Difference between revisions of "Tails"

Jump to navigation Jump to search

Tails (view source)

Revision as of 15:27, 3 May 2020

5,236 bytes added ,  15:27, 3 May 2020
no edit summary
Line 12: Line 12:


See the [[Security]] article.
See the [[Security]] article.
== Links ==
https://www.techradar.com/how-to/how-to-make-anonymous-payments-with-bitcoin
https://www.reddit.com/r/SilkRoad/comments/1qtuy6/guide_for_the_pgp_tool_preinstalled_in_tails_with/
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/decrypt_verify/index.en.html
https://tails.boum.org/doc/about/openpgp_keys/index.en.html
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/public-key_cryptography/index.en.html
https://tails.boum.org/doc/encryption_and_privacy/gpgapplet/index.en.html
https://thebitcoinspot.com/articles/upgrading_electrum_on_tails
https://www.reddit.com/r/tails/comments/bpycyy/tails_faq_electrum/
https://www.reddit.com/r/tails/comments/89or42/is_it_safe_to_run_wine_on_tails/
https://www.reddit.com/r/tails/comments/33y7y7/how_to_install_gpg4win_on_tails/


==Security==
==Security==
Line 48: Line 23:
Tails is by design amnesic. It lives in RAM and does not write to any other drive unless strictly specified. However, it is possible to set up an encrypted persistence volume (for example, within the USB Drive where Tails is installed) to save user data. It is also possible to instruct Tails to automatically install some additional software from the persistence drive, to load bookmarks for the Tor Browser, keep GPG keys or to keep configurations data for other applications. It is important to note, that the encrypted space could be detected by forensic analysis and is not hidden like in the case of [[VeraCrypt]] which offers [[plausible deniability]] and therefore should not be distinguishable from random data.<ref>https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html</ref>
Tails is by design amnesic. It lives in RAM and does not write to any other drive unless strictly specified. However, it is possible to set up an encrypted persistence volume (for example, within the USB Drive where Tails is installed) to save user data. It is also possible to instruct Tails to automatically install some additional software from the persistence drive, to load bookmarks for the Tor Browser, keep GPG keys or to keep configurations data for other applications. It is important to note, that the encrypted space could be detected by forensic analysis and is not hidden like in the case of [[VeraCrypt]] which offers [[plausible deniability]] and therefore should not be distinguishable from random data.<ref>https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html</ref>


== Installation and use ==
== Installation ==
=== USB flash drive vs. SD card ===
=== USB flash drive vs. SD card ===
You can install Tails on a [[USB flash drive]] or an [[SD card]]. If you want to use a [[micro SD card]], you can use a [[micro SD card reader]] to connect it to your [[laptop]] or [[desktop]]'s USB slot.
You can install Tails on a [[USB flash drive]] or an [[SD card]]. If you want to use a [[micro SD card]], you can use a [[micro SD card reader]] to connect it to your [[laptop]] or [[desktop]]'s USB slot.
Line 63: Line 38:
=== Set USB boot ===
=== Set USB boot ===
On [[UEFI]] or [[BIOS]]'s settings, change the booting priority as [[USB]] should be the first.
On [[UEFI]] or [[BIOS]]'s settings, change the booting priority as [[USB]] should be the first.
=== Tor Browser's Advanced Security Settings...: Safest ===
There are Standard, Safer, and Safest. The default option is Standard. Change it into Safest.
* Standard
At this level, all [[Tor Browser]] and website features are enabled.
* Safer
This level disables [[website]] features that are often dangerous. This may cause some sites to lose functionality.
[[JavaScript]] is disabled on all non-[[HTTPS]] sites; some fonts and math symbols are disabled; audio and video ([[HTML5]] media) are click-to-play.
* Safest
This level only allows website features required for static sites and basic services. These changes affect images, [[media]], and [[script]]s.
[[Javascript]] is disabled by default on all sites; some [[font]]s, [[icon]]s, [[math]] [[symbol]]s, and [[image]]s are disabled; audio and [[video]] ([[HTML5 media]]) are click-to-play.
https://tb-manual.torproject.org/security-settings/


