Installation
To install Tails we need two flash drives. Why two? To understand what recursion is, you must first understand what recursion is. And Tails can only be installed using Tails. Download the ISO from the official website tails.boum.org. It is recommended to immediately check the image using OpenPGP; detailed instructions on how to do this are on the website. We write the downloaded image to the first, intermediate flash drive using Universal Usb Installer. After this, you can turn off the computer and boot from the flash drive. When the OS boots, you will need to insert the second (main) USB flash drive and select Applications → Tails → Tails Installer Install by Cloning.
If everything worked out, then the system is ready for use.
Media creation programs
Before installing Windows 7 from a flash drive on a PC or laptop, you need to create installation media with an OS image using a special program. You can't just copy the ISO file to a flash drive.
Media Creation Tool
If you are going to install Windows 10, use the official Media Creation Tool. Download it from the Microsoft resource, and in this case you will not need to search for and pre-download the OS installation image. To create an installation USB flash drive:
- run the utility;
- select for which computer you want to prepare an image - for the current one or another;
- mark the language, version and bitness of Windows;
- specify the media type – USB.
Beginning of work
After booting from a working flash drive, we will need to create a permanent protected partition, a kind of “hard drive on a flash drive.” This is done through Application → Tails → Configure Persistence.
We restart the computer and on the loading screen select Use Persistence and More Options, after which we enter the password for our storage.
Select the region from the menu at the bottom of the screen. This is important because Tor entry nodes depend on the region. This is where you should experiment. In my case, Denmark was the best choice.
In the advanced settings menu, set a password for programs that require administrator rights. You can install any one, it works within the session and does not affect anything else.
Keep in mind that the download takes some time, and then Tails will still connect to Tor for a few minutes. You can track the process by clicking on the Onion Circuits icon - the onion in the upper right corner of the screen.
After some time, Tails will inform you that it has successfully connected to Tor. By default, the network is configured so that all traffic will go through it. Now you can download everything we need for work.
PORTEUS
This is a “complete” distribution for removable media such as USB, CD, DVD, etc. The project is open source, and the OS itself is only about 300 Megabytes. The distribution consists of two versions: 32-bit and 64-bit.
Porteus has many great features, but the one thing that sets it apart from others is its modular system. With its help, users can enable the features they need and disable those they don't need on the fly.
- modular design, allowing users to modify and enable various functions at any time at their discretion;
- “Always Fresh” mode allows you to run the system without fear of modifying the computer from which it is booted;
- In addition to working with USB, it can be installed on a hard drive.
That's all! We remembered the best portable Linux operating systems on a flash drive. Check them first before making your choice. You can download the ISO image of any of them from official websites using a search by name. Thank you for your attention!
Additional software, saving files and settings
By default, Tails is not designed to save installed software, settings and files after the computer is turned off. However, the creators have provided the ability to store some data in a persistent partition. You can configure what exactly will be stored in the Settings → Persistent section.
Most of the menu items are obvious, so I'll focus on the last three. The second and third from the end are responsible for storing APT packages. Tails is based on Debian, so most of the software we need can be installed using apt-get. And although the programs themselves will not be saved when the computer is turned off, APT packages, with appropriate settings, will remain in the persistent partition. This allows you to deploy all the necessary software during the system boot process.
The last menu item Dotfiles allows you to create a folder with files in the persistent partition, links to which will be created in the Tails home folder upon download. It looks like this.
Here is an example of the file structure in a permanent partition.
/live/persistence/TailsData_unlocked/dotfiles ├── file_a ├── folder │ ├── file_b │ └── subfolder │ └── file_c └── emptyfolder
In this situation, the home folder will have the following link structure:
/home/amnesia ├── file_a → /live/persistence/TailsData_unlocked/dotfiles/file_a └── folder ├── file_b → /live/persistence/TailsData_unlocked/dotfiles/folder/file_b └── subfolder └ ── file_c → / live/persistence/TailsData_unlocked/dotfiles/folder/subfolder/file_c
Protecting data, throwing away the tail
Our persistent partition itself is already encrypted. However, it has a significant drawback: it does not provide plausible deniability of the presence of encrypted data. To provide plausible deniability, I will propose a solution that differs from the recommendations of the creators of Tails. Decide for yourself what to do.
