Jump to content
Not connected, Your IP: 34.200.248.66
bigbrosbitch

TAILS How To: High Endpoint Security

Recommended Posts

Using TAILS properly to communicate anonymously is easier said than done.*

* Note: I still think One-time Pads hiding secret ciphers in on-line forum posts (or similar) is the most secure and fully deniable method for communications, however, this is certainly not convenient or practical for most circumstances. Also, this is over-kill for 99.9% of the population. However, if the OTP concept is shared widely, the Global Gestapo will be wondering whether secret messages are hidden all over the place - increasing their fruitless searching and computational crunching by several orders of magnitude.

For instance, it is entirely feasible that I may have hidden several ciphers in this post for instance, and theoretically could be communicating with one or more persons. Indeed, the sender can potentially achieve one-way message authentification in this manner (a forum post that remains unedited)....

Tails WorkFlow for High Endpoint Security**

** By Micah Lee of The Intercept and Freedom of the Press Foundation
 

To get started having private communications with your friends and colleagues with very high endpoint security, here are the steps you need to take.

    Meet up with your friends face-to-face. Each person should bring their own laptop and USB stick.

    Download and burn a Tails DVD. Boot to Tails and create Tails USB sticks for each person.

    When everyone has a Tails USB stick, each person should boot to Tails on her own laptop and configure a persistence volume on her USB stick. Since this volume is encrypted, each person should come up with her own secure passphrase that she will need to enter each time she boots to Tails. Everyone should reboot their laptops into Tails again and this time mount the persistent volume.

    Each person should create a new pseudonymous Jabber account. One way to do this is to go to https://register.jabber.org/ in Iceweasel. Since Tails makes all Internet traffic go over Tor, this is effectively making an anonymous Jabber account.

    Each person should open Pidgin and configure it to use their new Jabber account and create a new OTR key. Everyone should add each other to their buddy lists and start OTR sessions with eachother. Since everyone is in the same room, this is the perfect time to compare fingerprints and verify the identity of all parties so that you'll able to communicate securely over the Internet in the future.

    Each person should create a new pseudonymous email address as well. Some email providers, such as Gmail, make it very difficult to create new accounts while using Tor and staying anonymous, so find another email provider to use instead. Make sure your email provider supports IMAP (so you can use a desktop email client) over SSL (so your email client uses encryption when communicating with the email srever). If everyone chooses the same email provider, sending emails between accounts should never leave that email server, which reduces the metadata about your email usage available to anyone conducting dragnet surveillance of the Internet.

    Each person should generate a new PGP key for their email address. Like with disk encryption, it's important to choose a strong passphrase when generating a PGP key.

    The PGP-enabled email client that comes with Tails is called Claws Mail. Each person should configure Claws Mail to use their new email address, and then email a copy of their public key to all other people in the room.

    Each person should import everyone else's public key into their keyring, and should manually verify the PGP fingerprints. Don't skip this step. In the end, each person should have a keyring containing signed keys of each other person.

If a malicious attacker physically steals your Tails USB stick, modifies it, and gives it back, he can compromise all of the security of Tails. For this reason, it's important to keep your USB stick with you at all times.

Had CIA Director and retired four-star general David Petraeus and his biographer Paula Broadwell decided to use Tails, Tor, OTR, and PGP, their extramarital affair likely would have remained secret.
 


Additional considerations:

What Micah didn't mention in this particular article above is the necessity to also disguise your writing style (under his scenario) so that you cannot be identified by certain obvious patterns. This is particularly true if using email providers that scan your shit e.g. G-Mail.

 

Even if you are "Mr Robot" on-line, if any of your communications can be ripped from email servers or otherwise intercepted e.g. the provider is part of PRISM, then the great Eye of Sauron will be intently poring over your material if it is of interest and doing everything to work out who you are.

That is, even if you go to great lengths to disguise your on-line persona and achieve full or near-anonymity (no stuff-ups along the way - not easy), you can easily reveal your identity via typographical and dialectical style, spelling, pronunciation and grammar.

Another obvious case where you place yourself at risk would be a release of risky 'manifestos', controversial/critical texts slamming authoritarian/military governments, your favourite drug recipes you publish on the darknet, advocating for multi-party democracy in tinpot dictatorships (or whatever else is your fancy), which are all published under a pseudonym.

Yes, truly being anonymous is a real bitch, but wholly possible.

 

You should also NOT share any personal information with your secret readers/fanclub/secret cabal of conspirators e.g. dodgy darknet forums.

Many an egotistical hacker, drug peddler and so on have been undone by their own hand e.g. letting slip references to the weather, their backgrounds, habits and so on, which can uniquely identify them when cross-referenced by forum/email/other comms date and time stamps over a long enough period.

