Silk Road forums

Discussion => Newbie discussion => Topic started by: bluegreen23 on June 15, 2013, 03:01 pm

Title: not so technically gifted trying to understand tails
Post by: bluegreen23 on June 15, 2013, 03:01 pm
so tails is an OS, that can be booted from a usb. got that. in tails you can run gpg4usb (or similar), tor, and bitcoin-qt (wallet) ?????

what other programs are on tails?
what makes it safe exactly? it doesn't keep any records? it can be wiped and removed?
can tails be run on a system with windows (or other OS) so that you boot from usb unless there is no usb?
reading that tails can be cleared (everything wiped) and then pull the usb leaving the computer completely clean?

***** this is what I really want to know and not just confirm my understanding of.  Can info be stored on tails ? as in if you do not press the red button to wipe everything out can you shut tails down with data stored on the usb, that you can access the next time you boot up tails with that usb?

get what I'm saying? a data store that will hold the info for as long as you don't press the red button no matter how many times you shut down and remove the usb. could this allow you to say write a txt doc on tails. shut down the computer. pull the usb. go to a friends house, plug tails in, boot it up and open the txt doc and have the info there?
Title: Re: not so technically gifted trying to understand tails
Post by: DisappearAlways on June 15, 2013, 03:53 pm
Tails is a distro (a less technical word might be flavor, or variety) of linux based on the Debian distro, a very popular distro that also serves as the base for distros like Ubuntu. As such, you can install programs on it that are packaged to be installed on a debian system. This includes tons of free software. There are additional things you could probably compile from source if a debian package is not available. Also like most linux distros, it can be "live-booted", which means your computer boots the operating system from a thumb drive right into a working system you can use, and in this case, without leaving any traces on the OS on your hard drive. What makes tails special is that it comes with several security/privacy tools and options installed by default. You get tor for browsing, LUKS for filesystem encryption, and more. As for saving files on the flash drive, I'm not so sure. The idea is to save them on an encrypted flash drive (i.e. some other one you have laying around, that you set up with LUKS), and -somebody correct me if I'm wrong- I don't see how the flash drive you actually intend to boot could be encrypted (at least with software encryption like LUKS).
Title: Re: not so technically gifted trying to understand tails
Post by: DisappearAlways on June 15, 2013, 03:56 pm
About that last part, I misspoke. There is a built in feature to create a volume on the OS's flash drive that you can store files on and encrypt with a passphrase: https://tails.boum.org/doc/first_steps/persistence/index.en.html
Title: Re: not so technically gifted trying to understand tails
Post by: bluegreen23 on June 15, 2013, 04:39 pm
wow that was technically speaking perhaps above my head. at least the first half. but it's good to learn and it's given me more to try and look up. as for the second half, I had no idea. it's pretty impressive little system. More investigation I suppose.

and thankyou
Title: Re: not so technically gifted trying to understand tails
Post by: DisappearAlways on June 15, 2013, 06:28 pm
Sorry, I'll try to give a more noob-friendly answer. I'm assuming you use Windows or OsX as your operating system? Well you might have heard of another operating system called Linux. Actually, linux is not technically an operating system, but just the kernel of one. The kernel is the "meat" of the operating system and takes care of all important tasks far removed from the concerns of the user (loading drivers, controlling power state, loading programs, etc). An operating system has a kernel as well as lots of other software for interacting with the user (anything from command line utilities, to the program that draws a friendly start menu). In the case of Windows or OsX, the kernel is coupled to a specific set of software. You can't really install an alternate desktop interface on top of the Windows kernel, for example. It is a complete, commercial OS. Linux, on the other hand, requires software to run on top of it because it is only a kernel. Since it is open source, anybody can package the kernel along with user software. Such a package is called a distro, and different distros of linux can be very different. The maker of the distro chooses not only the most obvious software like browsers, word processor, etc, but tons of other user-space software that can really alter the functionality of a distro. Most linux distros use lots of sofware made by the GNU foundation, so you may here the more pedantic among us refer to linux as GNU/linux. In the case of tails, somebody said "hey, I'm going to take the linux kernel, GNU software, and customize it to be as secure as possible". Actually, more realistically they started with Debian, another distro. This was then packaged neatly and is distributed to whoever wants to use it. So technically, you could install a bare-bones distro and customize it to be exactly like Tails. The same really goes for any linux distro. Of course, it's 1000 times more convenient to install a working OS with all of that set up. It may seem like a mysterious super-operating-system, but it's really a clever combination of software and default settings. Additionally, because it is based on Debian, which is a well-documented distro with so much software written for it, using Tails should be quite easy.

If you want to get started with it, simply download the iso file from the site, and make a bootable flash drive with it (let me know if you need help with this step). You can boot into the OS without doing any installation or altering anything at all, just to give it a try. I wasn't aware that /any/ live boot linux distro altered your hard drive, but this one specifically says it will not. In fact, in some cases it will not even mount it by default. If you want to save data, check out that persistence feature I linked. Be aware that by doing it like this, the encrypted partition (a partition is just a section of a storage drive) will be visible. It still can't be read without the key, but its presence can be detected. I don't know enough to comment on the likelihood of a) somebody seeing the partition and being able to crack it by guessing the key or b) somebody hitting you with a wrench until you tell them the key, but just be aware those may be technically possible. If you really really want to hide something, there are better options, such as truecrypt. With truecrypt, you can create hidden encrypted partitions that look exactly like random data. This is good for a few reasons. One, nobody will likely find it. Two, if for some reason their attention is drawn to a seemingly random partition, you have good plausible deniability. You can simply say you wrote a bunch of random data to the disk to clear it, or whatever. There is no way to definitively say that it is a hidden partition. Additionally, you can now keep a key-protected outer volume that has normal shit in it, so if somebody got your outer volume password under duress, they would simply see your Rick Astley's greatest hits collection, and have no reason to assume there were any more hidden volumes.
Title: Re: not so technically gifted trying to understand tails
Post by: bluegreen23 on June 16, 2013, 01:14 pm
Thankyou for all the help and explanation. I really appreciate the time and effort.

