Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Snowden Used the Linux Distro Designed For Internet Anonymity

Soulskill posted about 5 months ago | from the NSA-can't-make-heads-or-something-of-it dept.

Encryption 171

Hugh Pickens DOT Com writes: "When Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. Now Klint Finley reports that Snowden also used The Amnesic Incognito Live System (Tails) to keep his communications out of the NSA's prying eyes. Tails is a kind of computer-in-a-box using a version of the Linux operating system optimized for anonymity that you install on a DVD or USB drive, boot your computer from and you're pretty close to anonymous on the internet. 'Snowden, Greenwald and their collaborator, documentary film maker Laura Poitras, used it because, by design, Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

The developers of Tails are, appropriately, anonymous. They're protecting their identities, in part, to help protect the code from government interference. 'The NSA has been pressuring free software projects and developers in various ways,' the group says. But since we don't know who wrote Tails, how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide; if it's bad for the NSA, it's safe to say it's good for privacy. And all of the Tails code is open source, so it can be inspected by anyone worried about foul play. 'With Tails,' say the distro developers, 'we provide a tongue and a pen protected by state-of-the-art cryptography to guarantee basic human rights and allow journalists worldwide to work and communicate freely and without fear of reprisal.'"

cancel ×

171 comments

Sorry! There are no comments related to the filter you selected.

The NSA is becoming a new God for "True Believers" (5, Funny)

mythosaz (572040) | about 5 months ago | (#46760275)

What's that? Have any unknown in your life? Just insert the NSA?

Don't have the source code? The NSA must be behind it.
Don't know who spread a worm? Must be the NSA.
Don't know who authored BitCoin? NSA.
Don't know who packaged up TAILS? NSA.

The NSA sent his heavenly son to die for our sins.

Re:The NSA is becoming a new God for "True Believe (0)

Anonymous Coward | about 5 months ago | (#46760333)

What's that? Have any unknown in your life? Just insert the NSA?

Don't have the source code? The NSA must be behind it.
Don't know who spread a worm? Must be the NSA.
Don't know who authored BitCoin? NSA.
Don't know who packaged up TAILS? NSA.

The NSA sent his heavenly son to die for our sins.

No.

Re:The NSA is becoming a new God for "True Believe (-1, Offtopic)

Anonymous Coward | about 5 months ago | (#46760371)

Dear Linux Advocate,

Designing an OS to securely leak documents without being caught by the NSA takes time, effort and money. As you know, money doesn't grow on trees. And, Linux Advocates is growing. Naturally, we anticipate operating costs and hope to be able to meet them.

But, any amount you feel you are able to donate in support of our ongoing work will be most surely appreciated and put to very good use. Your contributions keep Linux Advocates growing.

Show your support by making a donation today.

Thank you.

Dieter T. Schmitz
Linux Advocates, Owner

http://www.linuxadvocates.com/... [linuxadvocates.com]

Re:The NSA is becoming a new God for "True Believe (-1)

Anonymous Coward | about 5 months ago | (#46760659)

I don't know what I'd do without Linux Advocates to show me the way, I'd have to rely on JoeMonco to weigh in on everything.

That's why I put Linux Advocates in my will, when I croak part of my legacy on Earth will have been bringing Linux to the masses through brother Dieter's advocacy.

Thank you Dieter.

Re:The NSA is becoming a new God for "True Believe (1, Insightful)

Russ1642 (1087959) | about 5 months ago | (#46760391)

Well for a start we know that the NSA exists. I can go on but what I've just said pretty much destroys the analogy.

Re:The NSA is becoming a new God for "True Believe (0)

Anonymous Coward | about 5 months ago | (#46760459)

Allegedly.

Re:The NSA is becoming a new God for "True Believe (1)

Lazere (2809091) | about 5 months ago | (#46760699)

"We cannot confirm or deny the existence of an organization allegedly named the NSA."

Re:The NSA is becoming a new God for "True Believe (-1, Offtopic)

sharknado (3217097) | about 5 months ago | (#46761609)

Lol. I was kicked out of a bookstore once for moving their bibles to the sci-fi & fantasy section.

Re:The NSA is becoming a new God for "True Believe (5, Interesting)

theskipper (461997) | about 5 months ago | (#46760567)

Well, personally my first thought after reading the summary was "but how do you trust the BIOS?" A few years ago I'd have immediately said that's conspiracy theory and dismissed it (along with the other items you listed). But after a year of exposure to the Snowden and RSA revelations and everything else, it pains me to say these NSA questions aren't so far fetched any more.

Sure they may not be probable but they could be possible. No matter how rational you think you are, it really messes with one's mind. Subtle paranoia, if you will.

Re:The NSA is becoming a new God for "True Believe (1)

Em Adespoton (792954) | about 5 months ago | (#46760875)

I had a few other questions as well...
This does nothing to protect against tampered hardware (keyloggers, screen captures, etc.). If you're using USB, you also have to trust that you really only have a flash device in that circuitry. Plus, you have to trust that any certificates you use aren't compromised, any exit nodes you use don't belong to the NSA (a large number do), etc.

All in all, this really only protects you if you weren't already a surveillance target and weren't using compromised systems.

Still, it's better than the alternative. Just not "completely secure".

