Author Topic: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)  (Read 14210 times)

Online FreeLancer

  • Global Moderator
  • Survival Veteran
  • ******
  • Posts: 5529
  • Karma: 754
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #30 on: August 08, 2017, 08:54:45 PM »
The latest Tails 3.0.1 update has been running great on my 2008 MacBook and 2009 MacBook Pro, and for the first time actually completes the entire shut down sequence properly, so I no longer have to manually power the machine off.  This is hands-down the best version so far.





Many flash drives do not play well, if at all, with Tails.  The ones pictured above have consistently worked well for me, the first 3 are by Kingston, the fourth from Transcend, and the last is a Gorilla Drive I found from EP Memory.  The Transcend has the smallest form factor and only sticks out about 7/16" from the side of the computer.

The various San Disk, Lexar, Samsung, and Silicon Power flash drives I have tried do not work with Tails, although San Disk's SD cards have worked well.

Offline surfivor

  • Survival Veteran
  • ********
  • Posts: 6680
  • Karma: 85
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #31 on: August 09, 2017, 02:53:08 AM »

 Chances are running Tor even on a VM is going to be much better than using a browser on windows as 95% of spyware and the like probably is not that sophisticated even though a lot of spying is going on.

Offline Sailor

  • Survivor
  • ***
  • Posts: 196
  • Karma: 15
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #32 on: August 10, 2017, 09:54:02 AM »
Yeah, the Transcend's have been working great for me. 

Remember, do not ever use this on any computer associated with you or any of your locations, (home, work etc)  Complete separation is required, you basically have to create a separate "you" that never crosses the real you. 

If you just want more privacy on computers you own, a VPN and Tor work great.  Never use public wifi without a VPN though. 

Offline Smurf Hunter

  • Survival Veteran
  • ********
  • Posts: 6996
  • Karma: 329
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #33 on: August 10, 2017, 10:09:12 AM »
Yeah, the Transcend's have been working great for me. 

Remember, do not ever use this on any computer associated with you or any of your locations, (home, work etc)  Complete separation is required, you basically have to create a separate "you" that never crosses the real you. 

If you just want more privacy on computers you own, a VPN and Tor work great.  Never use public wifi without a VPN though.

I understanding the technical reasons, but not the methodology.

Why can't you test our TOR on a personal machine you own?  I agree for true OPSEC, like transmitted leak classified documents and actual stuff you wanted to keep secret should be done with layers on anonymity. Go to an internet cafe, pay cash, etc.

The USB OS is stateless.  Anything you do while it's booted is volatile and disappears upon shut down.  So that USB should have no evidence that it was booted up from your laptop.

Offline Sailor

  • Survivor
  • ***
  • Posts: 196
  • Karma: 15
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #34 on: August 11, 2017, 07:41:46 AM »
TOR does not hide  your MAC address which can be traced to your network location and then used to identify your specific computer.  TAILs at least uses a fake MAC that can't be positively connected to you, but it still can give away your location.

Find a digital copy of Kevin Mitnick's book The Art of Invisibility, and give it a read.  He was a world famous hacker who got caught, and is now a penetration tester. 

You have to choose security or convenience you can not have both, for some people TOR, or TAILS on a personal computer is enough, as long as you understand the limits of your decision. 

BTW Nord VPN service is great.  I have been very happy with them.  Working great off my phone and home/work computers.  While in China for 2 weeks this summer, it was the only way I could connect to sites that the Chinese .gov blocks.   

Offline Smurf Hunter

  • Survival Veteran
  • ********
  • Posts: 6996
  • Karma: 329
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #35 on: August 12, 2017, 03:55:52 PM »
I remember playing with early Linux distribution 20 years ago, and changing my MAC to all zeros.  It really screwed with my ISP who hadn't even heard of Linux back then.

Offline jerseyboy

  • Survivalist Mentor
  • *****
  • Posts: 539
  • Karma: 28
  • Garden State Prepper
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #36 on: August 12, 2017, 04:27:40 PM »
TOR does not hide  your MAC address which can be traced to your network location and then used to identify your specific computer.  TAILs at least uses a fake MAC that can't be positively connected to you, but it still can give away your location.

Find a digital copy of Kevin Mitnick's book The Art of Invisibility, and give it a read.  He was a world famous hacker who got caught, and is now a penetration tester. 

You have to choose security or convenience you can not have both, for some people TOR, or TAILS on a personal computer is enough, as long as you understand the limits of your decision. 

BTW Nord VPN service is great.  I have been very happy with them.  Working great off my phone and home/work computers.  While in China for 2 weeks this summer, it was the only way I could connect to sites that the Chinese .gov blocks.   

https://superuser.com/questions/349256/theory-regarding-mac-and-ip-address-in-network-packet-and-frame-content

Help me out here.

If you are using NAT behind your router (99% of people are), how are you exposing your MAC address to anyone outside your router?

