Tails


D

Desmond

Hi
I noticed this on the BBC click program and thought I would have a play with it. I have had problems in the past with windows crashing and I thought it would be an easy way to retrieve files.

I downloaded the iso and burnt it to a dvd. There is no autrun.inf so how can it work. Amazingly it booted up and I am baffled by this.

It asks for a password but I don't understand this as I have no log in

My computer only shows the file system on the dvd operating system so I have no way of getting to my files. Any attempt to access a folder on it's drive requires a password. Is this the one I am supposed to enter at startup? If so it is a crazy idea.

The only thing I seem to be able to do is access the internet with a false IP address. Although it is fun it is of no practical help to me.

Am I missing something here ???


How does it boot without autorun.inf
 
Ad

Advertisements

P

Paul

Desmond said:
Hi
I noticed this on the BBC click program and thought I would have a play with it.
I downloaded the iso and burnt it to a dvd.

Downloaded *what* ISO ?

Please give a URL to the webpage with the download
or some other unambiguous identifying information.

Paul
 
C

Carpe Diem

How does it boot without autorun.infBootable cd's or dvd's do not need an autorun.inf to boot up when you
switch on the PC.
Only when windows is "active" and you want to "autorun" the cd/dvd after
insertion, THEN you need an autorun.inf!
 
Ad

Advertisements

P

Paul

Desmond said:

http://distrowatch.com/table.php?distribution=tails

http://en.wikipedia.org/wiki/The_Amnesic_Incognito_Live_System

http://www.wired.com/2014/04/tails/

The current release is based on Debian, a Linux distribution.
Which means a lot of it would be standard Linux, with Tails custom
odds and ends added to it. It has OpenOffice, GIMP, and Audacity,
and OpenOffice would be one reason the distro is a 909MB download.

Some linux DVDs do have an autorun, as a means
to get to WUBI. Or to get a banner page to show
in your browser, if the disc is inserted while
you are in Windows. In only one case, did that
sort of thing annoy me enough, to remove the autorun.

http://en.wikipedia.org/wiki/Wubi_(Ubuntu_installer)

Bootable media, needs a boot sector of some sort,
and that can usually be noted with things like 7ZIP.
You can see a [Boot] entry in there, if you examine
the ISO with 7ZIP.

Some Live CDs do come with password protection at
startup. In which case, you need to find the password
for the distro. Some others, have automatic login - they
have a (known) password, but if you sit there for ten seconds,
the distro enters the password for you. The password
would only be needed perhaps, if you were trying to
elevate yourself to Administrator. In some cases, this
is an attempt to keep you secure, by requiring an
exploit against you, to elevate itself to work. If
you're always running as Administrator, it's easier for
an exploit to attack the OS.

*******

In the documentation I can see:

persistent volume passphrase or administration password

The administrator password is addressed here. Some
password is handy if using sudo, and that could be
what it is for.

https://tails.boum.org/doc/first_steps/startup_options/administration_password/index.en.html

You don't have to run Tails with a persistent volume.
And if you did, you would protect the persistent volume
with something like Truecrypt. (I use a persistent
volume on my USB key with Linux Mint Mate on it, and
that 4GB bitmap file system keeps changes made to the
OS, like freshly installed packages. It's the casper-rw
file or something similarly named.) Without a persistent
volume, all changes are lost between boot runs. Which
for some people, may be desired anyway (a person wishing
no local footprint).

The boum.org site insists on checking the download with
signing, whereas for some of us, we're only prepared to
go so far. The copy I downloaded, matched the SHA-1 I could
find in a USENET posting. Which is perfectly useless, but
is better than nothing. I prefer sites to provide this
info themselves. Because it is cheap. MD5 can't be trusted,
but SHA-1 is supposed to still be around 2**60.

MD5: 65E0163AAC6AD1E55566D66D643553EA
SHA-1: 5A3745BC632E3AFE3C44FA6F5703B3BE5CCA5A6F
SHA-256: 199877E17F69157C48000A513B2B5DAEB1B0EF551D36B8456A522006FD66FD8E

The greeter has an option in the settings, to set
an administrative password. I don't see why it would be
prompting you at login for a password. It seemed to
log in by clicking the login button OK.

Perhaps it detected a Truecrypt volume on a local hard drive
or something ? Or do you have a casper-rw or similar file
on the top level of any partition ?

I tested it in a VM with a virtual hard drive with
nothing on it, and it didn't seem to do anything
exceptional here. The distro can figure out it is in
a VM, but this capability has been a (broken) part of
Linux for some time. I used to have distros crash
when attempting to use their VM detecting code, and
after several years, this is fixed. The last major
fix, is they stop trying to run non-existent Hyper-V
hardware drivers. The distro did send packets, which
I presume had something to do with TOR. I don't really
like any distro that sends a lot of traffic without
me actually playing a part in triggering packets
being sent. I like OSes to "be quiet" when they start.
One of the reasons I don't particularly like IPV6,
is "too much chat" for my liking.

All I can say at this point, is Tails found
something different in your setup, than in my test environment.
While I have an opportunity to set an Administrator
password, I wasn't challenged to enter a password
the first time. Nor when booting it a second time.

In the packet trace, are plenty of references to
weird addresses. Those don't bother me too much,
but seeing 1e100.net in the trace did bother me.
(That's Google, and presumably an attempt to
scan me as a web site.) I haven't seen an attempt
like that here, in ages.

Paul
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top