Tails 4.11

The Amnesic Incognito Live System (better known as Tails) is a Debian-based live DVD/USB with the goal of providing complete Internet anonymity for the user. The distribution ships with several Internet applications, including web browser, IRC client, mail client and instant messenger. The distribution transfers Internet traffic through the Tor network to hide its origin.

One of the project's latest releases was version 4.11. (At the time of writing 4.12 is about to be published, though without any significant new features.) Lately the project has mostly focused on bug fixes and minor tweaks, though Tails 4.11 introduces the option of persistent storage for some of the distribution's settings and data. Persistent storage is not enabled by default, but can be set up using tools included on the live media.

Tails is available for 64-bit (x86_64) computers and its live media is approximately 1.2GB in size. The live media can be written to a DVD or USB thumb drive. There are separate files provided depending on whether we want to write the distribution to DVD or USB media, however I tested and confirmed the DVD image can be written to, and run from, a USB thumb drive if need be.

Early impressions

Booting from the Tails media brings up a welcome screen. This graphical interface offers to either start the desktop session or shutdown the operating system. On this welcome screen we can click buttons to bring up settings options that allow us to select our keyboard layout, language, and locale formats. At the bottom of the welcome window is a button which opens additional settings. These extra settings are security related and allow us to assign a password to the administrator account, enable/disable MAC address spoofing, set whether to allow the "Unsafe Browser" to run, and how to connect to the Tor network or to disable networking entirely.


Tails 4.11 -- Running LibreOffice and checking the version of Tails
(full image size: 116kB, resolution: 1366x768 pixels)

These settings mostly default to providing more security. The administrative functions are blocked by default with the lack of a password. MAC address spoofing is turned on in an effort to make us harder to track on-line, and using the "Unsafe Browser" is blocked. Networking is enabled by default, but is set to pass information through the Tor network to hide the origin of our traffic.

Once we start the desktop session, the distribution loads the GNOME 3.30 interface. We are then automatically connected to the Tor network, assuming our computer has a working network connection. GNOME presents us with a panel across the top of the screen. This panel contains two menus, Applications and Places, in the upper-left corner. In the middle of the panel is a date and time widget which, when clicked, displays a calendar and recent notifications. Further to the right is the system tray. In the far upper-right corner we find a menu that provides access to the settings panel, network settings, and logoff/shutdown options.


Tails 4.11 -- Connecting to the Tor network
(full image size: 88kB, resolution: 1366x768 pixels)

On the desktop we can find icons for accessing the Trash (ie the file manager) along with two icons labelled "Documentation" and "Report an error". The latter two icons open the Tor Browser, which is an altered version of Firefox ESR, and displays tips on getting support and using the distribution. The documentation section of the Tails website is a good read and I recommend browsing it. The distribution's documentation provides information on system requirements, key features, and tips on staying anonymous. Not only that, it also talks about the limitations Tails has. We are warned the distribution cannot protect us against hardware-related attacks and that people monitoring the network can see that we are accessing the Tor network, which may raise flags at work, for example.

Hardware

I started out by testing Tails in a VirtualBox environment. Tails performed well in the virtual machine. The desktop dynamically resized with the VirtualBox window and desktop performance was, while slightly below average, still good enough to be practical. I like that Tails warns us when it detects it is running in a virtual machine as it helps us avoid eavesdropping from administrators.

When running Tails on my laptop the distribution performed very well. Desktop performance was quite good, all of my hardware was properly detected, wireless networking functioned out of the box, and the system was stable.

The distribution's memory usage fluctuated quite a bit once the GNOME desktop finished loading. The Tails website mentions the distribution checks for security updates automatically and I think this, and perhaps connecting to the Tor network, causes a memory spike. When GNOME first loads the system uses about 590MB of RAM. This rises to just over 700MB after a minute. Generally, RAM usage settled down to about 600MB after a few minutes.

Applications

Scanning through the Tails application menu we find the Tor Browser, which is a modified version of Firefox. There is also an application called Unsafe Browser. This is also basically Firefox, but while Tor Browser connects to the Internet through the Tor network, hiding our location, Unsafe Browser accesses the web directly. Using Unsafe Browser basically removes any protection we had from using the Tor network while providing a faster browsing experience as traffic is not rerouted through proxies.


Tails 4.11 -- Tor Browser ships with privacy extensions
(full image size: 110kB, resolution: 1366x768 pixels)

The application menu includes the Thunderbird e-mail client, the Pidgin messaging software, and Electrum Bitcoin Wallet. OnionShare is included and I will talk about it in detail later. Tails ships with LibreOffice, the GNU Image Manipulation Program, and Inkscape. The Audacity audio editor and Brasero disc burning software are available, along with the Videos (Totem) application which is included for playing media files. Tails ships with media codecs already installed for us.

There are tools available for setting up persistent volume storage, formatting disk partitions, and editing text files. There is a tool called GtkHash for getting file checksums, particularly in MD5, SHA1, and SHA256 hashes. There is a simple image viewer, the KeePassXC password manager, and a tool for unlocking VeraCrypt storage volumes. There is a tool for installing Tails, though I suspect most people will stick to using the distribution in its live desktop form. In the background Tails uses the systemd init software and runs on version 5.7 of the Linux kernel.

