Security IT/LiveCD

From Wikibooks, open books for an open world
Jump to navigation Jump to search

Despite the various precautions, it is difficult to gain 100% confidence that the system will not leave unwanted traces of anonymous user activity. Another risk is gaps, errors and software that do not respect even the proxy settings. To remedy this, specialized operating systems for use with Tor arise - for example in the form of a live system, booted from a CD or USB stick, or disk image for use with a virtual machine. Below are a few of these types of products. First, I will give a definition of both terms:

  • Virtual machine - controls all references of the launched program directly to the hardware or operating system and ensures their support. Thanks to this program running on the virtual machine "thoughts" that works on real hardware, while in fact works on virtual equipment, "faked" by the appropriate software (virtual machine).
  • LiveCD - operating system (usually with bundled software) installed on a carrier with its own boot loader, allowing it to be run in RAM, without the need to install it on the computer's hard drive.

the virtual machine is that thanks to it we can predict what could happen on our real OS if, for example, we installed suspicious (in our shading) software or performed potential dangerous tasks (which would result in some damage). Unfortunately, before we use it, you should:

  1. Download the program (eg VirtualBox) and download the operating system we are interested in
  2. Configure the program so that it can open the system we downloaded and allocate some space for it on the hard disk
  3. Install the system on the machine (one-off operation, if after the installation we make a snapshot of a fresh "installation")
  4. Install the appropriate software (if you want to get into the .onion network) unless you have installed the distribution by default with such software (more on that later)

this way is good if you want to test an unknown operating system without compromising your current system and time to install two. It may be time-consuming but thanks to this we will know what distribution then save on your carrier to fully use the LiveCD. However, this method is not suitable as an alternative to the LiveCD for several reasons:

  • The virtual machine requires: The real operating system already installed, the use of a part of your hard disk to create a virtual HDD. This is very demanding for the computer, therefore this task can not be dealt with by any older / weaker computer and the necessity of using a hard disk in contrast to the LiveCD.
  •  Configuring the program and installing the system is a very labor-intensive activity. This can not be replaced by a LiveCD because it slows down the emulator and this solution is completely useless.

LiveCD features simplicity, virtually no prerequisites, especially if we used a CD for LiveCD. If instead of a disc we used, for example, Pendrive, sometimes it is required to configure the BIOS so that it looks for the system on this medium. After that, you do not need anything more, it works anytime, anywhere (even on a virus-infected computer) and that's why we'll take care of this technology.

Below are a few Linux distributions that contain the TOR:

most of them do not leave any traces - apart from the fact that on disks (which every LiveCD distribution can do) it also automatically erases the contents of RAM (which protects against Cold boot attacks)

After the author has tested several of the above I recommend using TAILS for distribution. It is at the moment the most extensive, detects a large number of backdoors that would allow tracking and in addition is rapidly developed. By the way, if we are not supporters of Linux and their GUI TAILS, it can be made similar to Windows XP (after loading the system after clicking "log in" in the next window, we can choose the "Windows XP camouflage" option).

we can also use non-specialized distributions such as Puppy linux which allows you to save sessions (it is therefore suitable for performing work operations).

another system ensuring even greater anonymity is Whonix - an operating system with two virtual machines embedded (described VirtualBox at the beginning of this article). Whonix-Gateway is only used as a TOR gateway (such as page) second, Whonix-Workstation is used for normal sufra. We want to say something in the past, so we need to use both virtual machines to do this.