Monday, 21 August 2017

What is Tails? How Tails is different from Tor? Benefits of using Tails over Tor?

What is Tails?


In Simple words- “Tails is a Debian GNU/Linux based free Operating System” designed to be used from a USB Stick or a DVD, that aims to preserve your privacy and anonymity. 

Basically, Tails relies on Tor networkà


·        All the software’s on Tails OS are configured to connect to the Internet through Tor.
·        It will automatically block’s the connection if an application tries to connect to the Internet directly.
·        Because Tor is and distributed network that’s why it helps us defend against traffic analysis from somebody watching your Internet connection. But Nation State Actors like Govt. Security Agencies still can compromise your Anonymity by many ways i.e. Malware, DNS Leakage, Tor Traffic Analysis. 

Attacks vectors of Torà

·   Malware- Even if you use Tor to go to the Internet, the Security Agencies can compromise the Tor web server, Tor services (Tor based website’s) and when you go to these servers you can easily download Malware that will infect your computer with some kind of spyware, and the idea is when you are doing whatever you do on Tor network, this spyware is logging that data locally and then what happens is, when you drop of the Tor network it will then beacon that information with those Agencies and say exactly who you are and where you have been.
"Security is not only about encryption and hiding IP address but it is also about preventing software from installing on your computer."

·      DNS Leakage-  When using a privacy service like Tor, it is important that all the traffic originating from your computer is routed through the anonymity network. If any traffic leaks outside of the secure connection to the network, any adversary monitoring your traffic will be able to log your activity.

By default, your computer uses your ISP’s DNS to resolve IP Addresses, so make sure using SOCKS proxy option in Firefox or use full Tor bundle which uses this option by default.

Some of the ISP’s are now using “Transparent DNS Proxies”, using this technology they can force you to use their DNS service even if you have configured your DNS settings to use OpenDNS, Google DNS services.

Adrian Crenshaw talks about "how people got caught using Tor" at DEFCON 22



Benefits of using Live CD such as Tailsà They can pre-configure your Operating Systems so that there is no Leakage i.e. DNS Leakage and it spoofs (keeps changing) your IP address and MAC address.     


And the most important thing is- you should not be using Tails OS on any Virtual Machine software. Because either your host OS or your VM software can monitor what you are doing in Tails OS.

But still your Anonymity is not guranteed from “Nation State Actors”, if these agencies can compromise enough node on Tor network, then they can compromise both your entrance node and exit node. And then they can do MITM attack on your exit node to see all the data that’s getting pulled, and if they can also control enough nodes, then they can match the data flow i.e. what’s going to the exit node and what’s coming out of the entrance node, Then they can say that this entrance and exit node corresponds and they know that the IP address connected to the entrance node is here, so then they can match that IP address to the entrance and exit node and now they can see all the data going back and forth. 

1 comment:

Basics of Blockchain, Bitcoin, Cryptocurrency, Mining. Security in Blockchain and possible attacks against Blockchain? Use of Blockchain in Real life?

·        Blockchain What is Blockchain? Definition à   Blockchain is a consensus based secure Decentralized Public Database ...