if my recommendations are out of line then feel free to delete @postmaster. this is all my personal opinion.. the best bet is to always look for yourself and do your homework. here are some common issues i faced and wish i would have known when i was in your shoes (we all were at some point, even the 1337 snobs :P).--------------------------------------------------------------------- if you wish to have secure communications with another party, there is no replacement for client side pgp encryption. in tails this is made simple with openPGP applet and the utilization of gnuPG keys. make them 4098 strength. quantum computing capabilities will render 2048 childs-play to break, and we are in this age of possibility.LEARN THIS! this protects against your messages being read even if someone has exploited their way or intercepted the message itself in transit. its gibberish. only the recipient and their passphrase can decrypt it. -------------------------------------------------------------------- a vpn is cheap and is a good thing to use in general on all systems, mobile phones and routers included. there are two things here that you will want to take into consideration when choosing one. 1. no logs. many claim it, but not many are battle tested. i recommend private internet access. its easy to setup, great support, cheap, and has guides to walk you through installation for all OSs and even routers so you can encrypt all home traffic connected to your wifi/eth with only one running instance of it. --IF i recall right, PIA was subpeonad by a 3 letter agency for logs of a user. they thought ahead on this one apparently and wrote it into the code and networking that they couldnt provide them with the logs even if they wanted to, and it wasnt something that had to go to court or anything else. it was completely within legality and that was the end to that. they are the only vpn provider i know of that has had a serious "audit" of their no logs claim.-- they accept starbucks gift cards, bitcoin, anything you can imagine. if one didnt want the name from their debit/credit card linked to the purchase of the subscription, then it could be assumed that bitcoin would be the most effective payment to them.--when it comes to vpn, pay for it. dont go free.--some vpns also have a setting to ease the pairing of tor +vpn for the user (torguard)-- use tor within tails to visit the vpn website and make your purchase. or a public library or something. ---------------- "if using tor is dangerous in your country or considered suspicious, use bridges" specifically obfuscated bridges, latest implementation is OBFS4 and can be retreived at bridges.torproject.org. many argue this is safer than a vpn.. as a vpn is still a central server which does not distribute the attack surface. good luck. do the doc reading. its worth it i promise
-------- Original message --------From: Carvalho Hugo <[email protected]> Date: 1/6/17 8:47 AM (GMT-06:00) To: [email protected] Subject: [Tails-support] Some questions ! Hi guys. As the title says, I have some questions to ask. Not all of them are directly related to the tails themselves, but if they can answer / direct me, I am very grateful. I'll start at the beginning, by installing the tails. In your site, to download I chose to install through windows, which requires two USB sticks. Since I only have one pen, I did the following: Through virtual windows, I downloaded tails 2.9.1 and after checking it, I recorded it for a dvd. I made the dvd boot through virtual windows and did the installation of the tails on the pen. Since it was a different process, from what you explain on the site, my question is: Does it in any way compromise the security and anonymity of it? Now comes other questions that have no direct relationship with the tails, and if they lead to evil, I apologize for this. Increasingly, I have been worrying about my security and privacy. But since I'm a newcomer to these things, I wanted to ask for help / advice from trusted people. Which is your case, given your project. From what I have read, there are certain programs that are indispensable to protect us. Such as encryption (point-to-point more specifically), Mail encryption and VPN. My question is, which ones are the best in their respective areas? Is there any other point that escaped me and should I take into account? Which are? If it is not abuse, could you give me paid and free programs for them? Thank you in advance for your time with me. And I apologize for my bad English. greetings
_______________________________________________ tails-support mailing list [email protected] https://mailman.boum.org/listinfo/tails-support To unsubscribe from this list, send an empty email to [email protected].
