Why not just run an encrypted VM?

I think using tails is the worst idea. If someone finds the usb drive, it is way more incriminating since it's the number 1 touted thing to use on the dark net. And packages of drugs + flash drive with tails on it is pretty incriminating. But if you have an encrtpyed VM that could be for anything (good or bad, it could be argued it's for work much more neatly than tails is). Provided you live in a country where you can't be forced into revealing your decryption passcode.

edit: So I would use EncFS to encrypt the guest OS volume. So basically

  1. Mount the encrpyed drive using encfs.
  2. Go in through virtualbox or whatever and select the guest OS from the mounted (decrpyed) drive made by encfs.

If someone got to my computer, they would only see gibberish files that encfs has, they wouldn't even know it is a VM volume in there. So don't have to worry about discarded the usb drive as there is none.


Comments


[12 Points] None:

[deleted]


[8 Points] redcodefinal:

Wait, wait, what the fuck are you even talking about dude? USB booted sticks like tails tend to store the disk in RAM, not use the storage on the flash drive. You actually have to work kind of hard to get persistence working for USB flash drives, it can be a kind of pain in the ass actually, doubly so if you want the persistence partitionsource encrypted. Encrypted VM is actually one of the dumbest ideas I have ever heard for storing this kind of stuff.

First of all, if a virus, worm, malware, etc, is on your main computer, it has access to everything in your VM ESPECIALLY your encryption password, your encrypted files, your browsing history, keystrokes, hell even that stupid little bridge interface VMs use is easily sniffed, coupled with the private keys stored in memory they technically have everything and can even decrypt TOR and HTTPS traffic. Also if a court were to ask you for your password, you would be legally obligated to give it up or enjoy a nice trip to the clink.

OR, you install Tails on a flash drive, use it for what you need, then when you shut down your computer everything is gone. The only way a government actor could see whats going on (memory, storage,etc) is to have physical access to the computer, while running, and freeze the RAM out of your computer, which would be highly unlikely they would go to that length. Even if they found the stick, there is NOT A SINGLE SHRED OF PROOF you did anything on it. If they have a package of your drugs you already lost dude, encryption doesn't save you from hard evidence like that.

Which one do you think is the better option here, the one where a simple rootkit could compromise your whole operation, or the one where someone has to be physically in the same room as your computer, with the exact right gear (air cans (used to freeze RAM), and a system to pull the RAM off in time), at the exact right time you are using the USB.

Don't be an idiot and save ANYTHING that has to do with what you are doing on the darkweb, especially on a VM whose attack surface is very large (processes running on both the host and guest both present vulnerabilities). It's extremely easy for malware to jump into a VM and out of a VM, as well as inspect anything that has to do with what is going on inside the VM, even if it is encrypted.


[4 Points] uncle_espeon:

Such a terrible idea. If you're really that concerned with a lone tails usb being the final nail in your coffin, just buy a 10 pack of flashdrives and install a different live OS on each one. Congrats, you just graduated from tails user to linux enthusiast.

Besides what OS would you run in the VM? a security oriented, amnesiac flavor of debian?


[3 Points] avxrie:

I don't see it as being a bad idea.

If you can't be forced into giving up your decryption pass, then using owning a Tails USB could only be an issue if your country prohibits the use of Tor.


[2 Points] BetTheYacht:

I thought the Tails OS has volatile memory allocation?


[2 Points] -YOUpeople-:

Running a VM comes with its own set of problems. Your VM can be compromised if the host system is compromised. Tails runs outside of your host system and is self-contained and not subject to that point of compromise. Your only negative point is:

If someone finds the usb drive, it is way more incriminating since it's the number 1 touted thing to use on the dark net.

For one, Tails is used by others than just those in the drug trade. Second, unless Tails is illegal in your jurisdiction and unless LE can force you to provide a password, who the fuck cares if it looks bad. Looking bad should not translate to a conviction. LE can't go into court and say you have Tails and score a conviction just based on that. Honestly, if LE is looking through your electronics, you are already deemed sus as fuck. So its sort of a moot point anyway since if they are searching your shit, you are already deemed suspicious.


[1 Points] iamsafeforworkk:

If the police have a warrant to go through your house and inspect all of your computers, you are already fucked.