Slashdot Mirror

← Back to Stories (view on slashdot.org)

Snowden Used the Linux Distro Designed For Internet Anonymity

Posted by Soulskill on from the NSA-can't-make-heads-or-something-of-it dept.

Hugh Pickens DOT Com writes: "When Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. Now Klint Finley reports that Snowden also used The Amnesic Incognito Live System (Tails) to keep his communications out of the NSA's prying eyes. Tails is a kind of computer-in-a-box using a version of the Linux operating system optimized for anonymity that you install on a DVD or USB drive, boot your computer from and you're pretty close to anonymous on the internet. 'Snowden, Greenwald and their collaborator, documentary film maker Laura Poitras, used it because, by design, Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

The developers of Tails are, appropriately, anonymous. They're protecting their identities, in part, to help protect the code from government interference. 'The NSA has been pressuring free software projects and developers in various ways,' the group says. But since we don't know who wrote Tails, how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide; if it's bad for the NSA, it's safe to say it's good for privacy. And all of the Tails code is open source, so it can be inspected by anyone worried about foul play. 'With Tails,' say the distro developers, 'we provide a tongue and a pen protected by state-of-the-art cryptography to guarantee basic human rights and allow journalists worldwide to work and communicate freely and without fear of reprisal.'"

32 of 171 comments (clear)

  1. The NSA is becoming a new God for "True Believers" by mythosaz · · Score: 5, Funny

    What's that? Have any unknown in your life? Just insert the NSA?

    Don't have the source code? The NSA must be behind it.
    Don't know who spread a worm? Must be the NSA.
    Don't know who authored BitCoin? NSA.
    Don't know who packaged up TAILS? NSA.

    The NSA sent his heavenly son to die for our sins.

  2. Cue NSA infilatration in 3...2.... by NotDrWho · · Score: 4, Interesting

    May want to keep an eye out in the development community of the OS for a sudden influx of programmers "just wanting to help out." Or existing members suddenly driving new sports cars and acting strange.

    --
    SJW's don't eliminate discrimination. They just expropriate it for themselves.
    1. Re:Cue NSA infilatration in 3...2.... by RGRistroph · · Score: 4, Funny

      We, the open source and freedom-loving community, may need an organized task force to keep track of these programmers, track their incomes, and store their communications -- just for future reference in case something comes up and a mole is suspected, not an actual search as the Constitution defines it, of course. Similar to the Apache Foundation and other Foundations for Open Source causes, but tasked with keeping our communications secure, and breaking the other side's communications where feasiable. We'll have to keep the existence of the Association secret as much as possible of course, and thus also hide it's budget in small items spread accross the other Foundations. They'll archive all the repos and mailing lists and IRC channels and any other communication medium, but advances in technology make the storage on that scale cheaper. We might have to rent a large building out somewhere that has cheap land and few pesky curious tresspassers, Utah or something. We'll just refer to it as No Such Association for now. A small and expedient measure given the threats of our times.

  3. Re:Well, If the NSA Can't Crack It, Ya Right by CanHasDIY · · Score: 3, Insightful

    https://tails.boum.org/downloa...

    --
    An enigma, wrapped in a riddle, shrouded in bacon and cheese
  4. Tails is awesome by Midnight_Falcon · · Score: 2
    And the anonymous authors of the package deserve a medal.

    The CIA etc notes that its employees 'serve in silence,' surely this team has advanced the cause of freedom and liberty more than them, in silence.

    1. Re:Tails is awesome by anagama · · Score: 3, Interesting

      Jesus -- I haven't done acid since my college days a quarter century ago. You should lay off it.

      Big Lie -- you're whole post is this. You try to take on the mantle of a freedom loving defender of American virtue, when the fucking straight fact is, you are the biggest NSA shill there is, and the NSA is one of the biggest threats to the US Constitution in the entire world. We also have other Executive branch things that are pretty fucking bad, but the NSA is anti-constitution, thus anti-American, and your support for the NSA makes YOU anti-American.

