There are plenty of operating systems aimed at achieving online anonymity. But how many of them are really good? I think that not many. Below I want to suggest several Linux distributions that can help to solve numerous privacy\anonymity issues. Let’s go!
Tails is a Debian-based Linux distribution designed to provide privacy and anonymity. All outgoing connections are routed through the Tor network, and all non-anonymous connections are blocked. The system is designed to boot from Live CD or Live USB and leaves no traces on the machine on which it was used. The Tor project is the main sponsor of Tails. This operating system is recommended for use by the Freedom of the Press Foundation and was also used by Edward Snowden to expose PRISM.
In order to evaluate all the pros and cons of Tails, it is necessary to have a strong understanding what purposes this OS was created for and how it should be used.
This operating system can launch very quickly. After creating a flash drive, it will take 1–2 minutes to access the Internet (in case you have good hardware). However, you should not expect much functionality from Tails. It allows you to quickly connect to the Tor network, use messengers and connect via a secure channel, generate and save passwords, and clear metadata files.
At the heart of Tails lies the task of ensuring the anonymity and safety of the user on the network, while at the same time preserving the convenience and ease of use. And it does it quite well. The whole system works in Live mode uploaded into RAM. Tails is not installed onto SSD or HDD. After the session is over, it is impossible to determine what the user was doing on the computer, even if somebody will get full access to the device.
This OS is not recommended to be used as a permanent operating system. After shutting down or restarting the system, all downloaded files, browser history, etc. — are deleted.
You can create a Persistent encrypted partition and store passwords and files of various types on it, but these files should be not very sensitive.
To run Tails, you need a device with at least 1GB of RAM and an antediluvian processor. Optimal device specifications for Tails: 8GB RAM and a 2-core processor.
Installation of third-party programs is not the strong side of this OS. Installing applications onto Tails is not the most pleasant thing. There are often unforeseen errors, even if everything is done correctly. It may happen that after several reboots your installed software may simply disappear. If you need to systematically work with third-party software, the best option is to create your own distribution that will fit your needs.
The goal of Tails is to leave no traces, anything more than accessing the Tor network and storing files can be a problem. It is best to use Tails for getting quick access to the network, connecting to a remote web resource, working with documents, communicating over an encrypted channel, sending\receiving cryptocurrencies.
• Quick access to the network (Tor, instant messengers, online crypto-wallets).
• Built-in tool for cleaning metadata.
• Built-in instant messengers.
• Generation/storage of passwords.
• Works with almost any hardware.
• Difficult installation.
• Problems with the installation of third-party software.
• Not suitable as a permanent OS.
• Not suitable for storing highly sensitive\private files.
Tails is a good system. It has its drawbacks, but again, it is simply tailored to specific tasks that do not always work for all users. Tails is more concerned with the issue of anonymity, but not security. Of course, this is an anonymous and quite good secure system, but there are other distributions that are much more advanced. Tails is well-known thanks to Snowden and gets advertised by many communities due to its simplicity.
Whonix is a Debian-based Linux distribution, formerly known as TorBOX. Designed to ensure anonymity by means of VirtualBox and Tor. Neither malware nor compromised superuser account can lead to IP and DNS leaks. All software bundled with this OS is pre-configured to work with maximum security settings.
Whonix OS consists of two virtual machines: Whonix Gateway and Whonix Workstation, connected through an isolated network. Gateway works exclusively through Tor and acts as a gateway to the network, Workstation works in a completely isolated network.
All network connections are possible only via Tor. The only network access for the workstation is the gateway. All traffic, all applications, and processes will go through Tor.
Applications cannot access the Internet bypassing Tor. Applications can only see the local IP address. The time zone cannot be traced, the clock is set to UTC, and Timestamp HTTP headers get sent to randomly selected web servers.
The possibility to implement different sequences of Tor + VPN is a great advantage of this OS. You can configure the system so that first all the traffic goes through the VPN, after that through Tor, and then again through the VPN.
