F
F
fake88882018-05-16 19:45:49
linux
fake8888, 2018-05-16 19:45:49

Which secure OS will suit my needs?

Welcome all. Glad to be a member of your community :)
I had a task - work from a computer with the constant use of tor and storage of some of the files.
At first glance, everything is simple, but I will explain. Work is often using TOR, and there are not many files that will be stored. But it is necessary that the computer does not leave any traces after the same reboot (in addition to permanent files, which must be encrypted). Under this description, there are many operating systems operating in live-usb mode, about each in order. I thought about tails, there is a built-in tor and a persistent partition ready, in principle it fits, but you can’t tie a VPN there before TOR, that is, the provider sees that the traffic goes through the tor. There was an idea to tie vpn to a router (because I always travel, I use a 4g router), I didn’t find a way to tie VPN there, and, by the way, also a router with vpn.
Then I tested Kodachi, everything is great, but I could not find in any way how to add the Russian keyboard layout there and did not understand how to create a permanent partition on a flash drive with a system that will be encrypted.
Moreover, these problems were the only ones from the virtual machine. But when booting from a USB flash drive, it does not see the 4g router itself in usb, nor the Wi-Fi module. (besides the lack of layout).
So, question. What is best suited for the purpose of working vpn + tor with encrypted storage (I don’t even need more than 500 MB), with a self-cleaning system (both RAM and the file system itself, with the exception of the encrypted one)
And a sub-question. If as the main OS - win 10, on it is a virtualbox on which the same kali, tails or kodachi. Is it possible to detect traces of files or info from these operating systems outside the virtual machine. If so, how to prevent.

Answer the question

In order to leave comments, you need to log in

6 answer(s)
A
Adamos, 2018-05-16
@Adamos

What "traces" are you afraid of?
History, cookies and other things of the same Thor? Well, mount the folder where it stores all this on tmpfs - it won't be there on reboot.
Hide specific files? Well, truecrypt or its heirs.
In this case, you can use any system that is more convenient for you to configure. Though banal Ubuntu.

D
Denis, 2018-05-24
@gaucer

Not advertising. I think you will find something useful
telegra.ph/Oc-05-09
And a little more
telegra.ph/Anonimnost-04-19

A
alisiy, 2018-05-24
@alisiy

Take any distro. Better than Ubuntu - for a beginner it will be easier and there are no problems with the software. And even better Xubuntu to not have performance issues.
Use Virtualbox. When creating a virtual disk, enable encryption. When installing Ubuntu on it, also enable encryption.
As a result, you will receive an encrypted virtual disk in an encrypted container. How much more encrypted?
Both on the host and guest OS:
Disable hibernation and standby.
Disable paging. NO SWAP, DO YOU HEAR?! Not to a file, not to disk.
Put it there yourself and set up vpn, tor and privoxy - there are a lot of manuals on the network.
Don't forget to check for DNS and WebRTC leaks.
Do not expand the browser to full screen or make the panel a custom width.
> self-cleaning system
You don't need it. You are either deluded or already stuck. But you can use tmpfs as suggested above.
> with the exception of the encrypted
one, you should not have any "except for the encrypted" memory in principle. The entire disk is totally encrypted. You can put the hamster on a flash drive, which you can also make encrypted using the usual Ubuntu disk application. Don't bother with hardware encryption on flash drives. It is either implemented with errors (which is rare), or it does not exist at all, as on most of these flash drives (stupid disconnection of the controller by pin). These flash drives are for sale only. You should not use them to store files.
And yes - you want some kind of paronoid OS, but are you going to run it under Windows? That's funny.
And most importantly, remember that all these measures will not protect you in any way. They will only deprive the court of additional, obscure and unnecessary evidence.
You will screw up in something else - mix up accounts, use the same service from two operating systems at the same time, use a two-way clipboard and a clipper for it on the host, provoke opponents to use a sophisticated attack against you, like shaping ...
But most likely boast somewhere and tell everything yourself.
So it's better not to do anything that might not please our government. Especially if it's not illegal ;)

D
Dmitry Aleksandrov, 2018-05-16
@jamakasi666

The easiest way in all plans with the least number of gestures:
1) Buy Kingston DT2000/16GB or similar. Hardwire encryption, pincode to decrypt, if the pincode is entered incorrectly 10 times, the data is destroyed without the possibility of recovery.
2) * Take any convenient distribution kit and preferably sharpened for liveusb. You can assemble it yourself or take something ready- made https://en.wikipedia.org/wiki/List_of_Linux_distri...
3) Install and configure all the necessary software in this distro.
4) Transfer everything you need to tmpfs (using overlayfs\unionfs).
* you can push everything into cpio with due skill, but the issue of convenience of updates / reconfiguration / software installation will be inconvenient. In this regard, overlayfs\unionfs, which W makes in tmpfs much more convenient, you need to update/reconfigure/install something, then just unmount the overlay and that's it.
If desired, to store user files, you can mount the necessary directory via EncFS (on a partition of the same flash drive\hard\yes, at least on webdav from some Yandex) via EncFS.

Y
Yhak, 2018-05-17
@Yhak

It can of course be trite. But the target will not leave traces in the country of residence. If so you order vps from foreign providers. The trial version is kindly put to you by a server, work for your health through a secure channel. You go to the mall and connect. If it’s very poronoit. The request is what Vasya Pushkin is doing and very interesting information can be sent and sent, but it leaves doubts that they will answer. The bottom line is to keep the data away from yourself. But have access to them at any time

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question