🎯 What Is Tails?

The Amnesic Incognito Live System

A portable operating system that boots from USB, routes everything through Tor, and forgets everything when you shut down. Used by Snowden, journalists, activists, and anyone needing real anonymity.

Your computer's hard drive is never touched. RAM is wiped on shutdown. It's like your session never happened.

Why Tails Beats Everything Else

What Makes Tails Special

  • Amnesic: Leaves no traces on the computer
  • Tor by default: All connections forced through Tor
  • Encrypted persistence: Optional encrypted storage
  • MAC spoofing: Random hardware addresses
  • Metadata cleaning: Strips identifying information
  • Emergency shutdown: Wipes RAM instantly

Who Uses Tails

  • Edward Snowden: Leaked NSA documents using Tails
  • Journalists: Protecting sources, SecureDrop submissions
  • Activists: Organizing under oppressive regimes
  • Whistleblowers: Leaking corporate/government wrongdoing
  • Regular people: Escaping domestic surveillance, research

⚠️ Tails Won't Protect Against

  • Hardware keyloggers
  • Compromised firmware/BIOS
  • Physical surveillance (cameras)
  • Your own operational mistakes
  • Torture (rubber hose cryptanalysis)

Tails is a tool, not magic. Use it correctly or it's useless.

Getting Started: From Download to Boot

1

What You Need

  • USB stick: 8GB minimum, USB 3.0 recommended
  • Computer: 2GB RAM minimum, 64-bit processor
  • Internet: For initial download (1.3GB)
  • 45 minutes: For setup and verification
  • Second USB (optional): For persistent storage
2

Download and Verify

Never Skip Verification

Governments create fake Tails images. Verify or get compromised.

  1. Go to: https://tails.net/ (bookmark the real site)
  2. Download Tails image (.img file)
  3. Download signature file (.sig)
  4. Verify with GPG:
# Import Tails signing key
wget https://tails.net/tails-signing.key
gpg --import tails-signing.key

# Verify the image
gpg --verify tails-amd64-5.19.img.sig tails-amd64-5.19.img

# Should see: "Good signature from Tails developers"

If verification fails, DO NOT USE. Your download is compromised.

3

Create Tails USB

From Linux

# Find your USB device
lsblk
# Usually /dev/sdb or /dev/sdc

# Write image (DESTROYS USB DATA)
sudo dd if=tails-amd64-5.19.img of=/dev/sdX bs=16M status=progress

# Sync and eject
sync
sudo eject /dev/sdX

From Windows

  1. Download Etcher: https://etcher.balena.io/
  2. Run Etcher as Administrator
  3. Select Tails image
  4. Select USB drive (CAREFUL!)
  5. Flash

From Mac

# Find disk number
diskutil list

# Unmount
diskutil unmountDisk /dev/diskN

# Write image
sudo dd if=tails-amd64-5.19.img of=/dev/rdiskN bs=1m

# Eject
diskutil eject /dev/diskN
4

Boot Tails

  1. Shut down computer completely
  2. Insert Tails USB
  3. Power on, access boot menu:
    • PC: Usually F12, F2, ESC, or DEL
    • Mac: Hold Option key
  4. Select USB device
  5. Tails boot screen appears

First Boot Options

  • Troubleshooting Mode: If normal boot fails
  • External Hard Disk: For old computers
  • Advanced Options: Disable Tor (DANGEROUS)

Usually: Just press Enter for normal boot.

Your First Tails Session

1

Welcome Screen Configuration

Language and Region

Choose carefully. This affects:

  • Keyboard layout
  • Timezone (anonymity implications)
  • Language (stylometry risk)

Tip: Don't use your real timezone if hiding location.

Additional Settings (Important!)

  • Administration Password: Set if you need sudo access
  • MAC Address Anonymization: Keep enabled
  • Offline Mode: Only if no internet needed
  • Bridge Mode: If Tor is blocked in your country
2

Connecting to Network

Tor Connection

After login, Tor Connection assistant opens:

  1. Direct connection: If Tor works in your country
  2. Bridge mode: If Tor is blocked
  3. Hide that you're using Tor: Uses obfs4 bridges

Wait for "Connected to Tor successfully!" before doing anything sensitive.

Network Precautions

  • Never use without Tor connection
  • Avoid networks that require login (hotels, cafes)
  • Public WiFi is good (anonymous)
  • Home network reveals location
  • Consider using phone hotspot (bought with cash)

Built-In Privacy Tools

Tor Browser

Pre-configured for maximum security. JavaScript disabled on Safest setting. Don't install addons. Don't change settings. Don't login to personal accounts.

Thunderbird Email

Configured for Tor. Use with anonymous email only (ProtonMail, Tutanota). Never use personal email.

KeePassXC

Password manager. Store passwords in persistent volume. Use strong master password. Generate random passwords for everything.

OnionShare

Share files anonymously. Creates temporary .onion address. Receiver needs Tor Browser. Self-destructs after transfer.

Electrum Bitcoin

Bitcoin wallet over Tor. Still not anonymous (Bitcoin is transparent). Consider using for Monero conversion only.

MAT2 (Metadata Cleaner)

Removes metadata from files. Right-click any file β†’ "Remove metadata". Essential before sharing documents.

Additional Software

Can install temporarily (lost on reboot):

# Update first
sudo apt update

# Examples
sudo apt install vlc      # Media player
sudo apt install gimp      # Image editing
sudo apt install git       # Version control

For permanent software, use persistent volume.

Persistent Storage: Remembering Safely

⚠️ Persistence Reduces Anonymity

Persistent storage can link sessions together. Only use if necessary. Never store identifying information.

