
Tails 2.0 is out - rouma7
https://tails.boum.org/news/version_2.0/index.en.html
======
AdmiralAsshat
_Tor Browser 5.5 introduces protection against fingerprinting but due to an
oversight it is not enabled in Tails 2.0. However, this is not so bad for
Tails users since each Tails system has the same fonts installed, and hence
will look identical, so this only means that it 's easy to distinguish whether
a user of Tor Browser 5.5 uses Tails or not. That is already easy given that
Tails has the AdBlock Plus extension enabled, unlike the normal Tor Browser._

I wonder why they opted to preload it with AdBlock Plus instead of uBlock
Origin. I'm sure gorhill would certainly give his blessing, and by all
measurements it is just as effective with way less overhead.

Heck, they could go one step further and preload it with a uBlock Origin
profile on a paranoid mode that proactively disables all JavaScript (last I
remember using Tor I had to manually disable Javascript in the Firefox
config).

~~~
jrcii
I use AdBlock Plus because of the Element Hiding Helper addon, which lets me
easily and perpetually hide whatever DOM element I decide is annoying me or
taking up unnecessary space. To my knowledge there is no similar addon for
uBlock Origin.

~~~
ino
That is built in uBlock Origin.

Click the eyedropper tool "enter element picker mode"
[https://www.dropbox.com/s/niy881lyaca4zmx/Screenshot%202016-...](https://www.dropbox.com/s/niy881lyaca4zmx/Screenshot%202016-01-28%2018.14.09.PNG?dl=0)

~~~
jrcii
Hey, thanks!

------
nikcub
I appreciate a lot of the work that the Tails guys do - but for a privacy and
security focused distribution there are far too many included apps for my
liking[1], which increases the attack surface. LibreOffice, Gimp and Audacity
are just some of the apps - and many have a horrible history of
vulnerabilities[2].

When Tails has had vulnerabilities it is often with one of these included
apps[6].

The browser isn't sanboxed (it's in progress[3]), and the machine is still
directly connected to the internet, so you're a single Firefox vulnerability
and a drive-by download away from being deanonymized.

It is also a shame that both OS X and Windows make it difficult to write an OS
to an USB stick and boot from it - the install requires an intermediary Linux
OS either on DVD or USB, which a lot of users won't get by.

For a different approach, see Whonix[4] - a virtual machine based approach
with an isolating proxy (very popular setup amongst black hats) and Qubes
OS[4] which is built on Xen and runs processes in separate VM's

[1]
[https://tails.boum.org/doc/about/features/index.en.html](https://tails.boum.org/doc/about/features/index.en.html)

[2] [https://www.cvedetails.com/vulnerability-
list/vendor_id-1143...](https://www.cvedetails.com/vulnerability-
list/vendor_id-11439/product_id-21008/Libreoffice-Libreoffice.html)

[3]
[https://wiki.mozilla.org/Security/Sandbox](https://wiki.mozilla.org/Security/Sandbox)

[4] [https://www.whonix.org/](https://www.whonix.org/)

[5] [https://www.qubes-os.org/](https://www.qubes-os.org/)

[6]
[https://blog.exodusintel.com/2014/07/23/silverbullets_and_fa...](https://blog.exodusintel.com/2014/07/23/silverbullets_and_fairytails/)

~~~
swinglock
The Whonix approach is very reasonable. Tails must be considered inadequate
when used as a complete solution as long as the browser isn't fully isolated
from the Tor underlay.

~~~
dublinben
>Tails must be considered inadequate

Tails is significantly more secure than the common practice of running the Tor
Browser Bundle on a Windows OS.

~~~
nikcub
I built a custom VMWare install of Windows Embedded (well, they're all custom)
running just Chromium. I think it's pretty secure - the footprint is tiny, I
was actually more concerned about switching off some of the fancier features
of Chromium (such as Canvas and WebGL).

In theory it would make an excellent thin client to use with an OpenBSD
isolating proxy - i'm actually curious to hear what others would think about
using embedded Windows (XP or 8 or 10) in this way.

~~~
bcook
A proxy cannot anonymize encrypted traffic.

