Tales of Tails

Micah Lee of the Freedom of the Press Foundation has a nice article out about security in these days of the Panopticaon.

He points out the necessity of using open source software, since it much more resistant to subversion. He provides links to such software as Tor, OTR (encrypted chat client), PGP (encryption for mail and other uses) and an operating system designed for anonymity called Tails. Towards the end of the article he outlines a method for a privacy seeking group to install and configure the software he describes. This last section is, to my mind, the most valuable part of the article, and I shall return to it later. First I want to talk about Tails.

Bruce Schneier and others have recommended using completely separate hardware for confidential communication. The reason is that a system which is used for general web browsing or to run untrusted applications (including any closed source from US corporations) cannot be trusted not to leak data to eavesdroppers. Therefore for confidential use a separate system is best, a system which uses only trusted software.

Tails is an alternative for those who have not the budget for two separate sets of hardware, or are limited due to other constraints. Untrusted software normally running on the computer is bypassed. A trusted system is booted from a DVD or a USB drive and does not have to use any part of the untrusted software and disk. Confidential data such as private keys are stored on a separate removable medium like a USB drive, which is much easier to carry and safeguard than an entire computer system. disk. Of course, if the USB stick with private data is compromised you are screwed. So guard it well.

To return to Micah Lee's article, the outline for a group to set up private communications is briefly as follows. The group meets face to face, each with a laptop and USB drive. The software is downloaded and DVDs are made, and booted. Each person registers with a mailserver and chatserver using fresh accounts through the Tails system. Each person generates their own keys to control encryption and shares their public keys with the rest of the group. Thus the members of the group can encrypt their communications and be reasonably certain of the identity of their correspondents.

Read the whole thing: The article is available at https://pressfreedomfoundation.org/encryption-works

Back to Index Page