If you use it as non-persistence thumb drive, it’s pretty good. There are still ways you can start to fingerprint it’s use but in general as long as you do everything right it’s solid.
It’s point is to limit identifiable information for any operations done on the os. Using it within a VM only sets it within a box, any use of the OS to connect to the outside world, or create some file with longer term persistence will finger print you as that main OS is the pass-through between the VM and the outside world.
Giving an example of how I might use it would help:
If I’m speaking with an international activist, early career reporter, or high-risk private sector worker, I have a custom tails that I can flash and offer them to use.
For a private sector worker it has a doc on some basic information on requesting whistle-blower protection from a given government, agency contact points, etc.
For a reporter or activist it might have a doc on how to ensure they have a social safety net for informing others of their movements, basic tools for performing field work if local computers might be being monitored, and of course how to connect to the internet in areas where traffic monitoring is routine.
I can have that information persistent on the drive only useful for reference, while the rest of the OS can be used as intended without being easily fingerprinted as intended, but only if that drive is the ONLY thing that’s acting as any form of operation on a computer. If it’s on a VM, installed onto an onboard drive, it looses some of it’s ability to act as a real tool.
It’s more the inverse, the host OS running a VM will fingerprint any information you are sending out.
If your plan is to just run it offline through a VM, then it’s unlikely to leave much persistent information.
Tails is meant as a secure non-persistent tool for communication at it’s base, and that’s what it is best for. I might recommend looking at running a properly containerized environment on your VM for getting similar effects if you’re working on software and OS testing, it’s how I go. Think rolling vs production environments.
If you use it as non-persistence thumb drive, it’s pretty good. There are still ways you can start to fingerprint it’s use but in general as long as you do everything right it’s solid.
Could the same be achieved by running it in a VM?
Yes and no.
It’s point is to limit identifiable information for any operations done on the os. Using it within a VM only sets it within a box, any use of the OS to connect to the outside world, or create some file with longer term persistence will finger print you as that main OS is the pass-through between the VM and the outside world.
Giving an example of how I might use it would help:
If I’m speaking with an international activist, early career reporter, or high-risk private sector worker, I have a custom tails that I can flash and offer them to use.
For a private sector worker it has a doc on some basic information on requesting whistle-blower protection from a given government, agency contact points, etc.
For a reporter or activist it might have a doc on how to ensure they have a social safety net for informing others of their movements, basic tools for performing field work if local computers might be being monitored, and of course how to connect to the internet in areas where traffic monitoring is routine.
I can have that information persistent on the drive only useful for reference, while the rest of the OS can be used as intended without being easily fingerprinted as intended, but only if that drive is the ONLY thing that’s acting as any form of operation on a computer. If it’s on a VM, installed onto an onboard drive, it looses some of it’s ability to act as a real tool.
So the risk is more about what breadcrumbs I leave on the host OS?
It’s more the inverse, the host OS running a VM will fingerprint any information you are sending out.
If your plan is to just run it offline through a VM, then it’s unlikely to leave much persistent information.
Tails is meant as a secure non-persistent tool for communication at it’s base, and that’s what it is best for. I might recommend looking at running a properly containerized environment on your VM for getting similar effects if you’re working on software and OS testing, it’s how I go. Think rolling vs production environments.
Got it, thanks!