I don't think this will stop the NSA or GCHQ, it's already been shown that Tor is not infallible.
If they do have difficulty they will just demand access claiming it is necessary for homeland security.
Secure Linux distribution Tails has reached the milestone of a version 1.0 release, after its developers crushed a laundry list of bugs. The Debian-based operating system is a “live OS” - it boots from removable media rather than a hard disk. It also funnels all data through Tor and uses a smattering of cryptography and …
Depends - it won't stop them if you are a high-value target worthy of directing a lot of resources, hell they will just bug your machine(s) at $100k+ sort of cost in that case.
What is does do is make data hoovering that bit more difficult and expensive. If enough people used it then they would only be able to investigate high-value targets, sort of like the good old days when human resources (i.e. a spy) had to do the work, or that quaint idea of having proper judicial oversight.
By throwing a lot of resources at Tor they can correlate enough traffic to make some sense of it, but the more people use Tor the less effective and more expensive those resources become.
Whether Tor would even work if everyone was using it is questionable, but assuming it would, making sense of the traffic at that point would become impossible.
The problem with this is that it takes two to tango. Unless you can persuade your correspondent to send (a link to) their public key and provide a fingerprint, it doesn't work.
My experience over the last 15 years has been that other parties (including RBS and Pinsent Masons) absolutely insist on sending sensitive documents via unencrypted email. Most senior managers just laugh at requests to enable secure mail because "if it mattered why doesn't anyone else do it?"
The weak link is the exit nodes....people presume these are the "good" guys. Yes it's scrambled and goes through loads of relays, but if you own enough relays and own enough exit nodes, it's not beyond the computing powers these guys have to put it all back together.
Of course they will say...curse those drug dealers and terrorists using this darknet, we can't find them if they use that...snigger.
I had a friend who was a bit of a conspiracy nut and he stated once that if you built an 8 foot wall around your house, the feds would scream foul because they couldn't see what you were doing. If he hadn't passed of cancer, he surely would have had a stroke if he saw what was going on today. My point, and his, is simply that wouldn't the act of downloading and using this be enough to raise eyebrows and draw attention? Would someone be "put on a list" as soon as they clicked download? I understand that this has huge benefits for say, money transactions, but would the conspiracy nuts on the other side see it that way?
Crackable or not, this is worth doing!
Let's assume the Feds note everyone who downloads Tor et. al and puts them on the Naughty list. You become one of thousands of people in Guy Fawkes masks. They would have to "remove the mask" from each of us, one by one, finding Nothing Much again and again. Right now it's easy to link us together and everything about us with a few clicks. The harder it gets, the less they will examine any one of us.
Where's the Fawkes mask icon when you need it?
I used to like TAILS, but two things turned me off of it:
If you want anything more than a "web appliance". the amnesiac aspect quickly becomes a huge pain.
The developers are too secretive. Originally they had a forum on their site, but it was aggressively moderated, and then killed off completely. I don't understand their motivation for that, and at the risk of sounding a bit tinfoil, that make me trust them less.
I've since switched to Whonix, which is just slightly more work to set up, but easier to use and the people behind it seem more helpful.
Now that there are both old time true crooks and officially not officially crooks then why not up the ante and use hackers against the stately sponsored crackers. At least It will give me a reason to put Linux on a stick, quite a nice thing to have with you if you have to borrow somebody's PC somewhere for some reason. As for the honest crooks they are probably looking at black and white movies to find out how information was dealt with in old times. Came to think of it, was there not a time when a crook was able to make a deal with the state revealing the crooks. Should that not apply to Snowden too. Probably not, times they are a-changin. Poor Snowden, now he is accused of making it possible for to Putin invade Crimea. Just look at this:
A brain washed congress man, or what.
...it boots from removable media rather than a hard disk
This is very significant. Once we could install an OS on a hard disk then flick a read-only DIL switch and the disk would be hardware write protected.
Today, we no longer have the option of protecting hard disks by enabling hardware write-protect. This feature of HDs seemed to have disappeared with the appearance of the IDE drive. The question of why write-protect was disabled on HDs has to my mind never been answered. Hardware write protection for the OS is a very significant factor in protecting the OS against alteration and patching etc. thus a very significant security factor.
It makes considerable sense to develop OSes such as this, that it's not been done previously (in recent times that is) is surprising.
I think some OSs have the ability to be set to read only. Something to do with setting the run level and sadly that's about technical an explanation as I can give you. Others here, I have no doubt can explain it. The only one I've read about having this feature is OpenBSD, although I'll make the assumption that other OSs can, as well.
Biting the hand that feeds IT © 1998–2019