Follow-up question: is the use case for Tails still relevant? The main premise is that public computers might be bugged, and so you can plug this in and be less worried about it. However, public computers aren’t really a thing anymore, and the ones that are left might have secure boot or other BIOS security that might prevent booting from USB.
Also, I am puzzled as to why they picked GNOME, which is a resource hogger. Don’t these public computers have little RAM? I’d assume that 4 GB is already generous.
If you use it correctly, it’s just about as private as you can get.
There are limits to keep in mind. The internet itself is an American military technology (as is TOR). So if you’re hiding something more delicate than porn history I would get educated.
Depends on your goals and your threat model. Tails is kinda 80% “I think a TLA will kick down my door or take my computer at the border physically” or you want to use untrusted hardware and 20% “I want to avoid online tracking”. If you’re worried about online tracking only it might not be the place to start out.
Very anonymous, it routes all traffic though the tor network and blocks all direct connections except for the unsafe browser.
Of course tor cannot protect you from bad opsec, the user installing malware on it or a powerful enough opponent that can analyse both entry and exit nodes (or just owns 0 day exploits). But for most common people it’s pretty damn anonymous I would say.
can analyse both entry and exit nodes
has this ever been demonstrated in practice?
I’m not sure how anonymous it is, but it’s really handy for seeing the last n lines of a file.
If you use it as non-persistence thumb drive, it’s pretty good. There are still ways you can start to fingerprint it’s use but in general as long as you do everything right it’s solid.
Could the same be achieved by running it in a VM?
Yes and no.
It’s point is to limit identifiable information for any operations done on the os. Using it within a VM only sets it within a box, any use of the OS to connect to the outside world, or create some file with longer term persistence will finger print you as that main OS is the pass-through between the VM and the outside world.
Giving an example of how I might use it would help:
If I’m speaking with an international activist, early career reporter, or high-risk private sector worker, I have a custom tails that I can flash and offer them to use.
For a private sector worker it has a doc on some basic information on requesting whistle-blower protection from a given government, agency contact points, etc.
For a reporter or activist it might have a doc on how to ensure they have a social safety net for informing others of their movements, basic tools for performing field work if local computers might be being monitored, and of course how to connect to the internet in areas where traffic monitoring is routine.
I can have that information persistent on the drive only useful for reference, while the rest of the OS can be used as intended without being easily fingerprinted as intended, but only if that drive is the ONLY thing that’s acting as any form of operation on a computer. If it’s on a VM, installed onto an onboard drive, it looses some of it’s ability to act as a real tool.
So the risk is more about what breadcrumbs I leave on the host OS?
It’s more the inverse, the host OS running a VM will fingerprint any information you are sending out.
If your plan is to just run it offline through a VM, then it’s unlikely to leave much persistent information.
Tails is meant as a secure non-persistent tool for communication at it’s base, and that’s what it is best for. I might recommend looking at running a properly containerized environment on your VM for getting similar effects if you’re working on software and OS testing, it’s how I go. Think rolling vs production environments.
Got it, thanks!
Only if you learn how to use it correctly
