How to install Tails OS (Guide for the Ultra Paranoid)

Written By: Jacob Mehnert
  • Comments: 0
How to install Tails OS (Guide for the Ultra Paranoid)

Difficulty

Moderate

Steps

10

Time Required

No estimate

Introduction

Warning: The following guide was made to educate others on privacy-keeping techniques and Operational Security (OPSEC) practices, to educate others on better protecting their personal data. Please use the knowledge gained from this guide responsibly.

Authors Note

The following guide is based on the amazing work of Mental Outlaw on YouTube and acts as a more in-depth guide to the How to create a Tails Live USB. If you want a more streamlined way of installing Tails OS, consider checking out that guide.

Things You'll Need

  • A USB flash drive with at least 8GB capacity (Ideally with USB 3.0 Speed)
  • A computer running a Linux Based OS (Ubuntu is recommended)
  • A secure Internet connection (You are going to want to use the Tor Browser)

    • Using the Tor Browser, visit the official Tails website.

    • You can also download the Tails .ISO file through an open source BitTorrent client over a VPN.

    • This allows you to download the Tails .ISO without any potential adversaries knowing you've downloaded Tails, and reduces the chances of you downloading a back doored .ISO.

    • Once your .ISO file has finished downloading, you will verify that the file has not been corrupted or modified using the GNU Privacy Assistant.

    • The Tails OS website does have their own verification method, however it is through JavaScript, which is vulnerable to hackers and other threat actors who can manipulate data, redirect sessions, modify and steal data, through JavaScript.

    • Download the signing key and grab the signature of the software.

    • Open GNU Privacy Assistant and open up Key Manager and create a New Key.

    • Import the Tails Signing key into GNU Privacy Assistant, and verify that the Validity of your downloaded key is showing valid.

    • Part of the reason you are Verifying the key a second time with a third party PGP key server is to ensure that the Signing Key has not been compromised by potential bad actors.

    • Using Tor, go to pgp.mit.edu and enter Tails Developers into the Search String field.

    • Ensure the option for Show PGP fingerprints for keys is checked, then click Search.

    • You will recieve several different results, but the one you are going to want is the offline long-term identity key

    • Compare the fingerprint generated from GNU Privacy Assistant to the fingerprint shown by pgp. If they are the same, then the file is safe to use.

    • Once you have finished verifying the file, you will need to sign the software key with your key in GNU Privacy Assistant

    • Right-click the key you created in Step 3 and select Sign Keys and use the passprase you used with your private key.

    • Once signed your key should read Fully Valid under the Validity column.

    • You can check the validity of your Tails OS image file by importing the file directly into GNU Privacy Assistant and clicking the Check Signatures of Selected File. If the file has not been modifyed then you should get a message indicating the file is valid.

    • For Linux Distributions, it is highly recommended that you use 'dd' to write to your USB drive since it will be preinstalled on your system. Use the command listed below with the appropriate file extension and drive names without the parenthesis.

    • sudo dd if=[name of Tails Image File] of=/dev/[Name of your USB drive] bs=16M oflag=direct status=progress

    • You now have a live USB of Tails OS. From here you can insert the drive into a different computer and use it, or you can reboot your current computer and boot from your USB drive.

    • Insert the Tails live USB into the computer you want to use.

    • Restart the computer and enter the boot menu by pressing the appropriate key during startup (usually F2, F12, or Delete).

    • Select the USB drive as the boot device from the boot menu.

    • Tails will start, and you'll be presented with the Tails Greeter screen.

    • When you first boot into Tails OS you will be greeted with a welcome screen. You can set your default keyboard layout and language settings on this screen, however, it is highly recommended that you set an administrator password.

    • From the Welcome Screen select the + button in the Additional Settings section and set a password in the Administrator Password section

    • Once you're satisfied with the initial options click Start Tails to boot to your Tails Desktop.

    • Once you have booted to your desktop, you will want to set up your network and connect to Tor.

    • Open the System Menu from the Upper Right-hand corner and click Wi-Fi. Choose your network and enter your login credentials.

    • Once connected to your network the Tor Connection Assistant will open automatically. Select the Hide to my local network that I'm connecting to Tor

    • These settings will reset if persistent storage is disabled.

    • Once connected open the Tor Browser from the Applications Tab and go to the More Options button on the far right, and click Settings from the dropdown menu.

    • Choose Privacy and Security and under Onion Services make sure the Always option is selected.

    • Scroll down to the Security Level section and make sure the Safest option is selected.

Conclusion

Congratulations! You now have an secure method of browsing the web through Tails OS. Please remember that the following guide was made to educate others on privacy-keeping techniques and Operational Security (OPSEC) practices, to educate others on better protecting their personal data. Please use the knowledge gained from this guide responsibly.

Author

Jacob Mehnert

Member since: 18/10/21

30760 Reputation

0 comments