~~~
nikcub
Isolating proxy:

[https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWT...](https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/IsolatingProxy)

meaning the only way to route out is to proxy via Tor. IMO it's the only safe
way to run Tor and remain anonymous.

~~~
bcook
That only tunnels traffic through Tor, right?

If the browser leaks identifying client information through HTTPS or other
encrypted protocols, the proxy (torify) will not be able to help. That is why
Tor Browser is important.

~~~
nikcub
yep, the way it is setup is you create a private network in VMWare, the
proxy/router box has a live IP address on one end and is running a DHCP server
on the private network. The client VM's connect to the Tor daemon on the
proxy/router using SOCKS or HTTP

I don't use torify or anything else - if the app doesn't support SOCKS or HTTP
then I don't use it. Any browser leaks will just hit a wall against the router
VM.

It's the whonix architecture - except I use my own router (wasn't comfortable
with whonix's 1.6GB+ router) and client.

------
nxzero
Always been puzzled as to why the ISO release is provided by HTTP and not
HTTPS; possible it doesn't make a difference, but if so, it's not clear why.

~~~
jnagro
You can also DL the ISO via bittorrent, which has some additional consistency
checks.

[https://tails.boum.org/torrents/files/tails-i386-2.0.torrent](https://tails.boum.org/torrents/files/tails-i386-2.0.torrent)

~~~
nxzero
Right, though my understanding is Tails' and TOR's position are not to torrent
using either system:
[https://labs.riseup.net/code/issues/5991](https://labs.riseup.net/code/issues/5991)

^^ given that, it is to me just as puzzling that they provide a torrent as it
is for failing to use HTTPS by default for file transfers.

------
746F7475
I'm sure I'm not first to question this, but if you download Tails or Tor
browser or whatever, wouldn't that be sort of obvious? I mean it leaves
traces. Then if you only use it to do something specific be it chat with
friends, browse for porn, take part is activism or to buy illegal products for
example wouldn't it be easy to see that: your computer went offline, then
something new (Tails) went up, took anonymous connection to somewhere and then
X happened, then Tails went away and your main OS/machine went back up.

My main "inspiration" here is the fake bomb threat by the college kid to get
out of mid terms, just before the email about the bomb was sent his IP
downloaded Tor bundle. The service he was using also had the schools IP or
something so administration could see it was sent from inside the school, but
I think that is still valid concern. This kind of meta data about your actions
can leak just as much information as actually seeing what you are doing.

My question therefor would be: should more people use Tails as their "daily
driver"? Would that make it more anonymous/private for the people like whistle
blowers? My only idea at the moment would be to pay for two separate trusted
VPN provider (don't know how you would vet that trustworthiness) with bitcoin,
to keep your anonymity/privacy with them as well. Then pipe all your traffic
through one of the VPNs all the time. Then when you need to use Tor, you would
simply pipe it through that same VPN when you would emerge with rest of the
clients from same point and then pipe your Tor traffic through the secondary
VPN. This way you would still get the benefits of encrypted tunnels all the
way through with benefit of Tors anonymizing and it might not be so obvious
you are browsing Tor to your ISP or whatever.

Maybe I'm thinking this is harder than it actually is

~~~
nikcub
First, Harvard bomb kid was caught because of some decent sysadmins ran good
network analysis and after receiving a bomb threat that was received from Tor
saw that there was only a single student on the entire network that was
running Tor.

ISP's or network providers know if you're running Tor, when you're online and
when you're active (it has been used in criminal cases to link real people to
online aliases)

Someone else in this thread pointed out that the download points for Tails are
all HTTP - so you can't find it and download it anonymously.

The way to do it would be to find an HTTPS mirror (avoiding search engines) or
a public terminal.

IMO you shouldn't use Tails as your personal machine. This isn't a technical
decision more a question of OPSEC policy. The key to anonymity is
compartmentalization - the concept of creating, maintaining and then isolating
your different identities.

Your real identity will continue to use your computer, your phone number, your
internet connection, etc. It might tighten up some privacy leaks. Your
anonymous identity (which may have a name) will use Tor in a virtual machine
as a gateway and Linux in another virtual machine as a client, or it will boot
into Tails. The anonymous identity using Tor has nothing in common with the
real identity that can be linked together by a passive or active attacker.

For ex. your anon identity is doing anonymous stuff on anonymous online
markets, but then you use the same Tails session to login to your personal
Gmail. You've just been de-anonymized. Don't share anything between the two
identities (having the same interests, typing style, etc. to name a few) as
that would tie an anonymous identity to a real one.

With this in mind, Tails is perfect for the use case of 'I need to do some
anonymous stuff with my anonymous identity and then get back' which is exactly
how a lot of journalists, black hats, etc. use it. The more 'comfortable'
Tails is with features and programs the more likely you are to hang around and
do something that will de-anonymize you :)