"Loose lips sink ships"

As a counter to true anonymity, this forum post is a perfect example of a non-anonymous communication, for I am fully aware that the author (me) is EASILY identified by the local Stasi. Why? Because I have not used washed bitcoins or a host of anonymising session, network and other measures when setting up this account, nor have I adequately separated personas when using it. Nor have I used measures to disguise my writing style.

But luckily I don't give a shit.

However, it might really matter for some of our AirVPN users, for example, those pushing for multi-party democracy or fearlessly reporting the actions of in hostile tin pot dictatorships.

The Hidden Wiki provides some good pointers for anonymous writing. Fail to heed this at your own peril if you are a serious activist or similar.


Guidelines


 

Typographical Style

    Number lists according to the format in this document. Include the dot at the end of every item number. If this list is not read on a wiki, the format is “1. Item”.

    If the document's author must be identified, write their name under the heading without the word ”by”, like in this document.

    Separate sentences by one SPACE. TWO spaces is a rather obvious, older, minority typing convention.

    Keep the length of noun clusters shorter than three words.

    Keep sentence length shorter than twenty words (procedural sentences) or twenty-five words (descriptive sentences).

    Separate paragraphs by one clear line with no indenting.

    Use short paragraphs, of no more than six sentences, to group related ideas together.

    Use the English forms of measures, numbers, money, days, months, years, clock time, and international words; e.g. Date/Time: 20 May 1972 at 21:00.
    If conditions are applicable, start the sentence with them.


Dialectical Style

    Do not use BIG WORDS, even when a few big words might actually shorten an otherwise long sentence that is made up of many small words. Fewer words are known by more people. Use the Basic English, Voice of America Special English or Simplified Technical English vocabulary and grammar as much as possible. (www.online-utility.org/servlet/english/BasicEnglishServlet)

    Use THE articles, “a”, “an” and “the”, wherever possible.

    Use simple verb tenses (past, present, and future).

    Do not use expressions or sayings that are used in any specific geographical region only. “Our proverbs lie too close to home”. Also, “one man's proverb is another man's confusion”.

    Do not use contractions, like “don't”.

    Avoid slang and jargon.

    Do not use non-English words.

    Should rhetorical questions ever be necessary? DO NOT USE RHETORICAL QUESTIONS. Use only commands or statements instead. However, proper, non-rhetorical questions, to which the answers are not obvious or implied, may be asked.

    USING “-ing” participles or gerunds is strongly discouraged (unless as part of a technical name). Rather USE the root word.
    USE active voice. Passive voice MUST NOT BE USED.

    Do not begin sentences with “and”, “or” or “but”. HOWEVER, use “also” or “furthermore”, “alternatively”, and “however”, respectively. FURTHERMORE, never start a sentence with an abbreviation, e.g. “FOR EXAMPLE, start a sentence with the words 'For example' rather than with the capitalized abbreviation 'E.g.'.” Alternatively, consider a different word order.

    When referring to an example, do not use the words “an example”, but rather something better, FOR EXAMPLE “e.g.” (“example given”).
    IN STEAD OF using “in place of”, use “in stead of” instead. (Note the spaces in “in stead of” as opposed to “instead”. Also note specifically the respective contexts within which each is used. “Instead” is never followed by “of”.)

    AS LONG AS the phrases “as long as” and “such that” are used SUCH THAT “so long as” and “so that” are replaced by them, then a greater degree of anonymity might be achieved and maintained.

    EveryONE will notice when someONE uses “anybody” in stead of “anyONE”. No-ONE will be able to identify anyONE by their writing style when everyONE uses “someONE” in stead of “somebody”, etc.

    “THEIR 'theirs' and 'theres' are not THEIRS to mix up THERE. THEY'RE all of ours, for unambiguous interpretation.” (“Their” indicates possession. “ThERE”, similar to “hERE”, is an answer to “whERE?”. “They're” is a contraction of “they are”, which must not be used in any case.)

    IF a comparison is made between things, THEN it is better to use “than” THAN “then”.

    The minority-used "different than" and the majority-used "different from" differ FROM each other, and are therefore different in that the former reduces the anonymity offered by the latter.

    It must be remembered NOT TO SPLIT "two infinitives" by inserting another word. Rather use the applicable word before or after the infinitive, e.g. “It is possible for a writer STILL to be identified ...” in stead of “... to still be identified ...”.

    There is not ANY MORE time left to use “any more” as a reference to time, ANYMORE. Just like “anymore” has never been used as a reference to quantity, ever.

    ANY WAY a person might think of it, “anyway” must never be used in reference to different possibilities, just like “any way” is ANYWAY never used as an indication of general applicability.