Re:The NSA is becoming a new God for "True Believe (0)

sumdumass (711423) | about 5 months ago | (#46761121)

Lol.. not only that, man in the middle, and that point about the NSA complaining so it isn't them strikes me odd. A lot of gay bashers are closet homosexuals complaining about the gays in order to stop you from thinking they are gay. It's one of the oldest forms of deciet- fake outrage while being behind it.

Re:The NSA is becoming a new God for "True Believe (0)

Anonymous Coward | about 5 months ago | (#46761193)

A few years ago I'd have immediately said that's conspiracy theory and dismissed it

Then you weren't paying attention, depending on how long "a few years" is to you. The NSA did all sorts of crap decades ago, and there was strong and justified suspicion even back in 2005 that the NSA was conducting illegal surveillance.

Re:The NSA is becoming a new God for "True Believe (4, Funny)

MrNickname (1918152) | about 5 months ago | (#46760583)

That sounds like something the NSA would post.

Re:The NSA is becoming a new God for "True Believe (1)

Jeremiah Cornelius (137) | about 5 months ago | (#46760773)

Turn on your Heartbleed,
Let it shine, wherever you go
Let it make a happy glow
For the NSA to see...

Re:The NSA is becoming a new God for "True Believe (0)

Anonymous Coward | about 5 months ago | (#46760955)

More like a satan than a god.

Seriously, what kind of a person would willingly work for such a vile organization? I'm guessing the kind of person that would fuck you over for 50 cents.

Paranoia doesn't mean no one is out to get you. (0)

Anonymous Coward | about 5 months ago | (#46761493)

Anything which encourages better security is healthy.

If paranoia about the NSA encourages better tools and more people to use them, fine with me!

Re:The NSA is becoming a new God for "True Believe (0)

Anonymous Coward | about 5 months ago | (#46761753)

Snowden, Your hero, is doing a bang up job over there in the USSR.

I hope he gets a front line gig when they invade the West, you can greet him with flowers and candy.

Well, If the NSA Can't Crack It, Ya Right (1)

LifesABeach (234436) | about 5 months ago | (#46760295)

Well, at least it will slow down the other Adam Henrey's with their personal, "needs." Where can I download a copy, today's a good day to start again.

Re:Well, If the NSA Can't Crack It, Ya Right (3, Insightful)

CanHasDIY (1672858) | about 5 months ago | (#46760325)

Re:Well, If the NSA Can't Crack It, Ya Right (1)

Anonymous Coward | about 5 months ago | (#46760761)

Link that works? Wondering now about whether it is /.'d, or down for other reasons...

Re:Well, If the NSA Can't Crack It, Ya Right (1)

DarwinSurvivor (1752106) | about 5 months ago | (#46761191)

I don't know what's funnier. A broken link in a slashdot post, or someone trusting a slashdot post as the correct location to acquire said security software.

Re:Well, If the NSA Can't Crack It, Ya Right (3, Informative)

Nimey (114278) | about 5 months ago | (#46761637)

I've been seeding the 0.23 version since it came out. Here's the magnet link:
magnet:?xt=urn:btih:B7EE06A2568630EED830CFFBF45B6BFD5DE796D4&dn=tails-i386-0.23&tr=http%3a%2f%2ftorrent.gresille.org%2fannounce

Cue NSA infilatration in 3...2.... (4, Interesting)

NotDrWho (3543773) | about 5 months ago | (#46760307)

May want to keep an eye out in the development community of the OS for a sudden influx of programmers "just wanting to help out." Or existing members suddenly driving new sports cars and acting strange.

Re:Cue NSA infilatration in 3...2.... (0)

Anonymous Coward | about 5 months ago | (#46760539)

Cue slashdot effect in 5...4.....3...

Re:Cue NSA infilatration in 3...2.... (4, Funny)

RGRistroph (86936) | about 5 months ago | (#46760587)

We, the open source and freedom-loving community, may need an organized task force to keep track of these programmers, track their incomes, and store their communications -- just for future reference in case something comes up and a mole is suspected, not an actual search as the Constitution defines it, of course. Similar to the Apache Foundation and other Foundations for Open Source causes, but tasked with keeping our communications secure, and breaking the other side's communications where feasiable. We'll have to keep the existence of the Association secret as much as possible of course, and thus also hide it's budget in small items spread accross the other Foundations. They'll archive all the repos and mailing lists and IRC channels and any other communication medium, but advances in technology make the storage on that scale cheaper. We might have to rent a large building out somewhere that has cheap land and few pesky curious tresspassers, Utah or something. We'll just refer to it as No Such Association for now. A small and expedient measure given the threats of our times.

another story about the pulitzer winner(s) & u (0)

Anonymous Coward | about 5 months ago | (#46760331)

almost gushing in agreement world wide? what a gig...

Anonymous on the internet? (0)

Anonymous Coward | about 5 months ago | (#46760347)

So let me get this straight... Some funny Linux distro magically makes you anonymous on the internet. So all of a sudden no servers log your IP address and no ISPs can look at your traffic - simply because you loaded a special distro? I think not. Unless "anonymous on the internet" means something different to you than to the rest of the world. Now immune to local forensics - sure. But on the internet? Not so much.

Re:Anonymous on the internet? (5, Informative)

Midnight_Falcon (2432802) | about 5 months ago | (#46760407)

Tails bakes in a routing table that makes all traffic go over Tor. It also has built-in I2P support. So, while ISPs can look at your traffic, it becomes quite a tough nut to crack to figure out what you're actually doing. Attacks are possible, but require exponentially more sophistication and resources than just tracking an IP.

