Best OS for Security: Comparing Titans

Operating systems to achieve anonymity and security a dime a dozen, but really worth it, not so much. I propose to understand the question of choosing the best system ready to solve any problems. Go!


Tails OS is a Debian-based Linux distribution designed to provide privacy and anonymity. It is a continuation of the development of OS Incognito. All outgoing connections are wrapped in the Tor network, and all non-anonymous connections are blocked. The system is designed to boot from * LiveCD / LiveUSB and leaves no traces on the machine on which it was used. The Tor project is the main sponsor of TAILS. The operating system is recommended for use by the Free Press Foundation and was also used by Edward Snowden to expose PRISM. (Formerly this distribution was called Amnesia) (wiki).

In order to make out the pros and cons of Tails, it is necessary to have a strict concept for what purposes the OS is and how it should be used.

Tails is an operating system with a quick start, that is, after creating a flash drive with a system, it will take 1-2 minutes to access the Internet on a good hardware, but you should not expect much functionality from it. Tails allows you to quickly connect to the Tor network, connect with the second party via a secure channel, generate and save passwords, clear metadata files, and if a journalist, write an article and send it to the editor.
')
At the heart of Tails lies the task of ensuring the anonymity and safety of the user on the network, while at the same time preserving the convenience and ease of use of the operating system, and it does it quite well. The whole system works in Live mode and is unloaded into RAM, Tails is not unloaded on ssd or hdd, this is done so that after the session is over, it is impossible to determine what the user was doing on the computer, even getting access to the entire device.
This OS is not strictly considered for installation on a hard disk as a permanent operating system. After shutting down or restarting the system, all downloaded files, browser history, etc. - are deleted.

You can create a Persistent encrypted partition and store passwords and files of various types on it, but these files should be with a small degree of confidentiality.

To run Tails, you need a device with at least 1GB of RAM and an antediluvian processor. (Optimal device specifications for Tails: 8GB RAM and a modern 2-core processor)

As for the installation of third-party programs - this is not the strong point of this OS.

Installing applications into Tails is not the most pleasant thing, there are often unforeseen errors, even if everything is done correctly and according to the instructions, it may be that after several reboots your installed software will simply disappear. In some cases, if you need a permanent robot with third-party software, the best option is to create an assembly to fit your needs.

The goal of Tails is to leave no traces, so something more than accessing the Tor network and simply storing files can be a problem. It is best to use Tails for quick access to the network and some foreign exchange transactions.

A good use of Tails is access to a remote web resource, work with documents, communication over an encrypted channel, work with cryptocurrency.

For example, the creation of a cryptocurrency wallet through Tails with the preservation of all the wallet data in the Persistent section is not bad if the wallet with a small amount (up to $ 1,000) is often used. Actually, if you need to quickly transfer currency, it’s enough to stick a USB flash drive into any device with the Internet and do business in 5 minutes.

It is not worth storing cryptocurrency wallet data with a couple hundred thousand dollars on the Persistent section, documents with the highest priority of confidentiality, too.

To say that Tails is suitable as an everyday OS for all tasks is not worth it.

Now the pros and cons!

Pros:

• quick access to the network (Tor, instant messengers, online crypto wallets)
• built-in cleaning software metadata
• built-in instant messengers
• password generation / storage
• works on weak iron

Minuses:

• difficult installation of the system (sometimes you need 2 flash drives)
• problem installation of third-party software
• not suitable as a permanent system
• Not suitable for storing files with the highest priority of privacy
• not suitable for building a strong anonymity / security system

Tails is a good system, but with its drawbacks, it is simply tailored to specific tasks that do not always work. Tails are more concerned with the issue of anonymity, but not security. Of course, this is an anonymous and quite good secure system, but there are distributions that are much more progressive, Tails is well-known thanks to Snowden and advertised in many circles thanks to a fairly quick development and its simplicity.


Whonix is a Debian-based Linux distribution, formerly known as TorBOX. Designed to ensure anonymity by means of VirtualBox and Tor. Its peculiarity is that neither malware nor compromise of the superuser account can lead to IP address and DNS leaks. All software bundled with the system is pre-configured with security requirements.

The Whonix system consists of two virtual machines, Whonix-Gateway and Whonix-Workstation, connected through an isolated network, where the first works exclusively through Tor and acts as a gateway to the network, and the second is in a completely isolated network.
In this implementation, all network connections are possible only via Tor. The only network access for the workstation is the gateway. The only way the network traffic from the gateway and back is the Tor network. All traffic, all applications and processes will go through Tor.

Applications cannot access the Internet bypassing Tor, they can only see the local IP address, for them the user name will be just “User”, the device information will be unchanged. The time zone can also not be traced, the clock is set to UTC, and * Timestamp HTTP headers sent to randomly selected web servers are used to synchronize time.

* Timestamp is a sequence of characters or coded information indicating when a certain event occurred. Usually shows the date and time (sometimes accurate to fractions of seconds).

The main component for building an anonymous / secure connection is the gateway, which can be used through any distribution in VirtualBox and get almost the same level of protection against tracking, but you shouldn’t, the security will not be maximal.

Good advantages of the system - the implementation of different bundles of Tor + VPN. You can configure the system so that first all the traffic goes through the VPN, after through Tor and again through the VPN. Different bundles give good anonymity / security.

Whonix is ​​a system with the possibility of modification and detailed configuration, which sometimes cannot be done in Tails. In this OS, there are many programs and settings that allow you to build an anonymity / security system, remove traces of using files, use instant messengers, work with different types of files, etc.

