Silk Road forums

Discussion => Security => Topic started by: loginathome on July 29, 2011, 06:42 am

Title: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: loginathome on July 29, 2011, 06:42 am
These instructions assume that you are using Linux to write the files.  If you aren't, you should be.
This will show you how to create a flash drive with tails, custom apps, and Encrypted Storage on the same key.
If you are Using Tails Live USB, these instructions will greatly simplify things.

You'll need a USB Key (USB Flash drive...) that is greater than 2GB

This is pretty skimp on the details, so just ask and I'll go into further detail if anyone needs help.

1)    Download unetbootin. 

2)    Use this to write the tails CD image to the flash drive.
       Boot the flash drive to make sure it works. 

3)   now, using gparted or other partition manager, shrink the partition as far as you can.
      Nothing is ever saved there, so you can shrink it all the way.

4)  Create another partition of 512MB or something.  I used 512, its a good number, can't image why you'd need more.

5)  Search the internet for portable linux apps.  I don't remember where they are, but I trust your google fu.
      find truecrypt and put it on the second partition.  Also put whatever else you want.

6)  Format the third partition to be whatever you want, you are going to encrypt it with truecrypt.  It really doesn't matter, as truecrypt is going to format it later.

Now you can boot tails, which will never save anything within the OS.
You have an unencrypted place to store stupid stuff that doesn't need to be encrypted.  Such as any apps you want as well as your wireless keys and what not.
and an encrypted place place to store everything that is sensitive.  Like your PGP keys and the address of Silk road.

Easy.  (although you kinda have to know how)
I used an 8GB microcd card, and it works perfectly. 
(Also it can be swallowed if necessary....)

I (re)wrote this cause I see so many people complaining about the lack of storage in Tails, even though it is (to me) a relatively simple thing to make work.
I hope that this helps someone out until Tails includes storage options. 
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: RedRocket on July 29, 2011, 06:46 am
thanks for that mate,didnt fancy swallowing 2 cards...
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: biscuitbase on August 22, 2011, 11:23 pm
I'm going to have a go at doing this. Do you have a USB adapter for your microsd or do you have a card reader on your pc?
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: ach2 on August 22, 2011, 11:38 pm
I've been trying very hard to get this bootable on my macbook, but have had no success at all. I tried installing refit to no avail. I also read that unetbootin works well, but can't make usb drives bootable on mac. This is driving me insane. Anyone have any insights they'd care to share? Thanks.
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: biscuitbase on August 22, 2011, 11:47 pm
Have you had success booting it from another PC (non mac) ?
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: ach2 on August 23, 2011, 12:10 am
I don't have another PC but I couldn't get it to boot in parallels, if that means anything. I followed these directions but couldn't get it to work:

http://renevanbelzen.wordpress.com/2009/10/14/creating-a-bootable-usb-stick-with-mac-os-x-in-10-easy-steps/
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: awesome1126 on August 24, 2011, 12:30 am
Try booting tails using virtualbox on your mac, I use it all the time and it works great.
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: btcfreedom on August 24, 2011, 01:47 am
I've been trying very hard to get this bootable on my macbook, but have had no success at all. I tried installing refit to no avail. I also read that unetbootin works well, but can't make usb drives bootable on mac. This is driving me insane. Anyone have any insights they'd care to share? Thanks.

for my mac peeps - there are loads of other booters around there, chameleon being one.

personally i have a custom made boot-rom included mac OS X bootable key with encrypted storage, encryption on-the-fly, and

passphrase upon mount. i've utilized disk utility and selective filevault instances for this build. cloning a slim OS build can be tricky...

carbon copy cloner when you've finalized your build to a backup stick and lock that shit away.

check your torrent sources for pre-made USB OSX bootables. those builds work pretty well.

mine took a day to make ;) after pulling out all my hair. it's 10.7 and not 10.6 like most of the builds out there, and it has full GPG with all

my keys and every tool necessary for live operation.

Virtual box is NOT the same as it shares your NIC card via NAT and is still attached to your host OS and it's logging.

VMWare if you're going to do it, and use Ubuntu. Also change your network settings to get a hard IP instead of

sharing your Mac's IP.

be safe.

~btcf~
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: biscuitbase on August 25, 2011, 04:22 pm
I now have Tails setup on my 4gb usb flash, the partitions are as follows:
700miB for the live image, (i shrunk it down after using unetbootin as recommended)
50miB ext2 for Trucrypt portable
3GiB for my encrypted partition. Here i store keepassx, pass database, pgp keys, etc

The only issue I've had is that trucrypt has to be run as root to work properly.
I do a sudo nautilus, browse to the directory and run it. That way there are no issues mounting the encrypted partition.

Thanks loginathome!! Great idea!  8)
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: lucymucy on August 25, 2011, 05:35 pm
Virtual box is NOT the same as it shares your NIC card via NAT and is still attached to your host OS and it's logging.

I don't know what the issue with sharing your NIC card via NAT as all traffic in Tor is encrypted.
You think Linux as host OS logging something ?

Basically, I have the opposite case, I have Windows XP Gamers edition (159 Mb iso) installed under VirtualBox, and I have
TrueCrypt file container which contains this installed Windows and inside this guest OS I have Tor, PGP and other stuff.

But may be I will try your way, except storage of PGP keys and passphrases, which will be on another microSD, that can be easily hidden away.
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: btcfreedom on August 25, 2011, 05:53 pm
Virtual box is NOT the same as it shares your NIC card via NAT and is still attached to your host OS and it's logging.

I don't know what the issue with sharing your NIC card via NAT as all traffic in Tor is encrypted.
You think Linux as host OS logging something ?

Basically, I have the opposite case, I have Windows XP Gamers edition (159 Mb iso) installed under VirtualBox, and I have
TrueCrypt file container which contains this installed Windows and inside this guest OS I have Tor, PGP and other stuff.

But may be I will try your way, except storage of PGP keys and passphrases, which will be on another microSD, that can be easily hidden away.

It's a good point regarding Tor. You're right, all traffic is encrypted. However if you make a new virtual NIC, instead of NAT'ing, you have that extra layer of a manipulated interface. You can make two NIC's and bond them :D
Proxy them out twice, BNC them somewhere...make it HARD for LE. ;)

My thoughts are similar for Ubuntu, which I run with VMWare from time to time. I used to use it primarily for what I have my live USB key for now. OS logging as we know cannot be shut off entirely, but having it all to yourself - including control over the network interface - is a nice feeling.

~btcf~
Title: Re: Tails LiveUSB plus Encrypted storage on the same USB Key.
Post by: biscuitbase on August 26, 2011, 12:14 am
@ lucymucy
I started off with a similar thing. I had a truecrypt file container with portable virtual box inside. I ran a VM from there (xubuntu).
Having experienced both:
Tails live is much quicker, (running a Vm is always a little sluggush I find) and it has system wide proxy so everything goes through Tor.
Give it a try!  ;D