Sunday 8 June 2014

Tails You Win!

Whether or not you sympathise with Edward Snowden's decision to air the NSA's & GCHQ's dirty laundry in public, one thing is clear: wholesale data collection from the public network has been ongoing for sometime. Ironically, it seems, that we pay taxes so that our governments can spy on us and, whilst I don't consider myself (particularly) paranoid, Snowden's revelations and the subsequent commentary by people such as Bruce Schneier and Glenn Greenwald have certainly made me reconsider my own online behaviour and security.

In today's world of Facebook and Twitter where virtually everything seems to be shared with virtually everyone, it's easy to be persuaded by the "nothing to hide, nothing to fear" argument: however, whilst I have undoubtedly contributed to some of the pointless and meaningless garbage on the Internet1, I find myself increasingly troubled by this view. Tyranny begins when a government's purpose becomes the scrutiny of its people and it justifies its actions by promoting the politics of fear - society surrenders its personal freedom in order that a few ne'er-do-wells might be apprehended (usually, on the vague suspicion that they might have "been up to something"). Of course I'd be the first to accept that there are bad people out there, but the subjugation of the whole population in order to mitigate an already minuscule risk is, at best, overkill and one is obliged2 to question the motives of the political class!

Sadly, whatever I may think about state-sponsored data theft, the problem is not only likely to continue but also to escalate and the question becomes, what can one do to protect oneself? Snowden himself reportedly uses a Linux system called Tails to keep his online activities hidden from unwelcome attention and Schneier also acknowledges using the operating system. Although my online activities are (almost certainly) not under the same scrutiny as Snowden's or Schneieir's, I thought I'd have a look and see what Tails is, how easy it is to use, and what it offers in terms of user security.

"Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity"

For those already familiar with the Linux concept of a Live Disk, Tails will not be an entirely alien concept. It does, however, have some interesting quirks:

  1. Tails is pre-configured for online security: all the bundled applications are forced to connect to the Internet via Tor and any that attempt a direct connection are blocked. It is the Tor network that provides the user with anonymity during an online session.
  2. The OS runs as a Live Disk by design: it makes no changes to the system OS and makes no use of the hard drive's swap files. The obvious advantage of this approach is that data from the Tails session can't be extracted from the hardware once the system has been shutdown (because the OS only uses RAM which is dynamic or volatile memory). Moreover, it also means that a user can make use of virtually any computer without leaving a trace.
  3. Encryption is built in: email, browsing, and instant messaging applications all have encryption enabled. Tails will also allow you to encrypt disks using LUKS.

Built on a Debian platform and shipped with the GNOME desktop, if you've used any of the early versions of Ubuntu, the desktop will be quite familiar and most Linux users won't be fazed by the operating environment. That said, some of the bundled apps will likely be less familiar!

Leaving aside the acquisition and installation (more of that in later posts) of this operating system, Tails is pretty simple to use if not a little slow: you'll want to use a USB stick rather than a DVD just to improve boot and application loading times (and to create a secure persistence area in the file system). Moreover, given that java and Flash are turned off (for fairly obvious reasons), the surfing experience won't be the richest you've ever enjoyed!

Having played with Tails for a couple of days, it's clearly a very classy piece of work and the developers are to be applauded for producing an excellent and secure operating system. Nonetheless, I'm not sure that I'll be migrating to Tails any time soon: it's probably a step too far in terms of paranoia.

Over the next few days I'll post hints & tips on downloading and installing the system.

Sources & References:

Notes:

1 In the interests of full disclosure, I acknowledge to maintaining both Facebook & Twitter accounts. Additionally, of course, there's also a blog (attached to a Google+) account...

2 To mangle a quote variously attributed to Courtney, Jefferson, Paine, & Lincoln: "the price of freedom is eternal vigilance"

No comments:

Post a Comment