Is Tails+Tor inside of an encrypted virtual machine the best way to protect yourself?

>Tails
You've already lost

Tails has a vulnerability which leaks user IP

It also uses systemD

Best way to "protect" yourself is use hacked wifi that is 10+ miles away from your actual residence. Change your MAC address and do your haxing that way.

Not safe. Not even close. If it was safe the feds would not allow it to exist. It is a controlled honeypot. Sooner or later you will realize that the only way to browse securely is with a stolen identity on a stolen connection.

>inside a VM

Attached: 1504181162882.png (638x480, 349K)

What are you hiding?

Okay, Jow Forums. Would like some help on doing some odd things.

I've broken into a wifi spot in a nearby city. I've found a secure location nearby there to dump a small computer. I've got TailsOS on the computer and it's running an ssh server.

I want to run web applications off this wifi spot. How do I securely and anonymously do that? Any way my home computer could be tracked if I ssh into it?

No system d is a back door. Heads is safer but tor is far from safe

how do you plan on powering it?

>Is Tails+Tor inside of an encrypted virtual machine the best way to protect yourself?
from what you fucking moron? sick post

A compromised local user on Tails can get your pubic IP, no privilege escalation required: labs.riseup.net/code/issues/15635

#!/bin/bash

export DISPLAY=:69
mv /run/user/1000/bus{,.bak}

Xvfb $DISPLAY -r -nocursor & xpid=$!
sleep 1

sudo DISPLAY=$DISPLAY unsafe-browser &>/dev/null &

xdotool search --sync --name zenity 1>/dev/null
xdotool key --delay 200 Tab Return

xdotool search --sync --name Unsafe 1>/dev/null
xdotool key --delay 200 ctrl+l
xdotool type --delay 200 www.yourip.us
xdotool key --delay 200 Return

xdotool search --sync --name Your getwindowname | awk '{print $5}'

mv /run/user/1000/bus{.bak,}
kill "$xpid"
exit 0

Workaround: delete /etc/sudoers.d/zzz_unsafe-browser after start up

Depends on the host OS.

I've found a really nice spot for it. Outlet nearby. :)

tails is shit and only made to function as a honeypot for criminals. to protect your privacy change the settings in your browser and os also rent a vpn (european or us american vpn providers are cheap as fuck and offer really good services).
if you're a cunt trying to hide her criminal actions go fuck yourself and get a job.

>On a VM
((((They))))) could get the vm's ram or just a complete snapshot

>not using tor as a transparent proxy
enjoy your leakage

Attached: lmao.png (899x867, 164K)

Tails won't protect you if your hardware is compromised, which probably is, if your CPU has Intel ME backdoor (2008+) or AMD PSP backdoor (2013+). Also add any possible BIOS backdoors to that. Always imagine the worst case scenario.

Tails is shit.
Use
Heads
e
a
d
s

Here bruh, I'll explain why people tell you to always boot into TAILS instead of using a VM.

Part of the point of TAILS is not to leave any trace whatsoever on the computer it was used from, which is where the boot method comes in. It's (SUPPOSEDLY) impossible to know if TAILS was used via booting in any machine, unless you interact with your regular partitions' files, obviously.

When you run via VM, you're adding not one but two new layers that can have your traces on: the VM software and the OS it's being run on. I suppose an encrypted VM sounds like a step up because it will hide the fact that it was used to run TAILS, but I don't think a VM can log your activity with enough detail to be worth encrypting. But then again, this is my assumption. Regardless, there might still be traces in both the VM and OS that a suspicious volume was accessed and the latter can have even more traces, which are things that wouldn't happen if you had booted TAILS instead and kept any suspicious software or file out of your real partitions.

Dont ssh into your pc nigger. Also if youre using wireless you might as well not bother.

No. A airgaped QubesOS is what Snowden recommends.

He also stopped using email and started using Jabber and OTR for communications.

Attached: 1529453871723-g.jpg (768x1024, 563K)

This guy knows!

From third parties you braindead bormachite.

Whonix template in a qubesOS machine is safest for not leaking IP. Whonix workstation can't leak your IP because it doesn't even know your IP.

How the fuck you gonna use wifi that's 10 miles away? Or do you mean wardriving and sitting in your car with a laptop suspiciously on some street until someone calls the cops?

The point of Tails is that it is amnesiac, install it on a flash drive and it will allow you to make an encrypted data partition, which it will keep whereas everything else gets deleted an reset to default on reboot, also leaving no trace on the host computer, tails in a vm defeats the purpose of tails

>Tails+Tor
Tails already has tor in it.

>VM
no.
Get a shitty cheap laptop and keep tails on it. Use that laptop to do all your illegal activities.

Also this thread is full of FUD. Too many retards saying Tor/Tails compromised/honeypot with 0 citations. Ignore them.

I just browse using my WiFi but with VPN and no tails/VM

You mean this tails?

Attached: Screenshot_20180601-221118_Google.jpg (1440x1611, 857K)

tails has systemd
just get a thinkpad with Libreboot or a RISCV board and install Heads

heads.dyne dot org

cheers

Do it.

Attached: 0.jpg (920x1211, 373K)

Attached: 1.jpg (920x1211, 348K)

Now we're talking.

>Is Tails+Tor inside of an encrypted virtual machine the best way to protect yourself?
use a logless vpn on host vpn + do same again on vm using a different vpn. you're good to go after that assuming you're not stupid
e.g. don't maximise browser, use tor via tails/heads, make sure host isn't compromised etc.

>citations
From what, you dickweasel?
If you don't believe the CIA/FBI/Mossad/GRU are running massive numbers of exit nodes you're an unbelievable chump.

>logless vpn
Doesn't exist, and never has.

Qubes + Tor is better.

>If you don't believe in something that I have said with zero proof you're an unbelievable chump
Seriously, don't you idiots get tired of being so paranoid

>citation

How do i update it without the usual fuckery with two USB drives?

just overwrite why are you even keeping data whilst using an OS like tails

PGP keys mostly.
And bookmarks, although i doubt hansa and ab bookmarks will be of use to me anymore..

Tor is open source, please point to vulnerabilities.

>goes to run logless VPN service
>gets confused when service shits the bed
>can't figure out what's happening because no logs
"Logless vpn" is the stupidest meme.

you literally don't know what logless means

I literally do. I simply don't believe it when somebody says "trust me, I won't tell nobody."

There are two types of logs that logless can refer to.

Traffic logs, or usage logs are the ones that we are concerned about as they contain the contents of your internet traffic, such as search queries or e-mails.

Metadata logs, or session/connection/diagnostic logs don’t contain the contents of internet traffic but instead records details about how a VPN in used. Typically when referring to log-less, this means that logs contain non personally identifiable information such as bandwidth use. The type of meta log you’re most concerned with are ones containing source IP addresses.

Typically you want the company in a place with no data retention laws as well.

So criteria to follow:
No traffic logging, no source IP logging, DNS leak protection & shared IP addresses, bitcoin payment

This is verified how?

a real world example for you
>scribd.com/doc/303226103/Fake-bomb-threat-arrest
>the company pia couldn't help because it doesn't log

>logless VPN still can provide information on IP addresses
Good luck!

>didn't bother reading the pertinent information
cya mate

What about socks5?

source? oh yea you dont have it

big ass directional, first you measure signal and find perfect target, than you go there with laptop and capture handshake. (1-2km in city is big deal but 10 is less possible unless you have perfect line of sight)

Qubes+Whonix

keys stolen

m.youtube.com/watch?v=sNYsfUNegEA

A provider that has warrant canaries is good too and provides you with an anonymous token rather than username