The creators of Tails recommend using a cryptsetup based on LUKS. This program allows you to create hidden sections, but such a section is not completely hidden. As far as I know, it is possible to detect the header of a hidden section, which allows us to determine its presence.
I personally don’t like this hidden section. Therefore, I decided to use good old TrueCrypt version 7.1a. The TrueCrypt hidden section header is indistinguishable from random data and, to my knowledge, cannot be detected. It is better to store the TrueCrypt binary file here, in a persistent partition.
I will not describe in detail the process of creating a double crypto container; I will only note an important nuance. Since TrueCrypt's hidden section is truly hidden, even the program itself has no idea about its existence until you enter the required password. Because of this, when writing files to a false partition, the hidden partition may be damaged. To prevent this from happening, when mounting a false partition to record pictures of cats on it, you need to select Mount Options → Protect hidden volume when mounting outer volume.
Like a lizard that throws off its tail when in danger, we can now, if necessary, enter the password for a fake section and show everyone photos of cats instead of confidential information.
Communication
Now that we have secured our information, we can begin to transfer it, that is, to communicate. Let's start with Pidgin. It's great as an IRC client, and Tails has beefed it up a bit. The OS includes Pidgin with an installed plugin for the OTR protocol. It is he who interests us most. Avoiding complex mathematics, we can say that this protocol provides secure data transmission with the possibility of retraction, that is, it is impossible to prove that a specific message was written by a specific person.
Before you can start chatting with someone over OTR, you need to connect to an IRC server. It is very important to make sure that SSL is used. Tor encrypts traffic as it passes between nodes, but unless you use SSL, your traffic will be transmitted in clear text to the Tor entry node and from the exit node to the destination. Some Tor nodes are banned from IRC servers, so you may need to restart Tor. This can be done with the /etc/init.d/tor restart command.
After the connection to the server is established, select Buddies → New Instant Message.
In the dialog window that opens, select Not Private → Start Private Conversation.
You will be offered three options for authentication: enter the answer to the secret question that you discussed with your interlocutor in advance (in this case, you must enter the same answer, spaces and case are counted); enter a general “secret” phrase; check fingerprint - this is a forty-character sequence that identifies the OTR user.
Now you can correspond via OTR. But what about voice communication? Here, alas, not everything is smooth. Since Tails routes all traffic through Tor, it poses a number of challenges for voice communication. First, most VoIP programs use UDP, while Tor only supports TCP packets. Secondly, Tor is not very fast and packets sometimes arrive with a significant delay. So there may be delays and disconnections.
However, there is OnionPhone, a special plugin for TorChat. Mumble also works well, although this option is less secure. For Mumble to work through Tor, you need to launch it with the torify mumble command, and also select the Force TCP option in the program’s network settings.
OS on a flash drive: review of portable application management packages
It is convenient to use portable applications as long as there are no more than one or two of them. But with the increase in the number of such software, the need arises for quick access to all utilities and programs installed on the flash drive.
There are quite a large number of packages of this kind, and we have already considered the most popular of them. But progress does not stand still, and since then new very interesting products have appeared.
LiberKey 4.6
Freeware
Developer LiberKey.com
Website www.liberkey.com
Size 57–194 MB
Download address www.liberkey.com/en/download.html
Verdict
The LiberKey package is offered in three versions, differing in the set of pre-installed software: Basic contains 26 applications, Standard - 95 and the most complete Ultimate - 167. If none of them suits you (before downloading, you can familiarize yourself with the list of utilities included in each set), you should stop at the basic version and manually download the necessary programs from the catalog.
The LiberKey service offers free registration, after which the user gets access to an automatic update service for installed software (a really convenient thing) and technical support provided on the official forum.
The interface of the main window is more than ascetic, but the functionality is all right - the package is based on the open source platform ASuite. Applications are divided into thematic categories (and the user is allowed to add their own), there is a search by name, for each program you can set up a scheduled launch and specify a number of other parameters. In addition, all applications are accessible not only from the main window, but also from the context menu, called up by right-clicking on the LiberKey icon in the system tray.