      --
      What changed under Obama? Nothing Good
  5. Re:Anonymous on the internet? by Midnight_Falcon · · Score: 5, Informative

    Tails bakes in a routing table that makes all traffic go over Tor. It also has built-in I2P support. So, while ISPs can look at your traffic, it becomes quite a tough nut to crack to figure out what you're actually doing. Attacks are possible, but require exponentially more sophistication and resources than just tracking an IP.

  6. Re:NSA boogeyman by Midnight_Falcon · · Score: 4, Informative

    Go on YouTube and listen Jacob Appelbaum's (a Tor developer) videos. Something about NSA agents peering into his girlfriend's window at night and various other intimidation tactics..and that's just him..

  7. Almost by s.petry · · Score: 4, Interesting

    Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

    Traffic sniffing does not require files on the target and this is the biggest source of data for agencies like the NSA. It may protect you from key loggers being installed (unless they were inserted ahead of time).

    I'm pretty sure that part of Snowden's leaked information showed that exploits are occurring at the hardware level as well as software. Entry points like LOM modules were explicitly called out in the leaked presentations.

    I'd agree that forensics becomes extremely difficult, if not impossible (memory analysis can still occur). I don't agree that the systems are immune to malicious software at least in a general sense. Immunity would require a lot of control for the hardware running the OS, and monitoring to make sure things have not been tampered with. Relying on a repository build of an OS imaged is still a target for potential a MITM attack feeding a user a kitted image.

    It's all good in my opinion, I'm just being picky about the terminology chosen. Immunity implies absolute safety, and very little in the world is absolute.

    --

    -The wise argue that there are few absolutes, the fool argues that there are no probabilities.

    1. Re:Almost by lister+king+of+smeg · · Score: 4, Interesting

      Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

      Traffic sniffing does not require files on the target and this is the biggest source of data for agencies like the NSA. It may protect you from key loggers being installed (unless they were inserted ahead of time).

      All traffic sniffing will do is show they are talking to a TOR entree node. Everything is wrapped in multiple layeres of encryption between you and each of the nodes in between. Maybe they could tell from traffic analysis what type of traffic it is based on traffic profiling, streaming your pr0n over to will have a different profile than browseing a webpage wich will in tun be different than ssh, but they still won't know the end point and what the content is.

      I'm pretty sure that part of Snowden's leaked information showed that exploits are occurring at the hardware level as well as software. Entry points like LOM modules were explicitly called out in the leaked presentations.

      Yes but they would have to have had access to your computer to insert the hardware bugs. If you say pick up a cheap laptop at walmart paid for with cash they won't know who has it, and would not have inserted the bugs as they could not have known who would end up wih the computer.

      I'd agree that forensics becomes extremely difficult, if not impossible (memory analysis can still occur).

      if they are doing memory analysis thy have the computer in their posesion already and you probably have a much larger issues to worry over.

      I don't agree that the systems are immune to malicious software at least in a general sense. Immunity would require a lot of control for the hardware running the OS, and monitoring to make sure things have not been tampered with.

      Technically true. However you have to trust something, and as long as there has been know oppertunity to tamper with the computer you can assume your safe for most things.

      Relying on a repository build of an OS imaged is still a target for potential a MITM attack feeding a user a kitted image.

      That is why we have cryptographic signatures on repositories and iso images. If they can break a 4092 bit key in polynomial time we are f***ed anyway

      --
      ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
  8. Re:Anonymous by lister+king+of+smeg · · Score: 4, Informative

    Incognito Linux did not impress me. You can be more anonymous using Backtrack.

    ah no.

    Backtrack is for cracking not staying anonamous.
    Tails routes all of your traffic through TOR and keeps you anonymous as long as you don't share anything reveling.