Whonix is ​​definitely a good system for anonymous / secure access to the network, but using it on an ongoing basis will be quite problematic. Since Whonix is ​​built on virtualization, this causes some difficulties.

For example, difficulties with the work of external media. If you need to connect a USB flash drive, it will first go through the main OS, for example Windows, then go through VirtualBox and go to the Whonix system, and this is no longer safe.

You will have to be chained to the device on which the Whonix system is installed, you can not just insert a USB flash drive and access at any time, as is the case with Tails.

Pros:

• high degree of anonymity / security
• a large number of software for work
• possibility of detailed settings

Minuses:

• not portable (device attachment)
• requires good hardware (processor, video card and RAM is not below average)
• attachment to VirtualBox, which means big risks in case of OS hacking on which VirtualBox is installed
• not operational, it takes more time to access the network than other operating systems (you need to run VirtualBox, Whonix-Gateway, Whonix-Workstation)

Whonix is ​​best used as a backup system because it is not portable, and portability is one of the most important criteria. It is also tied to VirtualBox, and since this is not a live system, it will be quite easy to detect the presence of Whonix if you do not use cryptography methods.

Whonix should be used only in extreme cases. The emphasis on it is made because it is a flexible system, it is in the TOP of the safest systems, although with its drawbacks, it will be extremely wrong to bypass it.


Linux Kodachi is an operating system based on Debian that provides a reliable, counter-forensic anonymous / secure operating system that takes into account all the features and subtleties of the anonymity and security process.

The task of Kodachi is to provide the most anonymous and secure access to the network and protect the system itself. In Kodachi, all traffic is forced through VPN, then through the Tor network with DNS encryption. (VPN is already pre-configured and besides it is free).

Kodachi is positioned as an anti-forensic development that makes forensic analysis of drives and RAM more difficult. Kodachi is more thoughtful than Tails.

XFCE was chosen as the desktop environment for Kodachi, the system design is very similar to MacOS. Required system load parameters, network conditions, etc. are displayed in real time and displayed directly on the desktop, which first of all allows you to monitor the resources of the system used and monitor the operation of the Tor and VPN network.

Kodachi integrates support for DNScrypt, a protocol and utility of the same name that encrypts requests to * OpenDNS servers using elliptical cryptography. It eliminates a number of typical problems, such as * DNS Leak and leaving traces of network activity on the provider's servers.

* OpenDNS is an Internet service that provides publicly available DNS servers. It has a paid and free mode, it can correct typos in typed addresses, filter phishing sites in case of a set of incorrect requests, can offer a page with search and advertising.

* DNS Leak is the IP leakage of the closest DNS server to the system, which can occur during rezolving. DNS queries can bypass the proxy / VPN / TOR connection, that is, directly to the ISP's DNS server, which will lead to the disclosure of the real location. DNS leakage can occur through a browser or add-ons in it (Flash, Java, WebRTC, Silverlight).

If you need to hide the IP address in P2P networks, you can use PeerGuardian, if you need to work with suspicious processes, you can easily isolate them using the built-in sandbox Firejail. A nice option in this OS is the ability to quickly change the output nodes with the option to select a specific country using Multi Tor.

Generally speaking, Kodachi has a decent amount of pre-installed software for solving any tasks, for example, to encrypt information (TrueCrypt, VeraCrypt), to send confidential messages (GnuPG, Enigmail, Seahorse, GNU Privacy Guard Assistant) for sweeping traces (MAT, Nepomuk Cleaner , Nautilus-wipe, BleachBit).

In addition, Kodachi has its own browser based on the Tor Browser, which has the best built in and cut out the problematic modules.

In general, Kodachi is the perfect tool for almost everything. Immediately out of the box We get a huge number of programs for secure / anonymous access to the network, communication over encrypted channels through different programs, software for sweeping away traces, total encryption of everything that is potentially encrypted, etc. (This is only a small part of the benefits of Kodachi)

Kodachi is a highly balanced system, it is a powerful tool for building an anonymity and security system in all understandings. This OS is best used in conjunction with encrypted media on which information with the highest priority of confidentiality will be stored.

That Kodachi is the best system at the moment, it allows you to solve any problems.

Pros:

• quick start (i.e. fast network access like Tails)
• a large number of pre-installed programs
• strong anonymity / security system
• not very demanding on the gland

As such, there are no minuses in the system, but they can manifest themselves in the case of narrowly focused tasks, but this is a part of any system.

There are still quite good OS such as Subgraph and Qubes.

Qubes OS uses an interesting principle of launching the application, each of them runs in a separate virtual machine, divided into classes depending on the level of importance for the OS. The browser runs in the same virtual machine, the messenger in the other machine, and for the user both programs seem to be running on the same workspace. Isolating an application means that if malware is downloaded to a work computer, personal files will not be compromised. But Qubes OS only works after installation on the internal drive, it does not have a live mode.

The key idea of ​​Subgraph OS is running custom applications in isolated sandboxes. For this, the subsystem “Oz” is used, consisting of a daemon (system service), which receives requests to create sandboxes, an Xpra X-server and a set of special utilities.

Subgraph OS is too raw, so only the alpha version is available for download.
Subgraph and Qubes are not bad, but not enough to put them in the lead. Subgraph OS is too raw, Qubes is too confusing in terms of settings.

Total, the winner is Kodachi!

An excellent balanced system with great functionality, all the necessary software for solving any tasks, is quite flexible in setting up + a free VPN is pre-configured from the box.

Thanks for reading this article.