OnionShare

One of the interesting features Tails includes is OnionShare. This desktop application helps us share files over the Tor network. OnionShare begins by allowing us to browse our system for a file (or files) we wish to share. Then we click a button to start sharing the file. OnionShare will set up a unique address on the Tor network and allow computers using Tor to access our computer to grab the file. The unique address for this file is displayed in the OnionShare window and we can copy it to other applications to share it with people. Basically, OnionShare makes it possible to semi-anonymously share a file with other people through the Tor network.


Tails 4.11 -- Transferring a file over OnionShare
(full image size: 89kB, resolution: 1366x768 pixels)

One interesting characteristic of OnionShare is it stops making the file we are sharing available after it has been downloaded. This means once our contact has retrieved the file it is no longer available to anyone else; the service shuts down automatically. This is usually a good thing. Though it may be frustrating if the person retrieving the file needs to cancel and resume the download, or if their connection times out. In these situations they need to contact us and ask us to share the file again, which requires setting up the service and getting a new unique URL.

I had used OnionShare a few years ago and, at the time, could not get it to work. The setup process where a file was assigned a unique identifier never completed successfully at the time. This week I tried using OnionShare repeatedly and it worked each time. There is a bit of a delay before the shared files become available on the Tor network (about 30 seconds in my case) but it always worked.

Other observations

I tried setting up persistent storage media in a few environments. This seems like a good tool, though it does have some limitations at the moment. For example, it requires Tails to run from a USB drive and saves data to the same thumb drive. When we run Tails from another type of media, such as a DVD, we cannot use a hard drive or thumb drive as the storage device. This is probably for the best as most people are unlikely to want to split their data files and the Tails operating system between separate devices they need to manage.

As I mentioned earlier, the Unsafe Browser is disabled by default. It can be enabled through the welcome screen when Tails first launches. As far as I can tell there is no way to enable this browser after the welcome screen has been dismissed. When we do enable and launch the Unsafe Browser it displays two warnings letting us know our traffic is not being rerouted. The theme of the Unsafe Browser is bright red to further drive home the point that we should be running the regular Tor Browser for the sake of anonymity.


Tails 4.11 -- Running the Unsafe Browser
(full image size: 109kB, resolution: 1366x768 pixels)

As far as I could tell the web browser is unable to provide audio output. Even when watching videos on-line the browser would not create any audio and the Tor Browser does not show up in the distribution's audio controls or list of applications providing sound output. Other applications, such as Totem, do play audio.

By default Tails does not enable administrative functions. This means any application which requires admin access is blocked. This affects tools like the disk manager and Synaptic package manager. Administrative access can be enabled by setting an admin password in the welcome window.

The GNOME desktop locks itself after a short timeout, by default after just five minutes. If this interval is too short it can be adjusted in the GNOME settings panel.


Tails 4.11 -- The settings panel and file manager
(full image size: 90kB, resolution: 1366x768 pixels)

Software management

In case we wish to update existing software or add new programs to Tails the distribution ships with the Synaptic package manager. Synaptic provides a low-level view of packages and can download, remove, or update software on the system. Synaptic will only work if we have set an admin password from the distribution's welcome screen. Synaptic works reliably, though it is slow as its network traffic is routed through Tor. This makes for slower downloads.

There is a tool in the application menu called Additional Software. This tool assists us in adding software from persistent media, if persistent storage has been enabled. This should make it easier to run extra applications from local media rather than downloading them each time we boot Tails.

Conclusions

Tails fills an important, though rarely explored, niche in the computing ecosystem. Tails attempts to provide not just secure, but also anonymous on-line communication. Tails is quite focused. It's not trying to be a general purpose operating system, rather it is dedicated to providing a simple interface and a fairly locked down environment in which people can get on-line, look up information, share files, and exchange messages. The Debian base proves to be quite stable and the current GNOME desktop offers good performance.

One thing I like about Tails is it automates the software we need for on-line communication and file sharing. The distribution automatically connects to the Tor network and the initial setup process is streamlined. There are not many extra features offered outside of the distribution's core purpose. In fact, most unnecessary features, like the admin password, are disabled to avoid potential security issues.

Something else I like about the project is the documentation. Partly for what it explains and that it tells us how to perform tasks. However, it also describes the distribution's limitations and things Tails cannot do to protect us. This is a good, transparent approach to keeping people safe as it should avoid false senses of security. On a similar note, I like that Tails often tries to warn us against doing something foolish, but does not prevent us from engaging in ill-advised activities. We can run a web browser and connect it directly to the Internet, though Tails will tell us it is a bad idea. The distribution defaults to blocking admin access, though we can override this setting too. In short, Tails tries its best to protect the user, but does not stop the user from forging ahead if they deem it necessary.

Tails is very focused on its niche and performs its tasks well using appropriate tools. There are not many distributions dedicated to keeping users anonymous on-line and Tails does an excellent job of automating the process and making it friendly for people who need private communication, but may not be technical experts.

* * * * *

Hardware used in this review

My physical test equipment for this review was a de-branded HP laptop with the followingspecifications:

• Processor: Intel i3 2.5GHz CPU
• Display: Intel integrated video
• Storage: Western Digital 700GB hard drive
• Memory: 6GB of RAM
• Wired network device: Realtek RTL8101E/RTL8102E PCI Express Fast
• Wireless network device: Realtek RTL8188EE Wireless network card

* * * * *

.