    --
    ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
  9. The Distant Future, Considered by SuperKendall · · Score: 3, Interesting

    how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide

    And that, ladies and gentleman, is how you play the Really Long Game.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  10. Re:The NSA is becoming a new God for "True Believe by theskipper · · Score: 5, Interesting

    Well, personally my first thought after reading the summary was "but how do you trust the BIOS?" A few years ago I'd have immediately said that's conspiracy theory and dismissed it (along with the other items you listed). But after a year of exposure to the Snowden and RSA revelations and everything else, it pains me to say these NSA questions aren't so far fetched any more.

    Sure they may not be probable but they could be possible. No matter how rational you think you are, it really messes with one's mind. Subtle paranoia, if you will.

  11. Re:The NSA is becoming a new God for "True Believe by MrNickname · · Score: 4, Funny

    That sounds like something the NSA would post.

  12. NSA 'compaining' about tails by spasm · · Score: 3, Insightful

    NSA 'compaining' about tails? Oh, no, please don't throw me in that briar patch!

    http://americanfolklore.net/fo...

  13. The government should pass a law! by Vinegar+Joe · · Score: 4, Funny

    Snowden would have had a much harder time had he been using legal Microsoft products.

    --
    "The average reporter we talk to is 27 years old......They literally know nothing." - Ben Rhodes
  14. Re:Amnesic? by CanHasDIY · · Score: 2

    The Amnesic Operating System.

    Shouldn't it be amnesiac?

    Nope - an amnesiac is a noun that refers to a person suffering from amnesia; "amnesic" is an adjective that means "exhibits properties of amnesia," which can apply to more than just the human psyche.

    --
    An enigma, wrapped in a riddle, shrouded in bacon and cheese
  15. Having the souce Code does not make it safe by hduff · · Score: 3, Informative

    Unless you compile from vetted source code on an un-compromised system using an un-compromised compiler, etc., you can't be certain the binary they provide is the same as what compiling the source code would provide.

    --
    "I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
    1. Re:Having the souce Code does not make it safe by istartedi · · Score: 3, Funny

      I would assemble the system myself from discrete transistors, except that I can't be sure the NSA didn't drug me, drag me off and hypnotize me.

      --
      For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
  16. Re:NSA boogeyman by Midnight_Falcon · · Score: 3, Insightful

    Considering the fact that the NSA is super-secretive and the ongoing joke is it's an acronym for "No Such Organization," short of another Edward Snowden I don't think you can be given the kind of evidence you want. Remember, before Snowden those "paranoid" people like Tor Developers were relegated by folks like you into the land of nutjobs, conspiracy theorists and tinfoil-hat haberdashers. Now look..

  17. Re:Anonymous on the internet? by Midnight_Falcon · · Score: 2

    No, no, and no. If you were using tails, you wouldn't have been vulnerable to this attack because it enables NoScript by default. Tails' use of security best practices helps protect against zero-day exploits like the FBI's javascript malicious payload.

  18. Re:Anonymous by Midnight_Falcon · · Score: 4, Insightful

    There's plenty of ways to defeat stylometric analysis, notably, running things through a translation engine several times through a few languages.

  19. Re:Why doesn't TAILS use TRUCRYPT (or similar)? by TeknoHog · · Score: 2

    Maybe Trucrypt isn't available for linux distros but i am sure there are plenty of alternatives that do a similar full system os encryption.

    I can think of one alternative on Linux, it's called Truecrypt with an "e".

    --
    Escher was the first MC and Giger invented the HR department.
  20. Re:NSA boogeyman by lonOtter · · Score: 3, Funny

    No, he doesn't. He's referring to the real puppeteers: NSO.

    --
    [End Of Line]
  21. Trust No One by Lawrence_Bird · · Score: 2

    Are you able to verify all of the distribution yourself? Are you able to vet the contributors? Are they able to vet each other? Is Tor really safe?

