Every week seems to bring a new threat to your online privacy and anonymity. Security breaches, ransomware, malware, data collection, and computer viruses threaten commerce, as well as us, the individual internet users.

Today, it does not require knowledge of programming languages to expose an individual's identity online. Ready-made "malware as a service" programs are easily and inexpensively available to those of ill intent, skilled or otherwise.

Threats to user privacy, data security, and the right to anonymity will continues to become more complex. Every site visited logs IP addresses, HTTP referrals, cookies, tracking scripts, user agents, and some use browser fingerprinting to gather information about a users system.

Most operating systems trade off ease of use for some protections. A typical operating system does not provide a strong level of privacy, anonymity or security. Projects to make specialized, security focused operating systems are becoming more and more popular. Three examples of such projects are Tails, Whonix, and Qubes OS. All three of these Linux based operating systems are designed for a higher level of privacy and security. However, each approach the topic of security differently. Let's take a look at the features, differences and benefits of each of these operating systems.

Tails OS - Privacy for Anyone Anywhere

Tails Logo

Tails stands for The Amnesic Incognito Live System and is a Linux distribution designed to run entirely from removable media (i.e. USB, DVD, etc.). This is what is known as a Live OS. Because Tails runs entirely from a USB stick it is highly portable. This is especially beneficial for travelers who want to stay secure while using hotel and other networks.

Furthermore, you are not tied to a specific machine. You can plug the USB media into any computer and boot to your secure operating system. Tails leaves no data on the host computer. When you shut down any local trace of the users activities is completely destroyed.

Tails comes with the Tor browser pre-installed as well as several other encrypted communications applications like Pidgen (chat), onion share (file sharing), and Thunderbird (email).

Benefits of Tails OS:

  • All internet connections are automatically forced through the Tor network.
  • Since it's a Live OS, there are no files, cookies or other trace data left on the computer you are using.
  • Provides tools to encrypt your data and communications (i.e. files, email, instant Messages, etc..)
  • Highly portable Live OS
  • Near zero digital footprint
  • Option to create persistent storage

Whonix - Stay Anonymous

Whonix Logo

Whonix is a split system solution. It requires two systems, contained in a virtual environment in order to operate. These systems work in tandem to provide advanced security and privacy.

The first system is a dedicated Tor proxy (The Whonix-Gateway) which acts as a gateway to the internet. This allows it to provide system-wide use of the Tor network. The Whonix-Gateway works to protect the workstations IP address from being leaked to the internet.

The second system is a reconfigured Debian based Linux installation (The Whonix-Workstation) that runs user applications on a completely isolated network. The workstation never communicates directly with anything other than the gateway.

Pre-installed applications have safe default configurations to ensure they are ready for use. Users can install custom applications without fear of information leaks.

Benefits of Whonix:

  • Can be used on Windows, MacOS, or Linux
  • Can run as a Live system (similar to Tails)
  • Any system that supports virtualization can run WhoNIX
  • Only connections routed through Tor are permitted
  • DNS Leaks are impossible (according to their design documentation)
  • Malware, even with root privileges, cannot discover user's real IP address.
  • Threats from misbehaving applications and user error are minimized

Qubes OS - A Reasonably Secure Operating System

Qubes OS Logo

Qubes OS takes a much different approach to security. It does not provide the same level of anonymity in it's default configuration as the other operating systems mentioned above. Qubes OS places compartmentalization of processes to secure the system as it's top priority, rather than anonymity.

It utilizes popular xen-based virtualization to create task specific virtual machines. It's security is based in applications in isolated environments called Qubes. Each Qube is separate from the other and assigned a level of trust. This segregation stops a compromised Qube from propagating to other Qubes, or the underlying operating system. This makes Qubes OS well suited for high risk of situations when compromises are more likely.

You can use Qubes in conjunction with other utilities or operating systems to achieve a higher level of anonymity. For example, you can run Whonix (Qubes-Whonix) on top of Qubes.

Benefits of Qube OS

  • Isolate software as if it were run on a separate physical machines.
  • Use multiple operating systems at the same time in their own Qube
  • Security by compartmentalization
  • Quickly create Qubes using a innovative template system
  • Full Disk Encryption
  • Disposal virtual machines that are destroyed when closed
  • Native Whonix intergration

Conclusion

These special purpose operating systems are designed to provide a level of privacy and security you just can't get with an average operating system. All three of these projects are well documented and easy to test out. You can find links to the projects home pages below for continued reading.

Resources and Links