Re:Anonymous on the internet? (1)

Wycliffe (116160) | about 5 months ago | (#46760535)

makes all traffic go over Tor.

Doesn't this slow things down considerably? Can you do normal activities like ssh or youtube in this type of setup?

Re:Anonymous on the internet? (1)

Anonymous Coward | about 5 months ago | (#46760789)

SSH? of course. Youtube? Generally, no. Using flash over tor is contraindicated anyway, due to potential leaks, though html5 shouldn't be a problem, other than the general latency of tor slowing it down to a crawl.

TAILS is a live system (that's what the LS at the end of the name stands for), and isn't meant to be run as a primary system, but rather only when doing otherwise sensitive things. Not that youtube isn't sensitive in some locations, but for now, the TOR network just can't handle that kind of load. Conventional VPN's are about the best option in those cases, but naturally, figuring out how much you trust your security over a vpn to avoid whatever kind of penalty there is for viewing youtube videos in your country is something for anyone going that route to consider.

Re:Anonymous on the internet? (1)

K. S. Kyosuke (729550) | about 5 months ago | (#46760923)

Dear Wycliffe, in your time people were happy with letters and manuscripts. Why, you didn't even have the humble printing press at your disposal! Even if privacy-conscious citizens won't be able to share their shower selfies on YouTube, or whatever is popular this week, I'm sure that their actual communication needs will be amply provided for by a system like this.

Re:Anonymous on the internet? (0)

Anonymous Coward | about 5 months ago | (#46761091)

Jacob Appelbaum streamed video over Tor to the Libre Planet 2014 conference attendees. As an occasional user of Tor I'd say it is possible to download large files much of the time at decent speeds. You can generally get 20-200kbs although I have seen it as bad as 5kbs to some heavily used hidden services. I think you should also be aware that it's not just bandwidth that is a problem. It's latency. Despite this it does work "good enough" for those who really need to be anonymous. The problems with Tor tend to be user-oriented. How do you get a persecuted population up to speed such that they can safely communicate using the privacy / anonymity tools? It's a huge challenge given the adversaries and lack of technical and investigatory skills many are up against.

Who is Jacob Appelbaum? He is an independent computer security researcher and hacker. He was employed by the University of Washington, and is a core member of the Tor project.

Re:Anonymous on the internet? (1)

Desler (1608317) | about 5 months ago | (#46760541)

Or simply requires taking control of some servers [slashdot.org] .

Re:Anonymous on the internet? (2)

Midnight_Falcon (2432802) | about 5 months ago | (#46761069)

No, no, and no. If you were using tails, you wouldn't have been vulnerable to this attack because it enables NoScript by default. Tails' use of security best practices helps protect against zero-day exploits like the FBI's javascript malicious payload.

Anonymous (0)

Anonymous Coward | about 5 months ago | (#46760349)

Incognito Linux did not impress me. You can be more anonymous using Backtrack.

Re:Anonymous (4, Informative)

lister king of smeg (2481612) | about 5 months ago | (#46760515)

Incognito Linux did not impress me. You can be more anonymous using Backtrack.

ah no.

Backtrack is for cracking not staying anonamous.
Tails routes all of your traffic through TOR and keeps you anonymous as long as you don't share anything reveling.

Re:Anonymous (0)

Anonymous Coward | about 5 months ago | (#46760807)

And if you want tools from both, there's AttackVector (which may or may not still be under active development). Beware though; some of the goals of tor clash with the goals of some of the pentesting tools in Backtrack/Kali, and may be a bit problematic (things like UDP nmap scans come to mind). RTFM, as always.

Re:Anonymous (1)

BitZtream (692029) | about 5 months ago | (#46760981)

as long as you don't share anything reveling.

So its pretty much useless then? I realize the point of what its doing, but its fairly trivial with software running at or near exit nodes to figure out who's doing what and who they are. I have no doubt the NSA is capable of doing it. Put me in an IRC channel with 20 people I know and have chatted with for some time, randomize their nicks, give me an hour and I can tell you who most of them are based on their conversation patterns alone, and I'm just observant, not software combing EVERYTHING you do.

Doesn't mean you shouldn't try to be anonymous, but just that its PRETTY FRAKING HARD to do if you're doing it in public view, regardless of how hard you try to hide.

Re:Anonymous (4, Insightful)

Midnight_Falcon (2432802) | about 5 months ago | (#46761245)

There's plenty of ways to defeat stylometric analysis, notably, running things through a translation engine several times through a few languages.

NSA boogeyman (0)

Blakey Rat (99501) | about 5 months ago | (#46760357)

'The NSA has been pressuring free software projects and developers in various ways,' the group says.

Did they provide evidence for this claim?

Re:NSA boogeyman (0)

Anonymous Coward | about 5 months ago | (#46760401)

For the amount of funding they have, I would be seriously disappointed if they didn't try at least once.

Re:NSA boogeyman (4, Informative)

Midnight_Falcon (2432802) | about 5 months ago | (#46760417)

Go on YouTube and listen Jacob Appelbaum's (a Tor developer) videos. Something about NSA agents peering into his girlfriend's window at night and various other intimidation tactics..and that's just him..

Re:NSA boogeyman (-1)

Anonymous Coward | about 5 months ago | (#46760507)

Something about NSA agents peering into his girlfriend's window at night

Uh, that wasn't the NSA...

