This is a very important post.  Please do your part to share it with all the God-fearing Liberty loving people you know, there are several sharing links at the bottom.  Tool such as TAILS have to get out there, and we have to know how to interact with the Internet more anonymously and securely. JJS over at RFR has a segment on his podcast called “If you see something say something.”  It is a way for anyone, but especially Patriots who are already embedded all over the regulatory, surveillance police state to let other patriots know what is happening.  Share with us those Power Point slides comparing Christians to Islamic terrorist, comparing Constitutionalists to White Supremacist.  Well, how do you do this, without getting burned, loosing your job and no longer being effective?  Well one way is to learn how to upload files and information to the web more anonymously using TAILS.

This week with the help of a guest poster who calls himself Not Telling, we will show you how to use TAILS to be a safer whistle-blower.  TAILS was specifically designed after several major news outlets sources were burned because the government hacked into the reporters computers to find out who was sharing information with them.  “With Tails”, say the distro developers, “we provide a tongue and a pen protected by state-of-the-art cryptography to guarantee…basic human rights and allow journalists worldwide to work and communicate freely and without fear of reprisal.”  TAILS implements most open source technology that I know of to help you be as anonymous as possible. It has SSL Everywhere, it uses a version of Firefox called Ice Weasel.  It defaults to the use of TOR and allows the use of I2P.  It is very careful not to use your computers hard drive for any thing and does everything in memory.  If you want to work with files, you must use a USB thumb drive to save them too.   No system is perfect, just because you have plastic gloves doesn’t mean you don’t think about the 10 OPSEC Commandments, or all the other stuff we have shown you and add in all the stuff you already know (your own grey matter).  However again, we the American Redoubt IT guys (AmRD) are introducing the God-fearing Liberty forces to tools that you can use to fight your own Liberty Operation or communicate more anonymously.  The following information is true to the best of my knowledge as of the date of publish.

TAILS:  A Short Introduction

Guest Post by user Not Telling

What is TAILS and why should I care?  TAILS is short for “The Amnestic Incognito Live System. It is actually a host of tools to help you remain anonymous.  It runs on Linux, but uses a nice GUI so you will have to click around in it to figure out how to do things.  It has a free version of Microsoft Office called Open Office.  For those of you already familiar with TOR,  TAILS also mates TOR mated with a read only DVD what we call a “live CD” or USB that boots and runs your system under a special secure and anonymous version of Debian Linux operating system called Amnestic.  Bard adds: TAILS is basically a “throw away” operating system.  One of the things that has been exposed, time and time again is that “…adversaries with global reach…” track computer use in a myriad of ways.  Often they will put tracking cookies or markers on your computer, loaded from websites you visit.  There has been a documented case of this happening to Survival Blog users.   These then “report back” everywhere you go on the Internet.  This is one way TOR can be circumvented.  If your computer is already compromised (we call it “owned”) then nothing else you do can keep you secure.  A house built on sand…  Once they have a tracking cookie or hackware on your computer they can then build a very expansive history of your Internet activities.  TAILS goes a long way to preventing that.  James Rawles suggestion on disabling cookies is “old school” and will not work against any decent hacker, since half the time we don’t use cookies.  I have already showed that VPNs are only useful in protecting your anonymity if the VPN operator is willing to go to jail to for you.  They are not. Here is the story of hacker named Cody Krestsinger known online as Recursion now in jailed and tracked down through the UK based HideMyAss VPN service because he defaced a FBI website.  Do not trust VPN services.  Part of the answer to this ungodly, unconstitutional, unethical behavior is TAILS and TOR.

TAILS is a “read only” operating system (OS) that works from a DVD.  This is critical.  TAILS is booted from a read only DVD (your throw away media) and only operates in RAM, it does not interact with your hard drive at all, actually it is specifically prevented from doing so.  Thus when you power your machine down, every thing you do goes away.  And this is important.  You must power down, and hopefully keep your computer out of anyone’s hands for at least 2 minutes (120 seconds).  We have become aware of a tactic where “adversaries” attempt to capture your computer quickly and then deep freeze the memory to try to later at the lab pull data (history, passwords other connections) from the RAM memory of the computer.   They call it a “Cold Boot Attack.” This is why they “rush in” to seize computer equipment some times.  This is why TAILS tries to protect you, but you must shut it down, and hopefully keep it out of their hands for 120 seconds while your RAM cools.   TAILS Operating System does nearly every thing that is possible to remove any history of your activities.  It actively wipes RAM, it stores nothing.

One reason TAILS uses a bootable DVD, is that you can slip it into your work computer (or another computer), get on the Internet. You then can get on the Internet using Firefox with SSL everywhere, through TOR anonymous service and every other open source anonymity solution they can think of.  Do what you need to do like post information that you want to share with patriots.   Then you “shutdown” your computer, TAILS will do every thing it can to wipe memory and it even automatically ejects the DVD to remind you to take it.  After you have done what you need to do, you can then boot back to your normal computer.  If you want to kick it up a level, shred the DVD with tails on it.  That is why I call TAILS plastic gloves for Internet use.

