Some people overestimate the capabilities of anonymous operating systems, thinking that after they launch OS like Tails, they are completely protected from any enemy.
This is not true. It is extremely dangerous to have the above-mentioned attitude. An operating system is just a tool. Its effectiveness depends on the person who uses it. You should always remember that your best defense is your brain and a sense of caution; everything else is secondary.
Let’s see what things should be avoided when using anonymous operating systems:
- Do not change any system settings, especially if you have a poor understanding of the consequences of such changes.
You do not need to tweak anything if you do not have enough experience. You should not change the proxy from SOCKS5 127.0.0.1:9050 to System Proxy Settings just because: “Everything works both ways.” Yes, everything works this way, and that way, but the first mode protects you against forgetfulness – if you at some point turn off the Tor proxy and forget to turn it back on, your real IP will not be revealed.
There is no need to try to add a VPN to Tails. If this OS does not have a native VPN support, this does not mean their programmers are crooked morons. It means that your VPN will weaken your anonymity, and not strengthen it, as you might have thought because of your poor knowledge.
- There is no need to unlock the front door when an anonymous operating system is loaded on your computer.
Do not open the door at all – either to check the mail nor to get a beer downstairs. If you launch an anonymous OS – sit still and work. If you have an urgent need to unlock the front door (it does not matter for how long, even for 10 seconds) – turn off the system, hide the flash drive in a secret place and go open the door.
Why? Everything is simple. Firstly, police or other interested parties who need data from your device can wait for this moment. They understand that data is encrypted. Yes, they can arrest you and get passwords with the help of a court order or even beat passwords out of you. But still, there is no 100% guarantee.
In addition, it will take some time, during which, for example, other participants of your group may detect your unexpected disappearance.
A much easier way to seize a computer with encrypted data is to use the moment when a person opens the door while a flash drive sticks in his laptop. It will be a royal gift of fate for them.
Next, there may happen other force majeure circumstances. For example, you go out into the staircase and suddenly feel bad. You faint and hit your head on the steps. The neighbors call an ambulance and seeing the blood on your head and the open door, decide you were robbed, and call the police too. And while the doctors will take care of your injuries, the police will scour the apartment in search of traces of the robbery and find a laptop with a logged-in forum, chat window, etc.
- Do not visit websites that are not related to your main work.
YouTube, news, eBay, and other stuff should be banned. The more sites you visit when on an anonymous session, the more information you leave about yourself, your habits, style of web surfing, etc. I will not even write here about logging into personal accounts of social networks; these are the basics.
- Do not download files from the Internet or copy files from other media.
In an ideal situation, you do not have a need to download anything from anywhere to an anonymous system, as well as copy data from other flash drives. This can cause unnecessary problems. Yes, Tails will forget everything, including adware and viruses. But it will forget it after a reboot. If you launch a virus, it will perform all its tasks for as many hours as you work until the reboot.
If the situation requires to download or copy something, then do this:
- Install rkhunter and clamtk
- Update the clamtk database
- Download files you need
- TURN OFF THE INTERNET PHYSICALLY by disconnecting the adapter from the computer or by turning on the “airplane” mode on the laptop
- Open the downloaded file
- Scan the system with two programs listed above
- If everything is OK – get back online
- Do not crosspost
If you have several favorite phrases and you use them on discussion boards or social networks, you should not use them while working in an anonymous system. This is called crossposting, and this is one of the effective methods of user deanonymization. Investigators collect all your silly posts from a specific forum, after which the key indicators are calculated:
- The average number of punctuation marks per 100 characters of text
- The average number of errors per 100 characters of text
- Typical typos (you confuse the letters f and t since they are nearby and your index finger on your left hand is broken)
- Jargon (you are a former military man, a former athlete, etc.)
After that, a certain network profile is formed. Robots similar to those used by Google start searching for texts with similar parameters on all existing websites as all as archives. As a rule, they do find coincidences.