Tails and Live Distributions - The Tor Ultimate

Discussion in 'Security, Privacy & Anonymity' started by boosydoosy, Jan 17, 2014.

  1. boosydoosy

    boosydoosy Member

    Brothers in iron, check this out.


    This is an entire operation system dedicated to accessing the internet through Tor and only through Tor. As a matter of fact, the IP Route Tables must be modified in order to bypass this feature. What that means is you can't connect to the regular internet while using Tails. You must be connected to a Tor relay.

    What does that mean for you browsing? First, you can't mess up and have some weird program Hijack your internet and reveal your location. You also have complete control over the addons that can be run (and eventually exploited). You all read about the Java exploit from Freedom hosting? Maybe not, but the more recent Java exploit from Yahoo's page. Those were both zero day exploits. These can be used to launch harmful code on your computer to steal information from you.

    Why is Tails safer? Tails is open sources meaning everybody is allowed to view the code and those with the knowledge can make suggestions and modifications of that code - good suggestions are incorporated and rolled into the distribution. This way nobody can hide back doors or malicious code in the software. To date, no public security company has been allowed to audit Microsoft's OSs (or Apple for that matter) source code and report it's findings. Mostly because of the cost of intelectual property (or so they say). Closed source code, however is the reason Microsoft has stayed so far behind as an OS and linux has take a big share of that. That's the difference in business models versus software innovation - a topic outside the scope of this thread.

    What is a live distribution? Live distributions (there are many, not just Tails) can boot from a USB stick or preferebly a read only CD-rom drive. That's right, you burn it to a CD and boot directly off the CD. The operating system is loaded into memory and upon turning the computer off, the operating system is wiped entirely leaving no trace for anybody to find.
    You can't do this with virtual machines safely because you will leave imprints of files on the hard disk of the host machine. Live Cd-Rom is the only way to ensure the safety of the OS (99.99999% sure....there is one more way it can be breached, but unless you are building nukes or something, you don't need to worry about it).

    The cool thing about the latest Tails distro is a MAC address changes that is automatically in the OS and changes the Network card Mac every time. This makes it very, very difficult to find the owner of a network card. Let me dive in here for a second. MAC addresses are as unique as IP addresses and "belong" to a serial number that a manufacturer has to keep (has to mean supposed to) records of this stuff. Once a mac address is known, the proper authorities can request a trail of the source and final buyer of that MAC address. That is why Tails incorporates this now automatically.

    So if it were me, I would do something like this. Get on craiglist and buy some peice of crap laptop for $150 bucks. Make sure it has at least 2GHZ processor, 4 gigs of Ram, wireless network card , and a cdrom. Then go to a coffee shop with free wifi and download Tails (you will need a cd burner but most laptops in the past 5 years have one). Burn Tails to a cd and when you boot the computer, be sure to select to "Boot from CD-ROM".

    Tails will load up, you can connect to wireless and wait for the Tor Relays to load. BAMB, untraceable internet. I would not ever connect to any internet connection you own using this computer.

    I would not tell anybody I had a second computer. I would not show or talk about Tails or the ability to do this. Remain as dumb sounding as you can.

    Find what?
    Last edited: Jan 17, 2014
  2. julianc

    julianc Junior Member

    You could also anonymize via a plug and play embedded Tor router like PAPARouter. It's a cheap, dedicated Tor appliance that, like Tails, runs its Tor instance via Linux. Upside is that you can anonymize your whole house if you wanted to since it's a wireless access point. Best of all, PAPARouter excludes all U.S. and U.S. intelligence friendly countries as exit nodes and that last exit node to your target website is the weakest link since it's unencrypted traffic. In any case you should NEVER rely on the Tor browser bundle for Windows since the FBI has since exploited it successfully. Tails or a Tor router are definitely the way to go. Great post boosydoosy. Very informative.
  3. boosydoosy

    boosydoosy Member

    Very cool appliance! I think since you brought this up, it is important to talk about what it means for your ISP to "know" you are on Tor.

    You can't hide that you are using Tor on your home internet connection - and you shouldn't as long as you are living in the USA [I won't speak for other countries] - it is not illegal to be on the Tor network. If anything it is our right to enjoy this privacy, whatever privacy Tor offers.

    So people that are jumping up and down about using VPN to avoid you ISP knowing you are on Tor, I'm just not sure why you need to do that depending on what you are using Tor for. If Tor is functioning to its full potential, the only two points that have knowledge of thier particular data stream would be the service being used and the user themselves, pure end to end encrypted communication.

    Look at it like this. You are going down the highway and you look over and there is a sheet running up and down a lane for 50 miles. You are not sure how many cars are in that lane, how fast those cars are traveling, or even if there is more than one car. You just don't know. You do know it is a lane and that theoretically traffic can travel there, but you don't know the who, what, when , where, and why about it. That is the exact way Tor works. It is easy to see that your traffic is encrypted (behind the sheet), but knowing wha that traffic is - well that is an entire different ball game.

    So how did the FBI figure some of this stuff out? First off, it is mentioned in the post above. The easiest way is to "exploit" some peice of software that is touted as written to enhance security and make that software steal information about you instead of protect you. This happens all the time. All the freaking time and your data is stolen by most shareware programs and other free "enhancers" you find on the web. What they do with the data is sell it is and make money. When using Tor, however, the FBI would use the data to try and identify the cars behind the sheets that are doing bad things.

    Inherently this is difficult to tackle from the governement perspective because of the necessary time and energy to just go after the security enhanced criminals. Although it is easier to catch less agile and secure criminals, LE has made a name for itself trying outsmart these very criminals.

    The weakest link to any security protocol is the person that wrote it. The person that follows it and the people that interact with it. It is never the system itself. LE bets on the fact that you will make a mistake. You will get impatient and frustrated. They bet on the fact that you will eventually become your own weakest link.

    That is why it is so important to be methodical. Educated. Patient. Humble.

    In the end, it is going to be some shitty software exploited by some careless hacker that will bring most of this right in front of everybody for the world to see. The internet is a nutty place. Come armed. Come prepared :)

    In closing I'll say the more of us using Tor the better and the more of us using relays not controlled by our own governement the better. We built the world. We pump your gas. We wash your clothes. We make your food. DO NOT FUCK WITH US.