Silk Road forums
Discussion => Security => Topic started by: dorito on October 01, 2011, 04:13 pm
-
tails????
"""""""One of the most notable Liberté Linux design differences from PELD is the issue of explicit vs. transparent proxying of network connections of applications. In Tails, any application that creates a network connection is transparently routed through Tor (including DNS requests). This approach to Torification of network activity is fundamentally flawed, because applications' connections (which are subsequently redirected to Tor service by firewall rules) are bound to the external network adapter interface, and the applications are therefore automatically aware of the computer's IP address — which is a property of the connection. As a result, there is explicit reliance on the application not inadvertently leaking this address to its communication peer due to a bug, a wrongly implemented feature, or a design flaw. Depending on the network configuration, this IP address can be a LAN address behind a NAT, or a globally identifying address assigned by the ISP. In addition, many applications leak unnecessary DNS requests that, too, are automatically routed through Tor in this approach.
Liberté avoids this serious design flaw by explicitly configuring selected applications and services to use Tor via its local proxy (where access to the proxy is additionally vetted), thus forcing the applications to create connections to the proxy on the loopback interface (localhost). An inadvertently leaked IP address does not pose a problem with this approach. The only exception to this in Liberté is I2P, whose peer connections are transparently routed via Tor, because I2P does not support using proxies for this purpose, and because other methods (like dynamic library socksification) fail. Since I2P communication is visible to Tor exit nodes, this might pose a problem — however, I2P has been verified to not leak the system's IP address when used in hidden mode. """""""""""""
think its time for the switch fells,to any distro besides tails,ive had enough of shitty tails,cant upgrade,no persistance, its just screaming feddy on a stick....
-
About a month ago, I read what you've quoted above from the Liberte Linux site. I took my USB drive with TAILS on it --- and wiped it clean so I could install Liberte Linux. My only complaint is that I can no longer run any Linux apps that aren't already installed with LL. Ah well, a small price to pay.
-
Thanks for posting this, I wasn't aware. I too struggle with the persistence aspect of Tails, but, on the other hand, if I ever did have to get rid of my flash drive in a hurry, tails doesn't leave traces. I've used Privatix in the past, which has a nice encryption setup, and I've messed around with xPud, which I like for it's simplicity, put a tor app on, but I've fought getting persistence in the Tor apps there also.
I've got debian on my main box, and have used different vms, but I just don't like all that, and want something simple I can keep on a little flash drive I could swallow or hide in the convict 'vault' if all goes awry ;) and still have some persistence of data. I get around it with tails by using an online service like swiss disk or dropbox, if I must...and can use it on my little xp notebook...
I like flash drives for the portability, can plug in anywhere, use another computer, to me, much safer than using even the most well protected system, if it's within my domain....
-
Liberte here, since yesterday. I am finding it brilliant, apart from not being able to install anything and no superuser but thats a small price to pay for the security. Running from a MicroSD card, it doesnt get any easier to hide than that!
-
Liberte here, since yesterday. I am finding it brilliant, apart from not being able to install anything and no superuser but thats a small price to pay for the security. Running from a MicroSD card, it doesnt get any easier to hide than that!
So you've not been able to keep anything? What about bookmarks and such? When I used Tails I would save everything in 'the cloud' and go to dropbox or SwissDisk and quickly reinstall most stuff I needed. I know liberte has a deal/place where you can save stuff, but I haven't used it...I just got back from picking up a new flash drive, and I'll try to install this today, see what I come up with...