Photographee.eu - Fotolia
NSA whistleblower Edward Snowden reportedly used the Tails OS to keep his communications safe from snooping. How does this technology work? Is there a legitimate use in an enterprise context for high-security activities?
According to The Guardian reporter Glenn Greenwald, he and Snowden used Tails to keep their communications secure. Tails is a standalone bootable computer installation that includes an operating system and preinstalled applications, all of which run in the computer's memory. Instead of loading the operating system from a desktop or laptop's hard drive, users load Tails directly from a CD, DVD, USB stick or SD card. It has been designed from the ground up to provide anonymity and preserve privacy while a user is on a computer or the Internet.
Tails is an open source version of the Debian Linux operating system, but it is stateless and optimized for anonymity. Tails comes with several preconfigured privacy and cryptographic tools like OpenPGP, the password management system KeePassX, LUKS for disk encryption and the chat encryption plugin Off-the-Record. It doesn't store any data locally, only using RAM to run the OS and applications. Data held in RAM is erased when the computer shuts down so that when a user boots back into their computer's normal operating system, no history from the Tails session remains. This prevents anyone from being able to recover data or gather forensic evidence. Tails is configured so that all connections to the Internet have to go through the Tor network, which anonymizes a user's Internet traffic by routing it through a network of computers around the world.
In this Internet age of mistrust and rumor, can Tails be trusted -- particularly as nobody knows who the developers of Tails are? The developers initially called their project Amnesia and based it on the existing Incognito operating system, with Tails standing for "The Amnesic Incognito Live System." The project's aim is to bring privacy technologies together in a ready and easy-to-use form. Started five years ago, all the code is open source -- so it can be reviewed by anyone worried about backdoors. A separate group is said to be developing a mobile version of Tails that can run on Android and Ubuntu tablets.
There is certainly a need for a live OS like Tails for journalists, whistleblowers and the like, and with the growing level of cyberespionage, many enterprises may benefit from using it to exchange highly sensitive commercial data between departments and partners, or when top executives need to use the Internet while traveling abroad.
While Tails makes it much easier for the average person to use privacy tools (for example, Tor runs automatically), training and a strong sense of paranoia will be necessary to ensure all online activities are kept anonymous. Although Tails includes productivity applications like OpenOffice, enterprises are best off having computers dedicated solely for using Tails when a secure communication channel is needed, ensuring it is kept physically secure and air-gapped at all other times. This means total isolation from any other computer and manually transferring files to and from it on trusted media.
No operating system or privacy tool can guarantee complete protection in all situations, but using Tails can go a long way toward facilitating the secure exchange of highly sensitive information.
Ask the Expert!
Have a question about application security? Send it via email today! (All questions are anonymous.)
Should Internet anonymity be banned? Schneier and Ranum face off
Learn how to surf the Web anonymously
Dig Deeper on Alternative operating system security
Related Q&A from Michael Cobb
Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
Shellcode is a set of instructions that executes a command in software to take control of or exploit a compromised machine. Read up on the malware ... Continue Reading
The popular port scan is a hacking tool that enables attackers to gather information about how corporate networks operate. Learn how to detect and ... Continue Reading