While I understand that every computer has a ' unique' MAC address, how does a MAC address give away your location?

Does the TOR protocol use that MAC address with the first hop to the entrance node when it creates its VPN since it thinks it is on its own separate network?

Jerseyboy

Offline surfivor

  • Survival Veteran
  • ********
  • Posts: 6680
  • Karma: 85
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #37 on: September 05, 2017, 01:43:22 AM »
 I think your IP address is different. That probably comes from your service provider or whatever network you are on .. However, some kind of malware/spyware would be needed to get your mac address I suspect. Although your mac address is visible within your local network it would appear. I don't think your mac address is needed to spy on you unless you use your computer in a stealth type of way such as only using a specific laptop for specific purposes and not using it on your home network etc .. James Wesley Rawles says have a computer that you only use at libraries 20 miles from your house, which is kind of inconvenient 

My guess is that your ISP can help others spy on you based on the mac address and they have access to that info. It's been in the news it seems that ISPs have been allowed a lot of leeway in collecting and sharing your info. When yo are out on the web, you machine appears as an IP address but your ISP probably can map that to your mac address and probably they share that with certain companies who then provide that service to others


https://tor.stackexchange.com/questions/1641/does-tor-hide-my-mac-address-as-well-as-my-ip-address


In general when you visit a website the website won't be able to see your MAC address, even when not using Tor.

Only the hop directly after you is able to see your MAC, and chances are there's 10+ hops between you and a given web server.

========

https://security.stackexchange.com/questions/67268/is-it-possible-to-retrieve-mac-address-of-a-host-using-tor

The MAC address is only visible on your local network. You don't need to hide it.

With Tor or without Tor, as soon as the packet reaches your default gateway, that computer sitting between you and the next network segment, your MAC cannot be seen anymore.

But if someone tries very hard to trace you, a special crafted website can get your MAC by exploiting your browser, executing some commands on your computer and get all kinds of information from the computer.

But this does not have anything to do with Tor nor no-Tor nor MAC address.

=========

https://www.reddit.com/r/onions/comments/2rvd5q/can_tor_browser_leak_my_mac_address/


========

https://www.quora.com/Do-internet-providers-track-your-stuff-using-MAC-address

If you have your own firewall which provides DHCP service and NAT for your devices, your MAC address is not in a DHCP request or router syslog going to the ISP.

If the ISP provides the router or manages a customer owned router, they certainly know the MAC address of that router. If that router is providing DHCP service or is acting as a bridge to provide IP addresses for your devices from a centralized DHCP server, the MAC address and the IP address (metadata) are logged. Additionally, your MAC address may be included in your IPv6 address. The DHCP logs and router syslogs can be obtained via a subpoena under CALEA, USA PATRIOT ACT, and/or The Homeland Security Act of 2002 by any law enforcement agency, even the dog catcher or child protective services. For legal compliance, many ISPs outsource their subpoena processing to Neustar, which uses SS8 Networks’

======

« Last Edit: September 05, 2017, 02:06:23 AM by surfivor »

Online FreeLancer

  • Global Moderator
  • Survival Veteran
  • ******
  • Posts: 5529
  • Karma: 754
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #38 on: August 21, 2018, 04:37:35 AM »
Somewhere between versions 3.3 and 3.8, Tails (or the latest firmware updates) became incompatible with all of the Macs that previously ran it.  The USB sticks all hang midway and DVD images won’t even begin to boot.  Apparently it’s a known issue without a clear solution beyond trial and error. 

Not sure it’s worth buying a cheap Windows machine for running a slow OS that I don’t use for serious stuff, but I might give it a go.

Online FreeLancer

  • Global Moderator
  • Survival Veteran
  • ******
  • Posts: 5529
  • Karma: 754
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #39 on: September 08, 2018, 03:54:50 AM »
Not sure it’s worth buying a cheap Windows machine for running a slow OS that I don’t use for serious stuff, but I might give it a go.

So, I tested some sub-$200 dollar "burner notebooks" for compatibility with Tails and a few different Linux distros.  It's kind of amazing just how much computing capability is available for so little these days, but even then these machines have to cut corners somewhere and some do a better job than others.

The first deficiency that was painfully obvious for all of these machines, right out of the box, was the typical 32Gb eMMC internal storage that comes installed at this price range.  None of my samples allow this 32Gb size to be upgraded by the user and only one had an open space that allowed the addition of a 2.5" SATA drive.  The painful part comes when performing the first update of the Windows 10 software these notebooks come with, because they don't have enough free space to complete the most recent 1804 feature upgrade.  Supposedly there are ways to offload some storage to the cloud or a USB drive, but I didn't have any luck and decided to experiment with Linux instead.  I did eventually go back and download the 1804 iso, burned it to DVD, and was able to do a clean reinstall that registered Win10 to my Microsoft account on all the machines.  Minus the OEM crapware these things come out of the box with, the reinstall left about 13Gb of free space remaining, which might be enough to do light duty web-centric tasks, kinda like a Chromebook.  All but one notebook used a version of Windows called 10S, which only allows you to install apps approved by Microsoft, although when I reinstalled from DVD they came up on my online account registered as Windows 10 Home, without any of the lockdown features of 10S.