Hey, she's hot, I didn't know she was some Tor coder's girl!

Re:NSA boogeyman (1)

Blakey Rat (99501) | about 5 months ago | (#46760605)

A Tor developer? Being paranoid? Shocking!

No, I'm sorry, when I say "evidence" what I mean is, and try to follow along here, "evidence". Not anecdotes. Not scary bumping noises in the night. Evidence.

Re:NSA boogeyman (3, Insightful)

Midnight_Falcon (2432802) | about 5 months ago | (#46760905)

Considering the fact that the NSA is super-secretive and the ongoing joke is it's an acronym for "No Such Organization," short of another Edward Snowden I don't think you can be given the kind of evidence you want. Remember, before Snowden those "paranoid" people like Tor Developers were relegated by folks like you into the land of nutjobs, conspiracy theorists and tinfoil-hat haberdashers. Now look..

Re:NSA boogeyman (0)

Anonymous Coward | about 5 months ago | (#46761101)

I think you mean "No Such Agency"....

Re:NSA boogeyman (3, Funny)

lonOtter (3587393) | about 5 months ago | (#46761349)

No, he doesn't. He's referring to the real puppeteers: NSO.

Re:NSA boogeyman (3, Interesting)

Anonymous Coward | about 5 months ago | (#46761855)

Really? There haven't been enough scandals yet?

- pressure to backdoor linux - http://www.itworld.com/open-source/383628/linus-father-confirms-nsa-attempt-backdoor-linux
- NSA/GCHQ have power points about trying to attack TOR exit nodes including with DOS attacks
- they hack sys admins
- they are suspected of introducing bugs into code bases (anonymous commit to the linux kernel which had a = instead of == allowing remote code exploit)
- they are known to have inserted hardware backdoors into US chips - most probably Intel and Via.
- they used NIST to cripple encryption and random number generation standards. (They fixed the s-boxes in DES, but they reduced the key length from 64 bits to 54 bits. They lobbied to reduce the number of passes in current crypto systems. The Dual_EC_DRBG is the backdoored random number standard they forced though.)
- They paid $10 million to RSA to set the default to this bad random number generation standard.
- They use porn browsing habits and other information they collect to discredit people they don't like - this includes Americans.
- They launch DoS attack against people they don't like. This includes people in anonymous and file shares using pirate bay. Anyone happening to use the same public IRC servers suffer too.
- They launch "false flag" operations - meaning they do something evil, blame someone else, and use that as an excuse to do the thing they originally wanted to do but couldn't (the equivalent of shooting your own troops, blaming the enemy, and launching a "counter attack").
- Joe Nachio former CEO of Qwest, was invited to Fort Meade and asked to do something blatantly illegal to which he said no. As a result, he lost the government contracts he expected to get, and the government arrested him for insider trading. He served 6 years in prison after being denied the right to defend himself because the programs in question were classified. (And you wonder why other telcos go along with the NSA's "requests")
- Lavabit (secure email provider) was strong armed into closing after they received an NSL to spy on Snowden's email. The form of the NSL required that ALL lavabit customers would be spied on.

These are just off the top of my head! How many demonstrations of evil do you need from those bastards? They are completely out of control.

Re:NSA boogeyman (0)

Anonymous Coward | about 5 months ago | (#46760669)

"NSA agents"

Um, yeah, well you do know that the whole concept of "NSA agents" doesn't exist outside Splinter Cell, don't you? There's no NSA operatives running around with night vision goggles and sporting guns with silencers. What you got here is some dolt whose girlfriend catches a peeping Tom and, well, it must be the NSA!

Re:NSA boogeyman (1)

K. S. Kyosuke (729550) | about 5 months ago | (#46761009)

Also known as Nasty Sexual Assailants.

Re:NSA boogeyman (1)

Midnight_Falcon (2432802) | about 5 months ago | (#46761053)

NSA Agents

NSA agent is the name given to most employees of the NSA, same as other federal bodies like FBI, CIA, DEA, etc. You start as a "Special Agent" typically and then move up to Assistant-Special-Agent-in-Charge...Special-Agent-in-Charge etc..it's the default term. No one said anything about night vision and silenced weapons etc, AFAIK it was a plain ol stakeout. Sounds like you're the one playing too many video games.

some dolt

A rather accomplished and well-known individual who's been at the core of many privacy-related projects and founded a major hackerspace in San Francisco..and happens to be connected with Assange, Poitras, Snowden etc and in the NSA's radar..

Re:NSA boogeyman (0)

Anonymous Coward | about 5 months ago | (#46761311)

No one calls anyone that works at the NSA agents.

Re:NSA boogeyman (0)

Anonymous Coward | about 5 months ago | (#46760977)

"NSA agents"? Those work in them cushy office buildings. These people must have been either CIA field officers, or - much more likely - your ordinary pervy Germans. :-p ;-)

Re:NSA boogeyman (0)

Anonymous Coward | about 5 months ago | (#46760671)

I am sure there are NSA operatives reading this right now. Maybe they can provide the proof.

Tails is awesome (2)

Midnight_Falcon (2432802) | about 5 months ago | (#46760361)

And the anonymous authors of the package deserve a medal.

The CIA etc notes that its employees 'serve in silence,' surely this team has advanced the cause of freedom and liberty more than them, in silence.

