• The friendly Linux forum for all users.
Dismiss Notice
Welcome to Linux Forum! As we have just launched, please help us grow by telling your friends about us and posting in the forum. Thanks!

The Secure Linux OS - Tails

Discussion in 'LF Linux Articles' started by Jarret, Feb 7, 2017.

  1. Jarret

    Jarret Moderator Staff Member

    Figure 00.jpg

    Some people worry a lot about security issues. Anyone can worry about their personal information, such as credit card numbers, on the Internet. They can also be concerned with someone monitoring their activity on the Internet, such as the websites they visit. To help ease these frustrations about the Internet anyone can use the Internet without having to “look over their shoulder”.

    The Operating System (OS) to use to protect yourself is called Tails. Tails stands for ‘The Amnesic Incognito Live System’ and is a Debian based OS created by the Tor Project.

    TOR (The Onion Router)

    You may or may not have heard of Tor. Tor stands for the ‘The Onion Router’ and provides encryption of your data packets on the Internet multiple times. Each packet you send is encrypted at each ‘Onion Router’ and passed to the next one. The Tor system was initially created for sending intelligence information over the Internet and keeping it safe from prying eyes.

    There is an add-on for Firefox in Linux. The add-on can be found at https://www.torproject.org/dist/torbrowser/6.5/tor-browser-linux32-6.5_en-US.tar.xz for 32-bit Firefox and https://www.torproject.org/dist/torbrowser/6.5/tor-browser-linux64-6.5_en-US.tar.xz for 64-bit Firefox. Extract the compressed file and use a Terminal to start ‘start-tor-browser.desktop’ to open your Tor browser add-on.

    NOTE: Do NOT run this as root!

    When packets are sent over Tor each packet is sent to a Tor enabled router. The routers create a virtual circuit. Your packet is sent to the nearest Tor router where it is encrypted and sent to the next router which encrypts it again. Each router only knows about the previous router. The first router you communicate with knows your system information. The last Tor router decrypts the packet and sends the packet to the Target System. Even now your information has been replaced with the Tor router’s information. The Target System responds and the data is sent back through Tor until it gets to your initial Tor router where your information is placed into the packet and sent to your system.

    So now that you know a little about Tor and the project working on it, we can look at their OS.

    Tails OS

    The Tails OS is a Linux Debian OS which uses methods to keep your Internet browsing secure as well as portable. Tails is used only as a Live-DVD or Live-USB boot-up. Tails is not installed on a system but only used to boot a system and use completely in memory. By being a Live distribution there are no digital footprints left behind on a system unless you choose to do so. Even when shutting down the Tails OS the Random Access Memory (RAM) is cleaned to prevent anyone from being able to retrieve anything you had done on the system.

    Keep in mind that Tails can protect you on an uncompromised system. If the system has hardware which can monitor the activities performed on it then you are not safe on it. If you are truly worried about being tracked make sure you perform the installation from a trusted system and only run it on unmonitored systems. Any information saved by Tails to storage media is not encrypted. Your data being sent to the initial Tor router is encrypted, but the last router to the Target System is not encrypted. There are ways to get around Tails, but these are unlikely under normal circumstances. Still, be aware that Tails is not 100% guaranteed to keep you anonymous on the Internet. For example, your Internet Service Provider (ISP) can tell you are using the Tor network and can then know that you are using the Tor Browser and/or Tails.

    To start the installation you need to download Tails. To do so you can use your Firefox Browser on your system. An add-on is needed to help perform the download and verify that Tails has not been tampered with by anyone on the Internet while it was being transferred. The link is at https://addons.mozilla.org/firefox/downloads/latest/673020/addon-673020-latest.xpi. The add-on does not require a restart of Firefox. Once the add-on is loaded you will need to select the option to install it. Then you download the compressed files for Tails from the link https://tails.c3l.lu/tails//stable/tails-i386-2.10/tails-i386-2.10.iso.

    NOTE: If a newer version has been released you should be notified, but of the link does not work then go to tails.boum.org and select the download link on the main page. There are other methods to downloading the file, but this seems to be the safest and easiest.

    Once the download is completed the add-on will perform a verification to make sure the file is intact and has not been tampered with during the download.

    To install Tails you need a USB Stick with at least 4 GB of space. You also need to get the ‘tails-installer’ program. On a Debian System open Synaptic Package Manager and search for ‘tails-installer’. If it is not found then you will need to add a repository. Select ‘Settings’ and then ‘Repository’. On the left side of the window select ‘Additional Repositories’ the click on the button ‘Add a new repository...’. The name of the new repository is ‘deb http://http.debian.net/debian/ jessie-backports main’. Close the window and then close Synaptic. Open a Terminal and execute the command ‘aptitude install debian-archive-keyring’. Once done, open Synaptic again and select ‘Reload’. Perform a search for ‘tails-installer’ and select it to be installed and select ‘Apply’.