~~~
wila
Seems you can download via bittorrent as well? [1]

BTW, if you download a file of 1.1 GB from boum.org then the size of the
download already pretty much gives away that you are downloading tails.. So
https does not give you anonymous downloads, it gives you an increased
certainty of origin. But as you should verify the signature instead (which is
served over https)[2] I think it is fine to download via http.

[1]
[https://tails.boum.org/install/mac/dvd/index.en.html?overrid...](https://tails.boum.org/install/mac/dvd/index.en.html?override=firefox)

[2]
[https://tails.boum.org/download/index.en.html#index2h1](https://tails.boum.org/download/index.en.html#index2h1)

------
Sleaker
Hmm inclusion/switch to systemd on something that purports to be a 'secure' OS
for private browsing seems counter-intuitive.

~~~
bemused
\- the tails project lacks the manpower take a different path than its debian
mothership

\- the devs don't seem to be bothered by increasing their attack surface with
systemd

\- systemd makes life easier when building a distribution, so the tails-devs
like it (not only because they are lacking manpower)

\- sure you got to be a bit paranoid when working on this kind of project, but
tails doesn't seem to be a very welcoming environment for contributors

follow tails irc / the mailinglist for a while to get your own picture and
have a look at Whonix/Qubes for more security focused alternatives

~~~
voltagex_
>systemd makes life easier when building a distribution

Can you elaborate on this? I found that it mattered more what live-cd system
an upstream distro used (e.g. dracut vs Debian's older tools)

~~~
digi_owl
It think its about how much systemd comes with.

Init, session tracking, DNS client, DHCP client, etc etc etc.

------
bphogan
Firefox refuses to let me look at this page because of a certificate problem.

Not to go off on a rant, but this is what the "everyone must use https because
we said so" edict is going to cause - it's not enough you use https, it has to
be the right kind of https that involves a third party issuer of certs.

Can anyone fix that issue or link to a different page please?

~~~
liotier
> Firefox refuses to let me look at this page because of a certificate
> problem.

Me too, but I know why: my employer's proxy MITMs any SSL connections whose
certificate authority it does not recognize as bona fide. Quite aggravating -
but a very nice tool to explain SSL MITM to users... There's always a silver
lining !

~~~
JoshTriplett
> whose certificate authority it does not recognize as bona fide

That's a very strange criteria; do you mean that anything that _would_ have
been a certificate error gets MITMed instead, rather than rejected? Very
strange.

~~~
liotier
Not just the self-signed ones - also some others... I wonder what the
whitelist is. The proxy is the infamous McAfee Web Gateway - I don't know if
the list is user-maintained or supplied by the vendor.

------
sultansaladin
How secure is this os?

------
awinter-py
Think twice before clicking this link. A bunch of non-crazy newspapers have
reported that merely reading about privacy tools (tails & tor) will make you a
link in the NSA surveillance graph.

~~~
cyphar
Which is why you should be using Tor to read it. You shouldn't accept
someone's attempt to subvert your right to the freedom to read. Fear tactics
like that shouldn't be accepted. Besides, everyone is already in NSA's
database. Looking up Tor just adds more data that can be correlated with you
later. On the plus side, if you then go on to use Tor, that's the last piece
of data that can be correlated with you (assuming good enough opsec).

EDIT: As I send this, the app I'm using (Materialistic) isn't able to access
the HN API when I'm using Orbot with transparent proxying. That's really
annoying.

~~~
awinter-py
I'm not sure tracking privacy-seekers is a fear tactic. It may have more to do
with consolidating bureaucratic power -- the more an agency can collect, the
more convincing it can be when it asks congress for money.

TAILS solves the problem of your individual privacy, but if you care about
privacy in general you need to engage politically. Increasing TAILS use
without increasing letters to congress increases the odds of anti-privacy
legislation.