PortableApps.com Suite 1.5.2
Freeware, open source
Developed by Rare Ideas
Website portableapps.com/suite
Size 1–124 MB
Download address portableapps.com/download
Verdict
The most famous package of this kind, PortableApps.com, continues to actively develop - for example, just the other day, Rare Ideas made its own format of portable applications open and offered tools for third-party developers to create installers of their programs for the PortableApps.com platform.
The package is offered in three versions - a clean platform without a single pre-installed application and two versions of a basic set of a dozen of the most common office programs (the Light version is equipped with a text editor, while the Standard version comes with the full-fledged OpenOffice.org office suite instead).
Until recently, the PortableApps.com Suite included only open source software, but now Rare Ideas has begun to offer other free, closed source programs.
The main menu looks very stylish, but the functionality here is basic - there is no breakdown of software into categories, there is no individual configuration and no automatic updates. We hope that version 2.0 (the third beta of which was released six months ago) will have more options for managing installed portable applications.
geek.menu 1.2.5.2
Freeware, open source
Developed by x0pherl
Website geek-menu.sourceforge.net
Size 5 MB
Download address portableapps.com/download
Verdict
PortableApps.com is a very interesting, but not ideal package of portable applications, so a group of enthusiasts decided to bring it to fruition, since Rare Ideas distributes its product under the open source scheme. So, geek.menu is a fork from PortableApps.com and offers significantly more functionality compared to its “progenitor”.
For example, geek.menu allows you to work with a flash drive encrypted using TrueCrypt - both launch applications from it and save documents, as well as create separate profiles for trusted and untrusted PCs. In the main menu, it is possible to group software into categories, which greatly simplifies work when there are a large number of installed programs. There is also a search bar that allows you to send queries to Google, Wikipedia and a number of other resources directly from the geek.menu menu. The appearance of geek.menu can be changed using custom themes.
geek.menu comes in one version - a clean platform without pre-installed applications. Since this utility is based on the source code of PortableApps.com, the format is the same, and when you select the Get more app menu item, the website portableapps.com/apps opens.
Lupo PenSuite 6.76
Freeware
Developed by Lupo PenSuite Team
Website www.lupopensuite.com
Size 2–200 MB
Download address www.lupopensuite.com/suite.htm
Verdict
Another package based on the ASuite platform - but, unlike the spartan interface of LiberKey, Lupo PenSuite looks more like a stylish PortableApps.com Suite. Interestingly, connoisseurs of minimalism can use the ASuite button in the main program menu to open the standard platform window, where only the background image is present among the decorations. The options also enable the use of the classic menu, in which clicking on the icon in the system tray does not show the main menu, but provides quick access to launch all installed portable applications or opens a standard ASuite window.
The package is offered in several versions: from basic, without a single program, to complete, including more than two hundred. It is possible to change the menu skin, the set of icons for application categories and install additional interface languages (Russian and Ukrainian are present). It is worth noting the possibility of automatic updating of both the package as a whole and each program separately - without any registration.
CodySafe 1.0.0.105
Freeware
Developer Codyssey
Website codyssey.com/products/codysafe.html
Size 2 MB
Download address codyssey.com/downloads/sw/CodySafe/CodySafe_Setup.exe
Verdict
The PortableApps.com platform is popular not only among users, but also among developers - proof of this is the next portable application management package built on its basis.
CodySafe comes in its pure form, without pre-installed applications that must be downloaded manually either from the official website of the package (where there are a little more than two dozen of them) or from other resources - like geek.menu, CodySafe is fully compatible with all programs from PortableApps.com , plus the developers suggest paying attention to other directories of portable applications like pendriveapps.com.
A distinctive feature of CodySafe is real-time anti-virus protection Viru-Sense and control over changes to the autorun.inf file. The official website mentions support for program categories, but it was not possible to find it - perhaps it will appear in future versions. It's also disappointing that the stylish interface is only available in Windows Vista and Windows 7 - Windows XP users will have to be content with the usual black menu without any frills.