    It all comes down to a matter of degree but in the end... Trust No One

  22. Re:Well, If the NSA Can't Crack It, Ya Right by Nimey · · Score: 3, Informative

    I've been seeding the 0.23 version since it came out. Here's the magnet link:
    magnet:?xt=urn:btih:B7EE06A2568630EED830CFFBF45B6BFD5DE796D4&dn=tails-i386-0.23&tr=http%3a%2f%2ftorrent.gresille.org%2fannounce

    --
    Hail Eris, full of mischief...

    E pluribus sanguinem
  23. Re:NSA boogeyman by Anonymous Coward · · Score: 3, Interesting

    Really? There haven't been enough scandals yet?

    - pressure to backdoor linux - http://www.itworld.com/open-source/383628/linus-father-confirms-nsa-attempt-backdoor-linux
    - NSA/GCHQ have power points about trying to attack TOR exit nodes including with DOS attacks
    - they hack sys admins
    - they are suspected of introducing bugs into code bases (anonymous commit to the linux kernel which had a = instead of == allowing remote code exploit)
    - they are known to have inserted hardware backdoors into US chips - most probably Intel and Via.
    - they used NIST to cripple encryption and random number generation standards. (They fixed the s-boxes in DES, but they reduced the key length from 64 bits to 54 bits. They lobbied to reduce the number of passes in current crypto systems. The Dual_EC_DRBG is the backdoored random number standard they forced though.)
    - They paid $10 million to RSA to set the default to this bad random number generation standard.
    - They use porn browsing habits and other information they collect to discredit people they don't like - this includes Americans.
    - They launch DoS attack against people they don't like. This includes people in anonymous and file shares using pirate bay. Anyone happening to use the same public IRC servers suffer too.
    - They launch "false flag" operations - meaning they do something evil, blame someone else, and use that as an excuse to do the thing they originally wanted to do but couldn't (the equivalent of shooting your own troops, blaming the enemy, and launching a "counter attack").
    - Joe Nachio former CEO of Qwest, was invited to Fort Meade and asked to do something blatantly illegal to which he said no. As a result, he lost the government contracts he expected to get, and the government arrested him for insider trading. He served 6 years in prison after being denied the right to defend himself because the programs in question were classified. (And you wonder why other telcos go along with the NSA's "requests")
    - Lavabit (secure email provider) was strong armed into closing after they received an NSL to spy on Snowden's email. The form of the NSL required that ALL lavabit customers would be spied on.

    These are just off the top of my head! How many demonstrations of evil do you need from those bastards? They are completely out of control.

  24. Re:Amnesic? by un1nsp1red · · Score: 2

    A manic maniac?

  25. Re:The NSA is becoming a new God for "True Believe by fractoid · · Score: 2

    Just physically unplug the hard drive before booting off a live CD? I have to admit, though, that my first reaction was also "Anonymously produced live CD promises to protect your secrets? Sounds legit."

    --
    Rampant carbon sequestration destroyed the Dinosaurs' tropical paradise. I'm here to help repair the damage.
  26. Re:Anonymous by fractoid · · Score: 2

    Sir! I think we've just identified the Babelfish Bandit!

    --
    Rampant carbon sequestration destroyed the Dinosaurs' tropical paradise. I'm here to help repair the damage.
  27. Re:NSA boogeyman by fractoid · · Score: 2

    Who are controlled in turn by an even more mysterious organisation: ROUS.

    But I doubt they exist.

    --
    Rampant carbon sequestration destroyed the Dinosaurs' tropical paradise. I'm here to help repair the damage.
  28. Re:The NSA is becoming a new God for "True Believe by Johann+Lau · · Score: 2

    It was not his choice to get stuck there, the US govt pretty much made sure. You know, even getting the Swiss to force down the plane of a president and search it, because he might be on board... really, your comment is unintentionally ironic: the invasion already happened -- that is, your external enemies ain't shit compared to the internal ones you bred yourself -- and it's YOU who is bending over and cheering.