Whonix is a system with wide possibilities of customization and configuration that sometimes cannot be done in Tails. There are many programs and settings that allow you to build your own anonymity/security system, remove traces of using files, use instant messengers, work with different file types, etc.
Whonix is definitely a good system for anonymous Internet access but using it on an ongoing basis will be quite problematic. Since Whonix is built around virtualization, this may cause some problems. For example, you can face difficulties while working with external media. If you need to connect a USB flash drive, it will first go through the main OS, for example, Windows, then go through the VirtualBox and finally reach the Whonix system, and this is not the safest way.
• High degree of anonymity.
• A large number of software tools to work with.
• Wide fine-tuning possibilities.
• Not portable.
• Requires powerful hardware.
• Tied to VirtualBox, which brings big risks in case of hacking the OS on which VirtualBox is installed.
• Not quick, requires more time to access the network than other operating systems (you need to start VirtualBox, Gateway, Workstation).
Whonix is good as a secondary (additional) system because it is not portable. Portability is one of the most important criteria in this segment. It is also tied to VirtualBox, and since this is not a live system, it will be quite easy to detect the presence of Whonix if you do not use cryptography methods.
Whonix should be used only in special cases. I put it on my list because it is very flexible in terms of settings.
Linux Kodachi is based on Debian too. The goal of Kodachi is to provide the most anonymous and secure access to the network and protect the system itself. All traffic is running through a VPN, then through the Tor network with DNS encryption. Free VPN is already pre-configured.
Kodachi is positioned as an anti-forensic OS that makes forensic analysis of drives and RAM really difficult.
XFCE was chosen as the desktop environment for Kodachi, the system design is very similar to MacOS. System and network parameters are shown in real time on the desktop, which allows you to monitor the system and also monitor the operation of the Tor and VPN networks.
Kodachi supports DNScrypt, a protocol, and utility that encrypts requests to OpenDNS servers using elliptical cryptography. It eliminates a number of typical problems, such as DNS leaks and leaving traces of network activity on the provider’s servers.
If you need to hide an IP address in P2P networks, you can use PeerGuardian. If you need to work with suspicious processes, they can be easily isolated using the built-in sandbox called Firejail. A nice option is the ability to quickly change the Tor exit nodes with the option to select a specific country using Multi Tor.
Kodachi has a decent amount of pre-installed software for solving any tasks, for example, to encrypt information (VeraCrypt, TrueCrypt), to send confidential messages (GnuPG, Seahorse, Enigmail, GNU Privacy Guard Assistant) for hiding traces (MAT, Nautilus-wipe, Nepomuk Cleaner, BleachBit).
In addition, Kodachi has its own browser based on the Tor Browser, where its developers cut out some problematic Tor modules.
Kodachi is a well-balanced system, it is a powerful tool for building anonymity and security systems in all understandings. This OS is best used in conjunction with encrypted media on which highly sensitive information can be stored.
In my opinion, Kodachi is the best system at the moment, it allows you to solve plenty of tasks.
• Quick start (i.e. fast network access like Tails).
• Many pre-installed programs.
• Not very demanding in terms of hardware.
There are actually no cons but they may appear with some narrowly focused tasks\needs.
There are some other quite good operating systems built for anonymity such as Subgraph and Qubes.
Qubes OS uses an interesting principle to launch applications. Each app runs on a separate virtual machine. Apps are divided into classes depending on the level of importance. The browser runs on one virtual machine, the messenger runs on the other virtual machine. For the user, both programs seem to be running on the same workspace. Isolating applications means that if malware gets inside, personal files will not be compromised.
Qubes OS works only after installation on the internal drive, it does not have a live mode.
The key idea behind Subgraph OS is running custom applications on isolated sandboxes. To do this, the subsystem Oz is used. Oz consists of a daemon (system service) that receives requests to create sandboxes, an Xpra X-server, and a set of special utilities.
Subgraph OS is a bit raw tool. Only the alpha version is available right now.
Subgraph and Qubes are not bad, but they are not good enough to put them among leaders. Subgraph OS is too raw, Qubes is too confusing in terms of settings.