You should care because:

1. A program is only as secure as its operating system.  A house built on sand will not stand.  They are infecting our computers, the basic operating system and thus every thing else we do is suspect.

TAILS appears to be well-designed software.  It is open source which means its source code is posted on the Internet for any hacker to look through.  A broad assumption is that open source software is vetted for “back doors” and that discovery of one would lead to the alarm being raised and an immediate rewrite of the code, so far this hasn’t happened with TAILS.  Windows and other commercial operating systems are another matter.  We don’t have the source code and we don’t know what may or may not be built into them.  The Summer of Snowden suggest that certain “…adversaries with global reach…” have a broader reach into American companies than previously considered.  Using TAILS makes it less likely that your communications and data may be compromised by the operating system.

2. You don’t know what your computer is doing behind your back.

Or, more to the point, what certain types of code may be doing to your computer.  Suppose you visit a site or download a video clip for later viewing.  Without your knowledge, visiting that site or viewing the clip may install code on your machine that can leak identifying information. When you run TAILS, especially off a live CD, an attacker has a considerable challenge.  First, TOR is very particular about denying certain things that may leak data, like JavaScript, Flash and others  and second, it is much harder to write malicious code for an operating system of a machine that’s running from a read only CD (live CD).  Even if it does, when you power cycle the machine, because it runs from a read only CD, every thing is wiped.  No passwords, no Internet history, no documents.  If you want to store documents you must store them on a separate encrypted thumb drive.   It is still possible that malware could find its way into memory.  To prevent this, TAILS wipes the system memory with each reboot.  You will notice that the Linux-based TAILS does not have a virus scanner.  It doesn’t need one, just reboot and you back to “known good.”

3. TAILS leaves no trace.

Once you shut down your machine and remove the CD or USB, that’s it.  The system memory has been wiped and the machine is, for all intents and purposes, exactly as it was when you booted to TAILS.  If you booted with a live CD or USB and saved any downloads to another USB, you walk away with everything that occurred during your login session.  Whatever you did is on the USB, not somewhere on your hard drive.  Bard adds: This is true, however note my caution of the Cold Boot Attack above.

4. TAILS can work around certain firewalls.

I’m not saying this is ethical behavior, but I know of instances where TAILS can circumvent certain firewalls that deny access based on key words.  (For example, a search for “current price Glock 27 pistol” may run straight into a firewall and raise a flag at IT headquarters.)  Because the browser in TAILS (“Iceweasel”) always connects directly to TOR via an encrypted link, your browsing habits are kept private.  I would not abuse this.  If circumstances required a short, emergency message to be sent through a firewall, that might be one thing.  Using TAILS at work to download hours of porn videos is going to get IT wondering what is going on with the bandwidth usage of that machine.  Internet use is an expensive commodity.  Don’t take what isn’t yours.

5. TAILS is preloaded with security tools.

LUKS (a Linux-based successor to TrueCrypt), OpenPGP, Pidgin (an anonymized Internet Messenger) and Nautilus Wipe (a secure file deletion program) are a part of TAILS. Please read the following regarding the future of TrueCrypt under TAILS. Bard adds:  I like TrueCrypt it is going through its audit, it has publicly survived multiple attempts by the “powers that be” and thus I trust it to a certain degree.  We will introduce this Data At Rest encryption in future American Redoubt Darknet series.

Are you saying TAILS is completely secure?

This is a “must read”:  What TAILS does not protect you from.  Far from it.  I’m saying it’s likely to be more secure than various flavors of Windows or MacOS commercial software, but that’s highly relative. Debian Linux contains thousands of lines of code.  It’s quite possible that somewhere in the midst of that there’s an accidental or intentional flaw that could leak your information.  Because it hasn’t been discovered, doesn’t mean it isn’t there.  However, would you rather trust open source software that can be freely examined by anyone or proprietary software peddled by companies known to cooperate with certain “…adversaries with global reach?”  Think of it like plastic gloves, they are not magic, but basically they are required for most operations.

Where do I get TAILS and what does it cost?  It’s free.  Get it here:  Try it out.  I prefer to run a live CD (some older machines have problems booting from USBs).  Download it and follow the instructions on the site and you should be up and running in no time.  Bard adds:  I tried for a long time to get TAILS working on a bootable USB device.  I could not do it as newer computers have “protection from running other operating systems” not registered with “them.”  The newer computer I tried it with uses Unified Extensible Firmware Interface (UEFI). UEFI offers new features such as faster startup and improved security, and was designed to replace BIOS (basic input/output system). However there is nearly no problem booting from your CD drive.  It is interesting that the major computer makers are busy removing CD drives from newer computers and making it harder to boot from CD drives.  I mean, I am sure that is just coincidence.  It does not matter any way I like using older computers for this as TAILS takes up minimal computing resources.

This is all very interesting, but why should I trust you?  You shouldn’t.  Ever. To paraphrase Nock, “You do not know and will never know” who I am.  You should assume the worst and prove to your own satisfaction that TAILS works as it should.  I’m just a disembodied voice on the Internet, broadcasting “in the blind” to a certain Remnant.  Bard adds:  This goes for everything you read here.  We are introducing concepts to you, pray, do your own research and then make your own decisions.  Trust no one Rule #3 of the OPSEC Commandments.