Re:Tails is awesome (1)

BreakBad (2955249) | about 5 months ago | (#46760573)

..and pretty cool masks.

Re:Tails is awesome (1)

cold fjord (826450) | about 5 months ago | (#46760711)

... surely this team has advanced the cause of freedom and liberty more than them, in silence.

I'm pretty sure that the answer to that is no. "Tails" isn't more than a few years old. The CIA was fighting communist dictatorships for decades, and before that its predecessor the OSS fought the Nazis.

Re:Tails is awesome (1)

Midnight_Falcon (2432802) | about 5 months ago | (#46760965)

Do you really believe that load? The CIA was formed to be an instrument of executive power with minimal accountability, and is one of many intelligence organizations in the United States. While it was fighting communist dictatorships it was also trying to steal the presidential election on behald of Nixon (Watergate), and potentially facilitating the sales of drugs in the USA to finance Iran-Contra. Their SAD divison helped illegally expand the Vietnam War into Cambodia, and use chemical weapons whose effects are still being felt today.

Also, none of the employees at the present CIA were around to have anything to do with fighting the Nazis.

Re:Tails is awesome (1)

cold fjord (826450) | about 5 months ago | (#46761281)

How many of the present CIA had anything to do with Vietnam? Iran Contra? See, I can play that game too.

Watergate was Nixon's own men, not the CIA.

Were the North Vietnamese in Cambodia and using it to attack South Vietnam? Yes. Are you claiming that Cambodia was outside its rights to ask for assistance against the North Vietnamese occupation of its territory?

Now maybe you can tell me, how much did the Tails project help dissidents against the Communist governments of Poland, USSR, Hungary, Czechoslovakia, and many others? What did the Tails project do to defeat Communist takeover attempts in free European countries like Greece? Nothing.

What I wrote has the irritating quality of being true.

Re:Tails is awesome (1)

Midnight_Falcon (2432802) | about 5 months ago | (#46761449)

Actually, many present CIA employees were around for Vietnam and Iran-Contra..notably, a recent director, Porter Goss -- who was a career CIA employee. Those who were low-level agents at the agency are now in higher positions, and they were around for that time -- albeit it is unkown whether they were involved with those operations. You didn't fact check your statement at all before making it. The reason my statement is true is because of time disparity -- 70 years since the Nazis fell means that any CIA agent would have to be 90+ years old to have been around for that.

Now maybe you can tell me, how much did the Tails project help dissidents against the Communist governments of Poland, USSR, Hungary, Czechoslovakia, and many others? What did the Tails project do to defeat Communist takeover attempts in free European countries like Greece? Nothing.

It didn't exist then and neither did the internet. Today, it would help bring down the "Iron Curtain" and be a valuable instrument in these areas. The CIA also didn't do this out of the goodness of their heart or do defend "freedom" -- they were doing it to expand U.S. power and influence in Europe and check the influence of Russia.

Are you claiming that Cambodia was outside its rights to ask for assistance against the North Vietnamese occupation of its territory?

Cambodia never did this. Can you find a source that says that? And I don't mean their powerless government-in-exile asking for military assisntace, if that was legal, then the Dali Lama could authorize the U.S. to invade Tibet.

The CIA was involved and Nixon's men were former CIA agents.

Heres' a reference [salon.com]

What I wrote has the irritating quality of being true.

No, everyone is entitled to their own opinion, not their own facts. You've invented your own facts for the purposes of rebuttal, which is quite irritating.

Re:Tails is awesome (1)

cold fjord (826450) | about 5 months ago | (#46761651)

Former CIA agents are not current CIA agents.

As the Cambodian situation became worse, the Cambodian government sought military assistance from the United States and South Vietnam.

-- Across the Border: Sanctuaries in Cambodia and Laos [army.mil]

The US was out of South Vietnam in 1975. That is nearly 40 years ago. I doubt there are many CIA agents that were working in Vietnam still working at the CIA. Iran Contra is also well into the past. And once again, a former Director of CIA is not a current Director or employee.

The internet certainly did exist in the 1980s. But you basically concede my point then. Tails had nothing to do with the actual fight for freedom that was the struggle against communism let alone the Nazis. The real contributor to freedom was the CIA, not the small Tails project only a few years old.

I look forward to you identifying the relevant facts. You would then be less irritated and probably no be proposing such nonsense.

Re:Tails is awesome (1)

Midnight_Falcon (2432802) | about 5 months ago | (#46761867)

Former CIA agents are not current CIA agents.

As the Cambodian situation became worse, the Cambodian government sought military assistance from the United States and South Vietnam.

-- Across the Border: Sanctuaries in Cambodia and Laos [army.mil]

This is an official military source that misses the point that the "government" of Cambodia was not de facto sovereign at the time, nor legal..the request came from Lon Nol, a pro-US general who was just installed in a coup d'etat.

The US was out of South Vietnam in 1975. That is nearly 40 years ago. I doubt there are many CIA agents that were working in Vietnam still working at the CIA.

They'd be 60-70 years old but it's still quite possible. The CIA doesn't really publish lists of employees so this can be checked.

Iran Contra is also well into the past. And once again, a former Director of CIA is not a current Director or employee.

The internet certainly did exist in the 1980s.

Yes, but mostly as U.S-only network, it would be more accurate to say the "Internet did not exist in the way we know it today". CERN and Europe didn't largely uplink into the TCP/IP-based internet until 1989..post-Berlin Wall.