    FURTHER, to extend these guidelines, 'farther' refers to an increase in physical distance. “Further” refers to an extension of abstract concept.
    Avoid first, second and third person references as much as possible. Only use the first and third person plurals where it cannot be avoided: “we”, “us”, “our”, “ours” and “ourselves”; and “they”, “them”, “their”, “theirs” and “themselves”, respectively. Never use the second person singular or plural “you”, “your”, “yours” and “yourself” or “yourselves”. When a second person singular reference cannot be avoided, use “one”, “one's” and “oneself” in stead of “you” etc. When referring to a general singular person, it is quite appropriate to refer to THEM in the third person plural in stead of referring to him/her by means of such duplicating male/female slash forms.

    Use words, such as “probably”, “possibly”, “maybe”, “perhaps”, “could”, “should” etc., that refer to possibilities only, as little as possible. State verifiable facts, referring to independent, authoritative, reputable source material. Avoid speculation or theorizing.

Use American English spelling, punctuation and grammar. More people use it.


Spelling

    It is not enough TO write “too” without TWO “o”s. It is TOO little.

    More people favOR the spelling of “colOR”, “odOR”, “flavOR”, and other similar words, with the American “-OR” in stead of the British “-our”.

    Critically analyZE other people's non-American “-SE” spelling of words such as “criticiZE” in order to help them increase their anonymity, as well as ours, by conforming to the American “-ZE” spelling.

    PRACTICE not to confuse the British verb ("practiSe") with the American verb. (Both nouns end in “-CE”.)


Punctuation

    Use commas only when creating a list in a SENTENCE, OR at the end of a quote. (Also use commas before “BUT”, AND to separate clauses and PHRASES, ESPECIALLY if a SINGLE, LONGER sentence is required in order to reduce the repetitiveness of many shorter SENTENCES, LIKE in this case. Commas are also used when addressing a person by NAME, ANONYMOUS, E.G. “Anonymous, texts have been seen that were very difficult to read and interpret unambiguously without these further comma rules.” Consider carefully the significant change in meaning of this quoted sentence that the inclusion or exclusion of a comma can make. Do not use a comma before “and”, "or" OR “etc.” at the end of a list.)

    Do not include dots in abbreviations. This includes titles such as Mr, Dr, Mrs etc. An exception to this is at the end of a sentence. Furthermore, “etc.” gets a dot even in the middle of a sentence, as any American English spell checker will indicate. (Note the letter order: it is not “ect.”, “ec tetera”, but rather “etc.”, “et cetera”.)

    Quoting is done with double quotation marks, e.g. ”LIKE SO”. Notice that the period came after the end quote. When quoting in a sentence ”LIKE SO”, place the comma after the end quote. “...Unless when quoting DIRECT SPEECH,” said the editor, “as is done in this QUOTE.” Multiple, nested quotes must use alternating double and single quotation marks in order to keep track of the level of quotation, e.g. HE said, “SHE said, 'IT said, “BLAH, blah, blah.”'”

    Do not use exclamation marks or smilies!

    Rather use a comma (,) in stead of parentheses ( "(" and ")" ), except when parentheses might actually help to clarify layout and/or meaning, e.g. linking to another site. The URL must be placed in parentheses like this: "(http://kpvz7ki2v5agwt35.onion/)" (without the quotation marks).

    Avoid DASHES, RATHER use commas. ALTERNATIVELY, start a new sentence. (Proper spelling and grammar require some HYPHEN-WORDS to be hyphenated.)
    Use date and time short format as follows: yyyy-mm-dd hh:mm:ss.dcm; consistently from general to specific, for ease of interpretation. Note the hyphens, the colons and the decimal point, for ease of reading. Use “BCE” and “CE” (“Before Common Era” and “Common Era”) after a date, in stead of “BC” and “AD”.

    Use a decimal point (“1.234”) in stead of a comma (“1,234”) to indicate decimal fractions.

    Use a comma to separate thousands for ease of reading (“1,234,567.890”: “one million, two hundred and thirty-four thousand, five hundred and sixty-seven, point eight nine zero”).

    There are SEVENTY-TWO words for the numbers from "TWENTY-ONE" to "NINETY-NINE", that are not multiples of *10*, which must be written with hyphens.” (Use number words to count things, but number symbols to refer to specific numbers.)


Grammar

 

A “U”-WORD or acronym does not get an “an” before it when it is pronounced with the “y” consonant sound as opposed to being pronounced with the “oo” vowel sound (e.g. “A UCLA-student” vs “AN Ulema”).

 

 An acronym beginning with F, H, L, M, N, R, S or X, gets an "an" before it when the pronunciations of the names of all these consonant letters are used with the beginning vowel sound: "ef", "aytch", "el", "em", "en", "ar", "es" and "ex".

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...