    Once ‘tails-installer’ is completely installed then you can remove the repository you just added if you wish.

    It is possible to add the repository with the command ‘add-apt-repository ppa:tails-team/tails-installer’ and then perform and update with the command ‘sudo apt update’. You can then install the program with the command ‘sudo apt-get install tails-installer’.

    The ‘Tails Installer’ should be added to your Graphical User Interface (GUI) Menu or you can open a Terminal and type ‘tails-installer-launcher’. A program should start similar to that in Figure 1.

    Figure 01.jpg
    FIGURE 1

    Since we are doing this for the first time, select the top button for ‘Install’. The next window will be similar to Figure 2 and you need to specify the location of the downloaded file for Tails. You also need to specify the Target USB drive where you have your USB Stick of 4 GB or larger. The program will auto-detect a device, just make sure it did so correctly before you select ‘Install Tails’. Once you select ‘Install Tails’ you will be prompted to verify the media you selected. Once you are sure everything is correct select the ‘Yes’ button to continue. Remember that all data on the selected device will be lost.

    Figure 02.jpg
    FIGURE 2

    NOTE: The process of creating the bootable Tails device may take up to 30 minutes.

    The process will continue to perform the install and look like Figure 3.

    Figure 03.jpg
    Figure 3

    Once the install is nearly done, a window will appear to ask for authentication to run ‘/usr/bin/syslinux’. Type in the root password and press ‘Authenticate’. Another window will open to ask for the root password to ‘Open the Mass Storage Device for writing’. Type in the root password and press ‘Authenticate’. You should then get a message: ‘Installation complete!’ Select ‘Close’ and you are done with the Installation.

    Reboot your system and boot from the USB Stick which contains Tails. Once loaded you should see a screen similar to Figure 4.

    Figure 04.jpg
    FIGURE 4

    Press ENTER or wait for Tails to automatically load from the menu. Tails is preparing to load for the first time, so the next step may take a while to complete. After a bit you should see a screen similar to Figure 5.

    Figure 05.jpg
    FIGURE 5

    The screen you see now is the Tails Greeter screen. Set your language, localization and keyboard type at the bottom of the screen. You can click ‘Login’ to continue, or select ‘Yes’ then the ‘Forward’ button for more options as shown in Figure 6.

    Figure 06.jpg
    FIGURE 6

    Now you can enter an Administrative password. Set Network Settings if needed, but the defaults should be fine. Click ‘Login’ when you are done.

    NOTE: If you do not set an administrative password anything requiring root privileges will not work. Setting a password is highly suggested.

    Once all of the settings are saved then the system will load and your Desktop should look like Figure 7.

    Figure 07.jpg
    FIGURE 7

    If you plan on doing more than browsing the Internet then you will want storage space to keep your data secure. Extra space on the USB Stick can be used as encrypted storage. To make encrypted storage continue on with the instructions.

    Encrypted Storage

    Hopefully, you used an 8+ GB USB stick. If so, then you can use the rest for persistent storage.

    From the menu system in Tails select ‘Applications > Tails > Configure persistent volume’.

    NOTE: You will also see on this menu the option of a ‘Tails Installer’. From this program you can make another Tails USB Stick.

    Once selected, a program will start which tells you how much space is left on the USB Stick to be used for the Persistent Volume. Once the Volume is created you will be shown a list of items which can be saved to the new Volume. You will need to select which items you want to save to the Volume. The items are:
    • Personal
    • GnuPG
    • SSH Client
    • Pidgin
    • Icedove
    • Gnome Keyring
    • Network Connections
    • Browser Bookmarks
    • Printers
    • Bitcoin Client
    • Apt Packages
    • Apt Lists
    • dotFiles

    Once you have selected which items you want saved to the Volume, click on ‘Save’.


    Move the mouse cursor to the top left corner of the screen and a side toolbar will open. In the Search box type in ‘Network’. Open the Network Connections application and configure your network settings if Tails has not auto-connected to the network.

    In the top right corner is a panel containing numerous icons. One icon is an onion. If it has an ‘X’ on it, then the network is not operating. Once the network is operational then you can click on the onion and see a list of Tor networks.

    If you move the cursor back to the top left corner then you can select the Tor Browser and open it. At the main page will be a box to the right which says ‘Tor Check’. Select the ‘Tor Check’ box and you will be notified if the Tor network is operational. Once you have verified that Tails is connected to the Tor network, then you are secure and start browsing anonymously.

    Happy anonymous browsing!
    Chad McCullough likes this.

Share This Page