The real contributor to freedom was the CIA, not the small Tails project only a few years old.

If you think that the CIA contributed to "freedom" then you speak propaganda only. The CIA contributed to realpolitik, and only came to create "freedom" in places that mattered to the U.S.'s strategic interests. In the same way the KGB helped enforce a "prison of states" around Eastern Europe, the CIA helped foster a similar situation in South America. See Guatemalan Coup [wikipedia.org] . Let's not forget also about Chile and Grenada. Also, the CIA helped stifle dissent in America and reduce American political freedoms during thist ime. Reference: Operation CHAOS [wikipedia.org]

Re:Tails is awesome (1)

anagama (611277) | about 5 months ago | (#46761889)

Today, Cold Fjord and the NSA _are_ the Nazis.

Almost (4, Interesting)

s.petry (762400) | about 5 months ago | (#46760419)

Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

Traffic sniffing does not require files on the target and this is the biggest source of data for agencies like the NSA. It may protect you from key loggers being installed (unless they were inserted ahead of time).

I'm pretty sure that part of Snowden's leaked information showed that exploits are occurring at the hardware level as well as software. Entry points like LOM modules were explicitly called out in the leaked presentations.

I'd agree that forensics becomes extremely difficult, if not impossible (memory analysis can still occur). I don't agree that the systems are immune to malicious software at least in a general sense. Immunity would require a lot of control for the hardware running the OS, and monitoring to make sure things have not been tampered with. Relying on a repository build of an OS imaged is still a target for potential a MITM attack feeding a user a kitted image.

It's all good in my opinion, I'm just being picky about the terminology chosen. Immunity implies absolute safety, and very little in the world is absolute.

Re:Almost (4, Interesting)

lister king of smeg (2481612) | about 5 months ago | (#46760749)

Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

Traffic sniffing does not require files on the target and this is the biggest source of data for agencies like the NSA. It may protect you from key loggers being installed (unless they were inserted ahead of time).

All traffic sniffing will do is show they are talking to a TOR entree node. Everything is wrapped in multiple layeres of encryption between you and each of the nodes in between. Maybe they could tell from traffic analysis what type of traffic it is based on traffic profiling, streaming your pr0n over to will have a different profile than browseing a webpage wich will in tun be different than ssh, but they still won't know the end point and what the content is.

I'm pretty sure that part of Snowden's leaked information showed that exploits are occurring at the hardware level as well as software. Entry points like LOM modules were explicitly called out in the leaked presentations.

Yes but they would have to have had access to your computer to insert the hardware bugs. If you say pick up a cheap laptop at walmart paid for with cash they won't know who has it, and would not have inserted the bugs as they could not have known who would end up wih the computer.

I'd agree that forensics becomes extremely difficult, if not impossible (memory analysis can still occur).

if they are doing memory analysis thy have the computer in their posesion already and you probably have a much larger issues to worry over.

I don't agree that the systems are immune to malicious software at least in a general sense. Immunity would require a lot of control for the hardware running the OS, and monitoring to make sure things have not been tampered with.

Technically true. However you have to trust something, and as long as there has been know oppertunity to tamper with the computer you can assume your safe for most things.

Relying on a repository build of an OS imaged is still a target for potential a MITM attack feeding a user a kitted image.

That is why we have cryptographic signatures on repositories and iso images. If they can break a 4092 bit key in polynomial time we are f***ed anyway

Re:Almost (1)

s.petry (762400) | about 5 months ago | (#46761243)

All traffic sniffing will do is show they are talking to a TOR entree node. Everything is wrapped in multiple layeres of encryption between you and each of the nodes in between. Maybe they could tell from traffic analysis what type of traffic it is based on traffic profiling, streaming your pr0n over to will have a different profile than browseing a webpage wich will in tun be different than ssh, but they still won't know the end point and what the content is.

Um, no! I am not sure how much you know about network security, but I sniff packets all the time and decrypt traffic. If you have a private key this is simple to do. With a massive computer, I can store conversations and brute force a key lateer. This was made easier by the NSA introducing some weak algorithms into encryption protocols. Even without those weaknesses, it is possible to brute force. We are better today after knowing about introduced weaknesses, but still not immune.

Yes but they would have to have had access to your computer to insert the hardware bugs. If you say pick up a cheap laptop at walmart paid for with cash they won't know who has it, and would not have inserted the bugs as they could not have known who would end up wih the computer.

Unfortunately the exploits do not always require physical access. It would certainly take more computer than you suggest, the devices in the leaked presentation are server class machines. Your recommendation for using a cheap PC is good. Personally I build my own more powerful PCs for that same reason.

if they are doing memory analysis thy have the computer in their posesion already and you probably have a much larger issues to worry over.

This same issue exists with someone running forensics on your hard drive. The OS running on Read Only media minimizes the footprint drastically, it does not remove the footprint completely.

That is why we have cryptographic signatures on repositories and iso images. If they can break a 4092 bit key in polynomial time we are f***ed anyway

Now I'm more unsure of your security experience and knowledge. If I make a cloned Distro package and host my own MITM web site, I can use my own key and users would not know necessarily. Looks like chicken, tastes like chicken and all that. It's expensive to do, but happened already (whistle blowers reported this too).

As mentioned previously, I'm not saying the system is bad. I'm claiming is not the best terminology, and a person reading TFA is possibly mislead by the chosen terminology.

