Privacy OS discussion based on Snowden recommendations

This thread is about computer privacy at the OS level which as many of you know is the most important level of PC communications privacy for the end-user. As many of you are aware Edward Snowden has in the recent past made some suggestions with regard to his OS preference when in communications with journalists. The first of which was the portable or Live USB OS called TAILS which is a portable Linux distro that many in the journalist community use to keep sources and methods of obtaining information private. This has obvious utility in the profession of conflict journalism.

The more permanent and persistent OS Snowden mentions is the Qubes OS which requires a permanent installation on a capable and compatible device. I for instance am running Qubes OS on one of my laptops I use for my security consulting business. I also keep a USB drive with TAILS hidden in my go bag and other places. It is a burn-on removal type of system so someone finding this drive is not critical but presents an inconvenience to me so I secret them for any emergency or privacy-enhanced uses I need them for.

If you have some experiences using these OS distros please contribute your experiences.

originally posted by: machineintelligence
The more permanent and persistent OS Snowden mentions is the Qubes OS which requires a permanent installation on a capable and compatible device...

If you have some experiences using these OS distros please contribute your experiences.

I tried installing Qubes but it didn't work. I think it requires TPM which your laptop probably has but I don't think my computer has it, so I'm guessing that's why it didn't work.

Veracrypt doesn't seem to think TPM really does anything useful and it could have some downsides, by providing another avenue for attacks (some of which have been demonstrated). This is what Veracrypt says about TPM:

www.veracrypt.fr...

Some encryption programs use TPM to prevent attacks. Will VeraCrypt use it too?
No. Those programs use TPM to protect against attacks that require the attacker to have administrator privileges, or physical access to the computer, and the attacker needs you to use the computer after such an access. However, if any of these conditions is met, it is actually impossible to secure the computer (see below) and, therefore, you must stop using it (instead of relying on TPM).

If the attacker has administrator privileges, he can, for example, reset the TPM, capture the content of RAM (containing master keys) or content of files stored on mounted VeraCrypt volumes (decrypted on the fly), which can then be sent to the attacker over the Internet or saved to an unencrypted local drive (from which the attacker might be able to read it later, when he gains physical access to the computer).

If the attacker can physically access the computer hardware (and you use it after such an access), he can, for example, attach a malicious component to it (such as a hardware keystroke logger) that will capture the password, the content of RAM (containing master keys) or content of files stored on mounted VeraCrypt volumes (decrypted on the fly), which can then be sent to the attacker over the Internet or saved to an unencrypted local drive (from which the attacker might be able to read it later, when he gains physical access to the computer again).

The only thing that TPM is almost guaranteed to provide is a false sense of security (even the name itself, "Trusted Platform Module", is misleading and creates a false sense of security). As for real security, TPM is actually redundant (and implementing redundant features is usually a way to create so-called bloatware).

TAILs sounds like great software for Snowden to use. If I was a whistleblower, that's what I'd use too, but, not being a whistleblower, I don't usually have a need for it. I did play around with TAILs a bit, but it seemed to have amnesia by design which I guess is good for security, but not so good if you're trying to find your way back to a website.

a reply to: Arbitrageur
I get your critique but verycrypt puts out some elements that are unlikely outside a very active spy confrontation including attackers on the ground with access to the target device. Not something I am too worried about myself but I get it from the perspective of a spy movie. I like this bit from techradar about Qubes.

Qubes has established itself as arguably the most popular security-centric distro. It works on the principle of Security by Isolation and makes intelligent use of virtualization to ensure that malicious software doesn’t infect other parts of the installation. Qubes uniquely isolates several essential elements of the operating system inside different virtual machines, called qubes. An individual instance of an app is restricted within its own qube. Thanks to this arrangement you can run Firefox in one qube to visit untrusted websites and another instance of the browser in a different qube to transact online. A malware ridden website in the untrusted qube will not affect the banking session. Thanks to its radically different approach, Qubes does have a learning curve. However it isn’t abrupt enough to prevent you from using the distro like a normal Linux installation. Qubes is based on Fedora and uses the Xfce desktop environment. But instead of a list of apps, its application menu lists several qubes such as work, personal, untrusted, each of which rolls the individual apps inside them.

I am also looking at Linux Kodachi. I have no experience with it yet but I have some systems, not in use, I will be putting a persistent build on to give it a look-see.

www.digi77.com...

a reply to: machineintelligence

Good luck with anonymity in this information age anyroad.