1

Creating Persistent Volume

  1. Applications β†’ Tails β†’ Configure persistent volume
  2. Choose strong passphrase (20+ characters)
  3. Select what to persist:
    • Personal Data (documents)
    • Browser Bookmarks
    • Network Connections
    • Software
    • Printers (avoid if possible)
    • Thunderbird emails
    • GnuPG keys
    • Bitcoin wallet
    • SSH keys
    • Dotfiles
  4. Restart Tails
  5. Enter passphrase at welcome screen
2

Persistent Volume Security

  • Encrypted with LUKS (strong)
  • Only accessible with passphrase
  • Invisible when Tails not running
  • Can't be accessed without booting Tails

Best Practices

  • Different USB for different identities
  • Never mix personal and anonymous data
  • Backup encrypted volume separately
  • Change passphrase regularly
  • Destroy USB if compromised

Advanced Techniques

Emergency Shutdown

Compromised? Police at door? Pull the USB. RAM starts clearing immediately.

Better: Set up emergency shutdown:

  1. Remove USB quickly
  2. Or press power button for 5 seconds
  3. RAM is overwritten with random data
  4. Cold boot attacks become harder

Using Bridges

If Tor is blocked or suspicious:

  1. Get bridges from: https://bridges.torproject.org
  2. Or email: [email protected] (from Gmail/Riseup only)
  3. Configure at welcome screen β†’ Tor Connection
  4. Use obfs4 bridges (best obfuscation)

Unsafe Browser

Sometimes need non-Tor browser (captive portals):

  1. Set admin password at welcome
  2. Applications β†’ Internet β†’ Unsafe Browser
  3. ONLY use for network login
  4. Close immediately after

MAC Address Spoofing

Enabled by default. Changes hardware address to random. But:

  • Some networks whitelist MACs
  • Can make you stand out (random MAC obvious)
  • Consider disabling in some situations
  • Welcome screen β†’ Additional settings β†’ MAC address

OpSec: Not Getting Caught

Before Using Tails

  • Buy USB with cash
  • Download Tails from public WiFi
  • Don't use your personal computer
  • Create cover story for having Tails
  • Consider hidden USB compartment

While Using Tails

  • Never login to personal accounts
  • Don't use identifying speech patterns
  • Avoid unique typing patterns
  • Change physical locations
  • Use different USB for different activities
  • Watch for cameras
  • Shield screen from shoulder surfing

After Using Tails

  • Properly shutdown (don't just unplug)
  • Hide USB securely
  • Consider decoy USBs
  • Have plausible deniability story
  • Never discuss Tails usage

🚨 The Weakest Link

Tails is nearly perfect technically. Users are not. Most people caught using Tails were betrayed by:

  • Logging into personal accounts
  • Using identifying writing style
  • Same mistakes repeatedly
  • Trusting the wrong people
  • Poor physical security

Alternatives to Tails

OS Pros Cons Best For
Whonix VM isolation, persistent Complex setup, resource heavy Long-term anonymity
Qubes OS Compartmentalization, secure Hardware requirements, learning curve Security professionals
Kodachi VPN + Tor, DNSCrypt Less tested, smaller community Belt-and-suspenders approach
Parrot OS Pentesting tools, AnonSurf Not amnesic by default Security research

Tails remains best for: Hit-and-run anonymity, whistleblowing, anti-forensics.

Mistakes That Will Burn You

  1. Using Tails at home - ISP sees Tor usage, links to you
  2. Logging into personal accounts - Instant deanonymization
  3. Saving files to hard drive - Leaves forensic traces
  4. Using same USB for different identities - Links them together
  5. Installing random software - Could be malicious
  6. Disabling security features - "For convenience"
  7. Using JavaScript - Enables browser exploits
  8. Mixing Tor and clearnet - Correlation attacks
  9. Trusting exit nodes - They see unencrypted traffic
  10. Not updating Tails - Missing security patches

Real-World Tails Usage

Snowden's Workflow

  1. Booted Tails from USB
  2. Accessed NSA documents from encrypted drive
  3. Contacted journalists via SecureDrop
  4. Uploaded documents through Tor
  5. Shut down, no traces

Journalist Source Protection

  1. Source boots Tails at library
  2. Accesses SecureDrop .onion site
  3. Uploads documents
  4. Provides codename to journalist
  5. Communication established anonymously

Activist Coordination

  1. Boot Tails at cafe
  2. Access group's hidden service
  3. Share plans via OnionShare
  4. Coordinate via encrypted chat
  5. Shutdown before leaving

The Bottom Line on Tails

Tails is the gold standard for anonymous computing. It's what you use when failure means prison or worse. But it's not foolproof.

Strengths:

  • True amnesia - no traces left
  • Forces all traffic through Tor
  • Battle-tested by dissidents worldwide
  • Free and open source
  • Actively maintained

Weaknesses:

  • Can't protect from hardware attacks
  • Tor traffic is suspicious
  • Small user base (compared to Windows)
  • Requires discipline to use correctly
  • One mistake can compromise everything

Start Practicing Now

Don't wait until you need anonymity to learn Tails. Download it today. Practice the workflow. Build muscle memory. When you really need it, you'll be ready.

Remember: Tails is like a fire extinguisher. Better to have it and not need it than need it and not have it.

πŸ“š Essential Resources

  • Official docs: https://tails.net/doc/
  • Warning page (READ THIS): https://tails.net/doc/about/warnings/
  • Threat model: https://tails.net/doc/about/threat_model/
  • r/tails subreddit (use via Tor)

Related Guides