Re:Almost (1)

AmiMoJo (196126) | about 5 months ago | (#46761905)

Tor mitigates traffic analysis attacks by padding data, generating extra random packets, combining packets it is forwarding or splitting them up again etc.

Protect us from Communist USA and North Korea (-1)

Anonymous Coward | about 5 months ago | (#46760479)

Whatever protects people of the world from regimes like North Korea or USA should be praised. Commies and Republican trash care only on spying and putting political dissidents in jails.
Look what happens on the streets of major cities in USA. Security forces are on every corner ready to beat, shoot or take somewhere regular American citizens.
Old USA is gone, totalitarian regime took the country back

God no longer blesses fascist America

Open Source (0)

Anonymous Coward | about 5 months ago | (#46760533)

And all of the Tails code is open source, so it can be inspected by anyone...

Yeah. Because that peer review process worked out so well for OpenSSL... Sorry, but the defence of "it's open source so don't worry" doesn't really inspire quite the same degree of confidence it once did.

Re:Open Source (1)

K. S. Kyosuke (729550) | about 5 months ago | (#46761083)

Well, OpenSSL is sort of complex. When it comes to actual security, simplicity is your friend. So I wonder whether - for mutual communication of two people (both equipped with this software) - you actually *need* OpenSSL or any crypto implementation of similar complexity. Just cut off everything unnecessary - especially given how X.509 should be suspicious to most paranoid people in the first place! What if the CAs get compromised by government agents? Just exchange your public keys in person to be sure. You don't need OpenSSL to do that.

From an NSA powerpoint slide? (0)

Anonymous Coward | about 5 months ago | (#46760549)

Their disinformation tactic worked! That slide was a plant to sew trust in Tails, when in reality it was written by Admiral Mike Rogers himself!

The only true way to remain anonymous is write your own code, live in a fenced in, soundproof room you built yourself, solder your own electronics to build your own hardware, and store all of your excreted bodily fluids in jars around your jar so they can't trace your DNA.

Re:From an NSA powerpoint slide? (1)

Anonymous Coward | about 5 months ago | (#46760743)

And don't forget the fact that 99.9% of the people out there aren't as interesting as they think they are. Most would be very disappointed to find out that the NSA actually doesn't give a fuck about them, and that would be a blow to their egos. Back in the 90's when they caught Ted Kazinski, they got a hold of his "hit list." There were CEO's and such who actually felt slighted that they weren't on that list. Kind of a shot to their inflated egos.

The Distant Future, Considered (3, Interesting)

SuperKendall (25149) | about 5 months ago | (#46760557)

how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide

And that, ladies and gentleman, is how you play the Really Long Game.

Comment subjects suck (1)

caluml (551744) | about 5 months ago | (#46760623)

And it's Slashdotted.

The NSA is tricky (0)

Anonymous Coward | about 5 months ago | (#46760639)

But since we don't know who wrote Tails, how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide; if it's bad for the NSA, it's safe to say it's good for privacy.

Write Tails, fabricate memo complaining about it, convince hordes of evil doers that you can't crack it. Isn't it obvious?

NSA 'compaining' about tails (3, Insightful)

spasm (79260) | about 5 months ago | (#46760641)

NSA 'compaining' about tails? Oh, no, please don't throw me in that briar patch!

http://americanfolklore.net/fo... [americanfolklore.net]

Re:NSA 'compaining' about tails (1)

bluefoxlucid (723572) | about 5 months ago | (#46760793)

Well it's too slow. Sonic is faster.

Re:NSA 'compaining' about tails (0)

Anonymous Coward | about 5 months ago | (#46761507)

wat

Amnesic? (1)

caluml (551744) | about 5 months ago | (#46760647)

The Amnesic Operating System. Shouldn't it be amnesiac? Or is this another English/American English difference like aluminium?

Re:Amnesic? (2)

CanHasDIY (1672858) | about 5 months ago | (#46760695)

The Amnesic Operating System.

Shouldn't it be amnesiac?

Nope - an amnesiac is a noun that refers to a person suffering from amnesia; "amnesic" is an adjective that means "exhibits properties of amnesia," which can apply to more than just the human psyche.

Re:Amnesic? (1)

caluml (551744) | about 5 months ago | (#46760771)

Interesting - so an amnesiac would also be amnesic? Are there any other words that have similar examples like this?

Re:Amnesic? (1)

Anonymous Coward | about 5 months ago | (#46760747)

No, it's a part of speech difference. "Amnesiac" is a noun; "amnesic" is an adjective. On both sides of the pond.

The government should pass a law! (4, Funny)

Vinegar Joe (998110) | about 5 months ago | (#46760661)

Snowden would have had a much harder time had he been using legal Microsoft products.

What a shame (1)

cold fjord (826450) | about 5 months ago | (#46760791)

What do you bet that "Tails" used OpenSSL as part of its security?

Re:What a shame (1)

Midnight_Falcon (2432802) | about 5 months ago | (#46761207)

It did, but a version that was NOT vulnerable to heartbleed since tails tracks debian-oldstable. Also, there is no use case for running a web server that people can exploit heartbleed on via tails.

Re:What a shame (0)

cold fjord (826450) | about 5 months ago | (#46761297)

What about a use case for client software with library dependencies on OpenSSL?

Re:What a shame (1)

Midnight_Falcon (2432802) | about 5 months ago | (#46761533)

Can you explain how heartbleed would be exploited in such a circumstance?