Now how did we do it?  We downloaded the TAILS ISO image from their website.  From what I can tell this one step in the process that is potentially corruptible.  I am sure there are people who are trying to prevent us from downloading the true and correct version of TAILS.  That is why they have so much information on methods to “verify” you got the right version of TAILS.   Now when creating your bootable read only CD, you need to burn the ISO image.  If you don’t know what that means it doesn’t really matter.  It means that the “format” of the file is set up to more easily burn to a DVD and be run from a DVD.  It is too large for a CD (I tried), you need a DVD-R, a DVD that you can write to once.  When I burned this using Windows 8 (and I believe Windows 7), I just “right clicked” on it to say “”burn ISO image.”  This “finished” the DVD for me.  Then you put this into your DVD drive, shutdown and reboot.  Ensure your computer is set up to “boot from DVD first” which is often in your BIOS.

What happens is as our computer “starts to boot” it looks first for a DVD.  It will then fire that up and load TAILS.  TAILS looks like Linux, but with a pretty graphical user interface (GUI).  The entire system is designed to help you stay anonymous, they also include security.  As we have presented multiple times, it is much more possible to stay anonymous than secure.  It uses a special version of the Tor Browser Bundle built by yet another 3rd party and they call it Ice Weasel, as true hackers have a sense of humor, get it Fire Fox, Ice Weasel.  Since the hackers are adding value Firefox seems supportive of their efforts.  The Ice Weasel appears to have all of the protections of the TOR Browser Bundle (TBB), including No Script, Adblocer, HTTPS Everywhere and most importantly it defaults to use the TOR network.  It has many other tools you will have to play with one of the more important ones being Air Crack Next Generation.

After you have a OS that has most of the commonly used anonymity turned on by defaults, boots from a read only CD, that works only in the computer memory or RAM, why is Air Crack NG so important?  Well see, Air Crack is an “…802.11 security auditing tool…”  See it “..audits” 802.11 WiFi wireless.  It does this by automatically  finding any “open WiFi.”  Open WiFi is an 802.11 system is “free” to use and requires no passwords.  You often find them at hotels, coffee shops and even some homes.  You do realize you do not have to in the house for you to jump on someone’s WiFi.  However Air Crack NG goes one better it can “audit” or automatically hack any WiFi system  “…using common methods to hack WiFi…” you know, so you can “ensure your WiFi is secure.”  Get it? 

In the 10 OPSEC Commandments review rule #8  we talk about not operating from your home and keeping your home contraband free.    I mean an enterprising person might just drive around with the Air Crack NG on and note the open wireless networks they can reach, and then they use one of those open 802.11 networks later when  they need to do something truly Deep, like send out operational instructions, or alert people of illegal road blocks.  When using TAILS, TOR and a random open WiFi it will really minimizes any contraband that connects you to any Internet related Liberty Operations.

Another neat feature is TAILS Windows camouflage mode.  TAILS will make itself look just like Windows XP just in case someone is walking behind you at a coffee shop.  It even makes Ice Weasel look like IE.  It is a good “attention to detail” that normally shows decent design.

Here are some limitations of TAILS I have not been able to find a way around. Fist is a small thing, When I had disabled or re-enabled my wireless I had to reboot it to get it to recognize it.  Also I found you cannot use this behind any type of Proxy server, which I assume is good.  Proxy servers look at all of your traffic.  Also TAILS is not a replacement for your normal operating system.  It has many limits built into it to keep you more anonymous and thus intentionally limits its functionality.  You will not be viewing movies, it stores no passwords, it doesn’t have real Microsoft Office, just a fairly basic knock off.  TAILS is design to allow you to get on the Internet, do stuff and then get back to your normal, insecure operating system (OS) which most likely has been completely hacked and is reporting everything you do, and everyone you communicate with.

The AmRD is part of our attempt to help people stay connected now and in times of problem.  TAILS is a core part of that.  A method of booting any old computer from the CD drive, in the most anonymous method possible we know of.  Logging on, using chat boards to talk and then tearing it down.  This could be very useful.  I (we) strongly encourage you download TAILS, and practice with it now. If you need help talk to your local computer guy or Tribe member who is in charge of communications and learn how to use TAILS.  If you don’t have one, use the Tor Browser Bundle (TBB) and post questions here and we will do our best to answer them.

This is re-posted from Survivalblog and I think it is appropriate for the entire American Darknet (AmRD) Project.

Our Liberty is Stake

I want apologize for the cost, inconvenience and time required in implementing the foregoing security measures. But you can sleep a little better, knowing that you’ve added a layer of anonymity to your Internet presence. We need to recognize that the early 21st Century is a delicate time for individual liberty. Technology is leapfrogging while at the same time databases are filling at an alarming rate. These databases could provide dossiers on demand, for nefarious purposes. How you vote and how you “vote with your feet” (physically or virtually) are both of tremendous importance. Pray hard. Choose wisely. Act accordingly.

As usual, if you would like to help out on the AmRD project, please email.   If you see any part of this, that is not accurate or can improve this please comment below and I will fix it.