== Startup options ==
== Startup options ==
Line 188: Line 142:
:After starting Tails and connecting to a network, an assistant will guide you through the configuration of Tor.
:After starting Tails and connecting to a network, an assistant will guide you through the configuration of Tor.
* Disable all networking if you want to work completely offline with additional security.
* Disable all networking if you want to work completely offline with additional security.
== How to use ==
=== Tor Browser's Advanced Security Settings...: Safest ===
There are Standard, Safer, and Safest. The default option is Standard. Change it into Safest.
* Standard
At this level, all [[Tor Browser]] and website features are enabled.
* Safer
This level disables [[website]] features that are often dangerous. This may cause some sites to lose functionality.
[[JavaScript]] is disabled on all non-[[HTTPS]] sites; some fonts and math symbols are disabled; audio and video ([[HTML5]] media) are click-to-play.
* Safest
This level only allows website features required for static sites and basic services. These changes affect images, [[media]], and [[script]]s.
[[Javascript]] is disabled by default on all sites; some [[font]]s, [[icon]]s, [[math]] [[symbol]]s, and [[image]]s are disabled; audio and [[video]] ([[HTML5 media]]) are click-to-play.
https://tb-manual.torproject.org/security-settings/
=== GPG ===
==== Generate a pair of keys ====
Applications > Utilities > Passwords and Keys > File > New > PGP Key > Continue
* Full Name
Name must be at least 5 characters long. You can use your [[phpBB]] ID as your name.
* Email Address
Use random email address such as fjlt@jlg.goeri
* Comment
Write any comments.
* Encryption Type: RSA
* Key Strength (bits): 2048
You can change 2048 to 4096 for making it safer.
* Expiration Date
You can check "Never Expires" checkbox.
Passphrase for New PGP Key
Enter the passphrase for your new key twice.
Password:
Confirm:
==== Copy a public key ====
Applications > Utilities > Passwords and Keys > GnuPG keys
Click your pair of keys and "Edit > Copy". If you want to use your [[public key]] as your [[signature]] of your [[phpBB]] account, just paste it into the place for your signature.
=== Enable persistence ===
Without having persistence enabled, you won’t be able to save any data in Tails.
Under Applications > Tails, select Configure persistent volume. To use this option, your USB stick must have been created using the Tails Installer program. If you created your USB stick manually (as described above), you need to copy Tails over using another USB stick. The Tails installer is under Applications > Tails > Tails installer.
You will be asked to create a passphrase. Check out our guide on how to create secure passwords with Diceware in this book. Length is more important than complexity. You will be asked for this passphrase every time you start Tails.
You will also have to select which information you want Tails to remember. The less Tails remembers, the more secure you are, but you’ll have to remember more things yourself and set them up again each time you start Tails.
To seamlessly run all the features you will need in this guide we recommend selecting Personal Data, GnuPG, Pidgin, Network Connections, Browser Bookmarks, Bitcoin client, and Icedove.
Restart Tails with persistence and enter your passphrase. Remember that only the files in the folder named “Persistence” will be saved when you shut down your computer.
https://www.techradar.com/how-to/how-to-make-anonymous-payments-with-bitcoin
=== Set Up Electrum ===
The Bitcoin wallet is under Applications > Internet > Electrum Bitcoin Wallet.
[[Electrum]] is a lightweight [[Bitcoin]] wallet. That means it does not rely on its own copy of the blockchain (the immutable record of all Bitcoin transactions that ever took place), but instead relies on several other nodes.
Electrum screenshotA screenshot of the lightweight Bitcoin wallet Electrum.
To find out your balance, enter your Bitcoin address into a Blockexplorer.
For example, this is the Bitcoin address of the Edward Snowden Defense Fund:
1snowqQP5VmZgU47i5AWwz9fsgHQg94Fa
You can enter it into a Blockexplorer like Blockcypher (many more exist) to see its balance and all transactions associated with it.
Edward Snowden's Defense FundThe Edward Snowden Defense Fund in Blockcypher.
Create a new wallet by opening Electrum. A “standard wallet” will do fine. You will see 13 English words, which represent your wallet seed. This seed is more than just a password to your wallet. Anybody who has this seed can take your Bitcoins, so be careful about where you store these words.
To store your wallet seed words safely, you can create a new entry in your KeePassX database and paste them into the comment field, or you can write them on a piece of paper and lock it away. Either way, do not save it in a text file anywhere on an unencrypted drive.
Press proceed and enter your wallet seed into the next window, then choose a password, ideally by creating one with KeePassX. You will need this password every time you make a transaction.
Great! You can now receive and make Bitcoin payments. You can find your Bitcoin addresses and their balances under “Addresses.”
You can set up multiple wallets for your identity. You can create a new wallet for a single transaction if you so wish. Having separate wallets makes it easier to keep funds separate for accounting or privacy purposes.
https://www.techradar.com/how-to/how-to-make-anonymous-payments-with-bitcoin
=== Communicate via XMPP and OTR ===
[[Pidgin]] is a chat program. As anonymous email accounts are hard to come by, it might be easier to chat with your contacts using this tool. The only downside is that you cannot receive messages when you’re offline.
Pidgin is under Applications > Internet > Pidgin Internet Messenger.
Launch Pidgin. Add an account and choose [[XMPP]] as your protocol.
Pick a username, enter dukgo.com as the domain and pick a password, then tick the box Create this new account on the server. Close the window and connect to enable the new chat account in Pidgin. You may be prompted again to enter your username and password. Use KeePassX to create a secure and unique password.
PidginAdding a new pidgin chat account is as simple as a round of duck duck goose.
Your username@dukgo.com address can now be given out to your contacts. You will need to approve each individual contact before you can initiate a conversation with them.You have now set up [[XMPP]] chat (also called [[Jabber]]). Note: Even though username@dukgo.com looks like an email address, it is not an email address and cannot be used to receive messages while offline.
To chat securely, you need to use [[OTR]] encryption. Click on OTR > Start private conversation.
You can verify the integrity of the conversation by clicking on OTR > Authenticate Buddy.
The easiest way to reliably verify each other is to exchange each other’s fingerprints outside the chat. which you can see under Manual authentication. To share your fingerprint with other individuals, you can paste it into the signature on a message board, or publish it on your website.
https://www.techradar.com/how-to/how-to-make-anonymous-payments-with-bitcoin


== History ==
== History ==
Line 495: Line 579:
* [[phpBB]]
* [[phpBB]]
* [[IprediaOS]] ([[Ipredia]])
* [[IprediaOS]] ([[Ipredia]])
* [[IBHost]]
* [[Cryptocurrency]]
:* [[Bitcoin]]
::* [[Bitcoin Core]]
::* [[Electrum]]
:* [[Monero]]
:* [[Cryptocurrency exchange]]


== References ==
== References ==
Kona
16

edits

Retrieved from "http://hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion/index.php?title=Special:MobileDiff/29373"

Navigation menu