Silk Road forums
Discussion => Security => Topic started by: Garrincha on August 08, 2013, 06:12 pm
-
Hey there, read a disturbing piece of news yesterday, saying that the operators of Tor are recommending that it should not be used in conjunction with Windows. I'm not technologically minded, so I don't know the first thing about why this is the case and whether I should consider installing a whole new operating system. Anyone else hear this alarming news? :(
-
Pretty much anyone who knows anything about these things says don't use Windows.
The particular attack we had recently only targeted Windows users. It doesn't follow that just changing your OS alone will protect you from the next attack, but it wouldn't hurt for you to try Tails.
Do people still use Liberte? Liberte used to be talked about a lot on here as a good alternative, though it looks like a new release hasn't come out since 2012.
-
They recommended not using Windows because it's the least secure operating system and the biggest target of malware and other attacks. The FH exploit targeted Windows. By simply switching to another operating system, you decrease your attack attack surface by an order of magnitude. If you need to use Windows and can't install another operating system like Linux, even in a separate partition for dual-booting, you should run Linux in a virtual machine and conduct your sensitive activities entirely in that virtual machine. You can even get full disk encryption by encrypting the virtual hard disk, which is usually a ~10 GB file on your hard drive. An even safer set up is to use 2 virtual machines and run Tor in one while conducting your sensitive activities, like web browsing over Tor, in the other VM. Basically, all network connections from one VM are run through the other which has Tor. That would make it incredibly difficult to run an exploit against you to obtain your real IP address.
-
What is Tails exactly? And can I use it without ditching Windows altogether?
-
What is Tails exactly? And can I use it without ditching Windows altogether?
Yes you can. Tails is an operating system on a USB stick.
Put the stick into your machine and switch it on. It will boot into Tails, which has a Torified browser, PGP etc. Use it to do your SR work, then shut down.
Pull the stick out, and switch your PC on again to boot into Windows. No trace is left on your PC that you ever used Tails.
Getting Tails is easy. You need (1) a USB stick, and (2) the Tails .ISO from https://tails.boum.org/, (3) the Universal USB Installer from http://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/
Full info is available at tails.boum.org
Liberte Linux is another one I used for a long time before switching to Tails. I actually preferred it to Tails. It was easier to install too - just copy files onto the stick and run a file (if memory serves me correctly).
Basically the point is you keep your Windows PC nice and clean, and do all your dodgy stuff using the same computer, but on an operating system which sits on a USB stick.
-
I use windows 7, but my HDD is encrypted with Truecrypt, and I PGP everything. I am not too worried about anything, I guess I could get a new HDD, and just get tails then there should be no trace of TOR on my computer, right?
-
Thanks to you all for your advice ( even if I didn't understand some of it, due to a lack of knowledge when it comes to cutting-edge technology ). BTW, what is meant by a "virtual machine", and how do you create one?
-
Thanks to you all for your advice ( even if I didn't understand some of it, due to a lack of knowledge when it comes to cutting-edge technology ). BTW, what is meant by a "virtual machine", and how do you create one?
Whonix is using virtual machines which you can start from your Windows desktop:
(clearnet) https://whonix.org
or http://zo7fksnun4b4v4jv.onion/wiki/Main_Page
See the step-by-step tutorial in my signature if you have problems installing it. Tails is easier to use however.