These all came with 4Gb of RAM, which was not obviously user upgradeable.  And all but the HP had an HDMI port.


In order of my worst to best picks.....


HP Stream 11-y010nr  $179

  Intel Celeron N3060, 1.6GHz, dual-core processor,
  11.6" diagonal HD sva Anti-Glare wled-backlit (1366 x 768)

This was the second smallest of the five, but the most sluggish and loaded down with crapware.  It's WiFi isn't supported by Tails 3.8 or 3.9, and there's no ethernet jack, so getting online is problematic.  There's only two USB jacks, but Tails won't boot from the faster 3.0 one.  There's a mini SD slot, but none of the computers I've used lately are able to boot Tails from SD currently.  Battery life seems to be  no better than 5hrs.  Keyboard is cramped, but fairly useable, and there's a Caps Lock light that come in handy when trying to figure out why you suddenly forgot the password you just encrypted the disk with.  The camera is junky, but able to read QR codes within the Electrum Wallet app in dim light.  A lightweight Peppermint 9 Linux distro worked great, leaving 22Gb free after installation, had WiFi driver support, and was significantly quicker to use.  Linux Mint Mate didn't have WiFi support.

I also received the 14" iteration of this HP laptop, which was fortunately missing a couple of keys and gave me an excuse to send it back to Amazon for a refund.


ASUS L402WA-EH21  $199

  AMD E2-6110 1.5GHz Processor with integrated Radeon R2 graphics
  32GB eMMC Flash Storage and 4GB DDR3 RAM

This is the only AMD processor of the bunch.  It eventually boots Tails 3.9 and supports WiFi, but didn't with 3.8 or Linux Mint.  It runs Peppermint fine (everything seems to like Peppermint), but is kind of sluggish with Ubuntu.  There's ethernet, USB C, 3.0, 2.0, and regular SD jacks.  The keyboard is pretty close to normal size, but laid out such that I kept hitting Caps Lock without knowing it and couldn't figure out why I couldn't remember my password.  The camera is slightly better than the HP.  The battery life is the worst at <5hrs.  The only redeeming feature of this laptop is the accessible 2.5" bay for upgraded storage.  I put in an SSD and am in the process of downloading the bitcoin blockchain and will probably wind running this as full node in place of the old MacBook Pro I'm using now.


Acer Aspire 1, A114-31-C4HH  $176

  Intel Celeron N3450 Quad-Core Processor (Up to 2.2GHz)
  14" Full HD 1920 x 1080 Widescreen Display. 300 Kilopixel (Front camera)
  4GB Onboard Memory, 32GB Internal Storage
  2-cell Li-Ion (4810 mAh) Battery, Up to 9 Hours Battery Life

This is the same size as the above ASUS, but performs better in every area except internal storage expansion.  It runs Tails great, as well as everything else I tried, and there were no issues with WiFi.  The screen and camera seem to be the best of this bunch, as is the keyboard and trackpad.  The battery life really is 9 hours, easily 2-3 times of the similarly sized ASUS.  Besides lacking USB C, it has the same jacks as the ASUS, too. 


ASUS VivoBook E203MA  $169

  Intel Dual-Core Celeron N4000 processor with 64GB eMMC Storage and 4GB LPDDR4 RAM
  11.6 inch HD display

This little ASUS is definitely the ideal "burner laptop" in terms of size, performance, and cost.  This was the only unit that came with 64Gb, which allowed it function the best in Windows.  Tails and Linux run great, without any WiFi or camera issues.  Battery life is 10 hours and the screen and keyboard are surprisingly functional despite being the smallest of the bunch.  It has two USB 3.0 and one USB C jacks, as well as a micro SD slot, significantly better than the slightly larger HP.  This BIOS was also the easiest to navigate and change.  This one also automatically updated me to Windows 10 Pro when I did a clean install from DVD.


In looking back at Amazon while writing this up I noticed that several of these are now listed above $200, but the prices I listed are what I paid for them within the last two weeks.

Offline fritz_monroe

  • The Defenestrator
  • Global Moderator
  • Survival Veteran
  • ******
  • Posts: 8177
  • Karma: 145
    • The Homestead Fritz
Re: Tails: The Amnesic Incognito Live System (Linux/TOR privacy)
« Reply #40 on: September 08, 2018, 07:42:49 PM »
Pick up a used/refurbished Lenovo T420 off of Ebay.  I decided I was sick of the crappy cheap Windows laptops and I needed something better for my school PC.  I slapped in a new SSD for about $80 and this sucker screams with Linux on it.

Not sure how it would run with TAILS, but probably not bad.

If you can find one at a local used computer store, you could pay cash and there wouldn't be a paper trail.