an instruction video for their next diamond heist can also make use of Pitivi, which was the pre-bundled video editor for Ubuntu up until October 2011.
Tails 2.5 also comes with the awesome LibreOffice preinstalled although as with other bundled applications, it’s not the latest version as being based on Debian, applications are chosen for stability over novelty. This means you may not be able to use the latest features in your favourite applications. Technically, it’s also possible to install additional programs or manually update others from the terminal but doing so can undermine your anonymity through ‘browser fingerprinting’.
The Sting in the tail
Even if you decide to stay with the suite of default applications, you’ll find that unless you copy your content to an external drive or enable persistence, everything will be lost when you next restart the machine. The Tails project website is also pretty open about the vulnerabilities of its own technology, it has an extensive list of attacks against which using Tails (even the most recent version) won’t protect. Much of these are the same as for using the TorBrowser. If, for instance, you have a global adversary like a shadowy three-letter government organisation capable of monitoring all the Tor entry and exit nodes, they may see that you were on the network around the same time your YouTube account was accessed.
This can be mitigated by finding out if websites have a deep web (.onion) address and visiting that instead, eg the main page for Riseup ( https://riseup.net), which provides online communication tools for people and groups working on liberatory social change, is nzh3fv6jc6jskki3.onion. This means your traffic never leaves the Tor network.
In previous versions of Tails, it was also possible to put off casual snoopers by disguising the distinctive Tails desktop so that it resembled Microsoft Windows but this feature has been disabled for the time being pending an update.
Tails is an open source so expert coders can regularly review the code and check it for bugs or backdoors. However, the security features built into Tails 2.5 won’t be much use if you are a victim of DNS poisoning and are redirected to a similar-looking website to download a compromised version of the software. For this reason, it’s very important to use a feature now available on the Tails website to verify the cryptographic hash of the ISO file you’re downloading to make sure it’s the real deal. The Tails project also can’t protect against a system where the hardware is compromised, such
as a USB keylogger which records everything that’s typed. Users can reduce the risk of this by using Tails built-in virtual keyboard ‘Florence’ located at the top right.
For those people who do choose the persistence route it’s important to bear in mind that Tails doesn’t strip out metadata from your files by default, eg the name of a document’s author. Fortunately, Tails does come with MAT (Metadata Anonymisation Toolkit) which can remove names of authors, GPS locations etc from documents. Additionally, to quote the website directly, Tails also ”doesn’t make your crappy passwords stronger.” A weak password can be brute -forced by a moderately fast computer in minutes or hours, no matter which ultra secure OS you decide to choose. Mercifully, Tails comes to the rescue here offering PWGen which can generate secure passwords. This application is actually surplus to requirements as the excellent Password Manager, KeepassX, also has a feature to generate passwords using randomness that’s obtained from wiggling your mouse.
For those who don’t wish to enable persistence, it may be an idea to write down new passwords (using a Diceware word list http://bit.ly/DicewarePassPhrase is one excellent way). Tails 2.5 also comes with paperkey, which is an command-line tool which will allow you to back up your OpenPGP keys on paper too.
If, like many dark web users, you have some bitcoins and want somewhere safe to put them, Tails comes with the brilliant lightweight ElectrumBitcoinWallet. You can either enable the bitcoin client persistence feature to make sure your coins are available to spend, or you can leave Tails in live mode and write down your wallet’s ‘seed’, a chain of words that will let you recover your wallet at any time.
Isolating applications
On a technical note, since switching to using Debian, the Tails team have been trying to isolate specific applications using AppArmor. This is enabled on the kernel command line whenever you use Tails and tries to make sure for instance that Pidgin Messenger can’t access your GnuPG keyring. The development team so far has had mixed success with the live version of Tails, so it’s safe to say this privacy measure is a work in progress.
In addition, in case your USB stick is ever seized, the LUKS Persistent volume is encrypted, but by default any documents you save elsewhere will not be. Therefore, if you decide to go undercover in North Korea (or in IKEA) and save your report to another USB stick, anyone in possession of the stick will be able to read it. However, Tails Disk Utility does allow you to encrypt an external drive with a password before transferring files over.
Note that, as the tinfoil hat brigade are fond of pointing out, the very fact that you are using an OS such as Tails can draw unwanted attention, by the notion that you’re using an OS with a strong emphasis on privacy which means you have something to hide. Additionally, by default, Tails does nothing to disguise itself when installed on a DVD or USB stick, so if it’s found in your Louis Vutton bag next time you’re at a border checkpoint, you may find you’re asked some difficult questions. An excellent if expensive workaround for this is to visit the Tails website as outlined in the setup guide ( seep37) each time you need to use it and install it to a fresh DVD.
Finally, as noted on the website, Tails is a work in progress. A look at all the security vulnerabilities that are fixed in various versions are enough to make a grown person weep. Take the time to explore the operating system and its limitations and if you feel there’s an application that would better suit your purposes, don’t be afraid to head to https://tails.boum.org to provide your feedback.