Re:What a shame (1)

F.Ultra (1673484) | about 5 months ago | (#46761677)

Heartbleed is a server exploit

Re:What a shame (1)

cold fjord (826450) | about 5 months ago | (#46761721)

True but I doubt that it matters that much since another client talking to the same vulnerable server could compromise the server keys and potentially allow intercepts of other client communications.

Having the souce Code does not make it safe (3, Informative)

hduff (570443) | about 5 months ago | (#46760811)

Unless you compile from vetted source code on an un-compromised system using an un-compromised compiler, etc., you can't be certain the binary they provide is the same as what compiling the source code would provide.

Re:Having the souce Code does not make it safe (3, Funny)

istartedi (132515) | about 5 months ago | (#46761463)

I would assemble the system myself from discrete transistors, except that I can't be sure the NSA didn't drug me, drag me off and hypnotize me.

Re:Having the souce Code does not make it safe (1)

olip85 (1770514) | about 5 months ago | (#46761795)

Unless you compile from vetted source code on an un-compromised system using an un-compromised compiler

A very interesting (and quite short) read about that : Reflections on Trusting Trust [bell-labs.com]

Who's to say NSA didn't author TAILS? (0)

Anonymous Coward | about 5 months ago | (#46760889)

Wouldn't this be the ultimate honeypot for the NSA to create? Since the authors are anonymous who's to say none of them weren't the NSA?

Why doesn't TAILS use TRUCRYPT (or similar)? (1)

corezz (1603659) | about 5 months ago | (#46761105)

I get the impression TAILS doesn't include a full system encryption on boot which means if the USB is discovered they could check whats on it. I assume Snowden wrote the retrieved data to the same usb stick. Maybe Trucrypt isn't available for linux distros but i am sure there are plenty of alternatives that do a similar full system os encryption.

Re:Why doesn't TAILS use TRUCRYPT (or similar)? (2)

TeknoHog (164938) | about 5 months ago | (#46761327)

Maybe Trucrypt isn't available for linux distros but i am sure there are plenty of alternatives that do a similar full system os encryption.

I can think of one alternative on Linux, it's called Truecrypt with an "e".

That's because you're a lazy SOB... (0)

Anonymous Coward | about 5 months ago | (#46761919)

Tails in fact *DOES* have a persistent storage option for installing on a usb thumb drive (and in fact will refuse to install/upgrade if you try and install it on a Hard Disk, although there's no technical reason you couldn't). It then creates a fat32 primary partition which contains the 'livecd' part of the filesystem, making it easy to upgrade, and then has a secondary partition which may be configured from the desktop as Persistent storage (normally the rest of the disk unless you manually partitioned) which is password protected with some potentially immeasurably long password you set for it.

So yes, Tails does allow both persistent and non-persistent operation.

In fact the only *REAL* issue with Tails is that without swap space, you're limited to what apps you can cram into memory, and if you cram in too many the system will hang. Not an issue if you're just going to have one web browser and a pidgin session running. But dozens of tabs, i2p, or a large and active pidgin session might hang the system forcing you to either kill X or restart the computer.

It does however make tor, i2p, etc dead simple to use. The killer OS imho in regards to p2p network topologies, as well as turnkey filesystem security.

Trust No One (2)

Lawrence_Bird (67278) | about 5 months ago | (#46761475)

Are you able to verify all of the distribution yourself? Are you able to vet the contributors? Are they able to vet each other? Is Tor really safe?

It all comes down to a matter of degree but in the end... Trust No One

True Security (0)

Anonymous Coward | about 5 months ago | (#46761603)

The only way to be truly secure is to communicate using a computer that you bought for cash and is only used for that purpose, via someone else's internet connection using their wi-fi . Of course you would need to be careful not to be videoed while traveling to and from the wi-fi site.

It doesn't matter if the feds can place something on your computer if they don't know where the computer is or who it belongs to.

Whonix is another alternative (1)

Nimey (114278) | about 5 months ago | (#46761667)

https://www.whonix.org/ [whonix.org]

Magnet links:
magnet:?xt=urn:btih:A031805E690BB0E03114A8FEB52485517218D3CE&dn=Whonix-Gateway-8.1.ova&tr=http%3a%2f%2fannounce.torrentsmd.com%3a6969%2fannounce&ws=http%3a%2f%2fwebseed.whonix.org%3a8008%2f8.1%2fWhonix-Gateway-8.1.ova

magnet:?xt=urn:btih:AB89247534553946C500EDF3A78E9C30F9C956ED&dn=Whonix-Workstation-8.1.ova&tr=http%3a%2f%2fannounce.torrentsmd.com%3a6969%2fannounce&ws=http%3a%2f%2fwebseed.whonix.org%3a8008%2f8.1%2fWhonix-Workstation-8.1.ova

And here's the magnet link for Tails v0.23 for good measure:
magnet:?xt=urn:btih:B7EE06A2568630EED830CFFBF45B6BFD5DE796D4&dn=tails-i386-0.23&tr=http%3a%2f%2ftorrent.gresille.org%2fannounce

Re:Whonix is another alternative (1)

Nimey (114278) | about 5 months ago | (#46761679)

Note that the above Whonices are vulnerable to Heartbleed, so you'll need to do an apt-get update/apt-get dist-upgrade once you've imported the VMs into VirtualBox.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>