At this point could you run lets say a laptop with a regular windows OS, and of course a bootable usb with tails. So you start up your computer and it runs through it's priority of where to boot from (usb being first, if no usb then from the HD). Inside tails (i've never opened tails as of yet) I assume it looks like any other desktop more or less once it's booted. So at that point I choose which program I want to use for.. well whatever I'm doing (browser, documents, calculator.. whatever). This is more or less right?

From there (using tails) could you use truecrypt for a small partition on the usb that would be encrypted/hidden and passworded ? So this would make it so that even if you couldn't hit the red button (i've heard there is a read button in tails that wipes everything on the usb) and couldn't somehow pull the usb in time and hide it, that the data saved on it, is safer?

weird side note, can you encrypte text to yourself with gpg4usb? I mean can you encrypt just plain text using your public key? just as a weird side note if you can encrypt a msg and save it in tormail then the only way to retrieve such a msg would be to have access to the tormail account, and access to the computer with the private key on it?
Title: Re: not so technically gifted trying to understand tails
Post by: DisappearAlways on June 16, 2013, 10:36 pm
Exactly. When your computer boots up with the flash drive, it will boot into Tails. As I've mentioned, Linux (and the various full operating systems that get called Linux) is very modular, so the appearance and user interface is going to depend on what desktop manager it comes with. Tails, I believe, comes with KDE, which is a perfectly user friendly DM. You'll find it intuitive. And actually, Tails comes with a theme for KDE that is designed to look like windows XP, so you look less sketchy or something I guess. The browser it comes installed with is called ice weasel (confusingly, in fake windows xp mode, it has the IE icon haha). Anything else you should be able to find in the main menu, which has things organized by category.

Yes, that would make the data safe, except for the following situation: Somebody knows for a fact somehow that you have a hidden partition (knowledge that, according to the makers of truecrypt, cannot be gotten from examining the drive), how many hidden partitions you have, and has the time and resources to crack the key. Basically, I feel okay calling it completely safe. Especially using multiple hidden partitions so you have a "duress password" to give out in case.

With gpg4usb, you can encrypt a message for yourself. After you compose the message, you select whom to "encrypt for:". These people, using their private keys, will be able to decrypt your message. That means you need to have the public keys of the people (or person) you want to send it to. It also that means you should always select yourself as a recipient as well, so you can decrypt the message if you need to. According to the site, the newest release just upgraded to a more secure encryption method, and the keys are set to expire in 5 years, so I'd feel pretty safe using it.
Title: Re: not so technically gifted trying to understand tails
Post by: tallcadre on June 16, 2013, 10:42 pm
DisappearAlways - wish I could grant you some karma for your time and technical expertise! :)
Title: Re: not so technically gifted trying to understand tails
Post by: DisappearAlways on June 16, 2013, 10:46 pm
The pleasure is mine! I could talk about linux all day (at least, the more basic aspects of it, I'm far from an expert)! I was going to spam 50 posts, then I decided maybe I would get to 50 by posting actual helpful content.

Karma is nice, but you've given me a reason to post again, so that's helpful :p
Title: Re: not so technically gifted trying to understand tails
Post by: devilsadvocate on June 17, 2013, 01:49 am
Thanks!
Title: Re: not so technically gifted trying to understand tails
Post by: IamMulva on June 28, 2013, 05:23 pm
The pleasure is mine! I could talk about linux all day (at least, the more basic aspects of it, I'm far from an expert)! I was going to spam 50 posts, then I decided maybe I would get to 50 by posting actual helpful content.

Karma is nice, but you've given me a reason to post again, so that's helpful :p
DisappearAlways
just gave ya some +1 karma, this is a great thread. so i wanted to throw out a question or two.

ive just downloaded tails and am currently using it via DVD-R
I have GPG4USB loaded onto a usb stick and i threw a test file onto the stick to encrypt/ decrypt
issues:

1. I cant open the linux .exe (start_linux) in the GPG4usb bundle in tails it gives me an "there is no application installed for executable files" could not display error.
2.I imported my key into tails by double clicking its file location in the folder on my flash drive. a baloon window popped up confirming this. i then right clicked the test file and chose encrypt. chose a new file name and submitted the command. the file was created on the flash drive. i then attempted to decrypt it (at this point im assuming there is an onboard encryption tool in tails). i received the following error "Decryption failed. You probably do not have the decryption key." I have no idea where this is located currently but im assuming it lives within the GPG4USB files resident on my flash drive. but i cant run the program to get it out or enter a password etc etc. im really lost now.
3. also i have a question, are bookmarks saved in tails if im running off a DVD-R? I would assume not. but thought i would ask.
4. also i was wondering if the USB stick I use could be encrypted or password protected somehow. just incase it gets into the wrong hands.

thanks in advance for any help!