Tails – the OS used by Edward Snowden – review

Tails bills itself as ‘the amnesiac incognito live system’, but it is really a stand-alone version (distro) of Linux (Debian GNU/Linux) that has been optimised for maximum security.

Tails is booted as a Live DVD or Live USB (from a USB stick), forces all internet traffic through the Tor anonymity network (refusing non-Tor connections), can used on any computer but leaves no trace (all data is stored in RAM, which is automatically deleted when a session is finished), and comes with advanced cryptographic tools built-in.

Tails was the tool of choice for Edward Snowden, Glenn Greenwald, and documentary maker Laura Poitras. It is also the winner of Access’s 2014 Innovation Award for Endpoint Security.

How can we trust Tails?

The team behind Tails is anonymous,

‘The masters of today’s Internet, namely the marketing giants like Google, Facebook, and Yahoo, and the spying agencies, really want our lives to be more and more transparent online, and this is only for their own benefit. So trying to counterbalance this tendency seems like a logical position for people developing an operating system that defends privacy and anonymity online.

This of course brings up the issue of how Tails can be trusted not be some kind of NSA honeypot. Well, the PowerPoint slide below shows the NSA complaining about Tails, and the OS is completely open source, so the code can be inspected by anyone (Tails is based on Debian, which has been heavily audited. Many of the bundled applications however, although also all open source, have not been audited). For more details see here.


NSA PowerPoint slide complaining about Tails


The Tails ISO image can be downloaded and burned onto DVD (the file is 913MB), or installed on a USB stick or memory card (recommended). Full instructions are available on the official Tails website. Users should take particular care to read, understand, and implement the instructions on how to verify the ISO image integrity using the Tails Signing Key, as well as how to increase trust in that Signing Key. It is also important to understand the limitations of Tails as a security tool before you start using it.

Once you are satisfied with the integrity of the ISO, and have burned / installed Tails on your chosen media, you can insert the media into any desktop computer media, restart the computer, and boot into the OS (usually continually tapping the F11 or F12 during the first 15 seconds of booting up will bring up the Boot Options page, from where you can select the correct boot device).

boot 1

You can jump straight in, but it probably worth taking a look at the advanced options at least once

boot options



Tails uses a no-frills Gnome 2.0 desktop (somewhat outdated)

tor 1

As soon as Tails boots to the desktop it will start establishing a Tor connection. This can take up to a minute or so, and you are notified when successfully completed. The fact that Tails forces all connections through Tor is its defining feature


The default browser is IceWeasel, a Firefox spinoff for Debian that has been given the full Tor Browser Bundle treatment


IceWeasel comes with a bunch of privacy enhancing extensions. We have looked at most of these before, but FoxyProxy provides an easy way to switch between proxy settings (and ‘amnesia branding’ simply seems to rebrand the browser to say ‘Tails’)

virtual windows 2

You may have noticed ‘Windows Camouflage’ in the startup options, This makes Tails look like Windows XP, and is intended to look less ‘suspicious’ used in a public place such as an internet café


Tails comes with a built-in virtual keyboard, designed to foil various keylogging techniques

Security Tools

A number of security related tools are bundled with Tails.

claws pgp

The Claws Mail client comes with PGP baked in


Pidgin is an Instant Messaging and VoIP app, and the Tails version comes pre-installed with secure OTR messaging (se take an in-depth look at Pidgin + OTR here)


KeePassX is the Linux version of our favorite password manager

Tails also allow you encrypt USB sticks and external hard drives using LUKS.

Other tools

In addition to security related tools, Tails includes some basic programs that will give journalists, whistleblowers etc. the basics of what they need to get work done. These include OpenOffice, GNU Image Manipulation Program, Inkscape Vector Graphics Editor (an app and website language translator program), Globby Collaborative Editor, Poedit, and Audacity.

Of course, additional programs can be downloaded using the Synaptic Package Manager, but this introduces new security issues.


As a tool for accessing the internet as anonymously as possible, it is difficult to beat Tails. It provides all the necessary tools that journalists, whistleblowers and such will likely need to perform their task without being tracked or identified.

As a day-day secure OS however, Tails will likely be somewhat too out-dated and stripped down for most people’s tastes. This is as it should be however, and the Tails website takes pains to explain that for maximum security a brand new session should be run for each task performed.

Users looking for a good general purpose secure OS might want to consider using something like Linux Mint (or any version of Linux). These are nowhere near as secure ‘out-of-the-box’ as Tails, but are much more secure than Windows or OSX (while proving similar levels of functionality), and with care can they be configured to be much more secure.

For the truly paranoid however, Tails is absolutely the way to go!

Note that those wishing to donate to Tails can do through the Freedom of the Press Foundation.

Update 10 October 2014: a new version of Tails (1.2) has been released. It fixes numerous security issues, replaces the IceWeasel browser with Tor Browser 4.0 (see here for more details), and adds a dedicated I2P browser. Because TrueCrypt is no longer considered secure, Tails makes it clear that the program will be removed from version 1.3. It remains included in version 1.2, however, in order to allow users to open existing TrueCrypt containers and migrate data away from the program.

Users are advised to upgrade to Tails 1.2 as soon as possible, which can be downloaded or upgraded from here.

Douglas Crawford I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. Find me on Google+

Related Coverage

3 responses to “Tails – the OS used by Edward Snowden – review

  1. Thanks for such a quick response and for clearing this up for me! After years on Windows OSes, their last refresh (the spyware ridden Win10) forced me off their systems completely.

    While I had Win7 fairly secure, in addition to adding a VPN, I’m stilllearning my way around Linux (Mint plus some distroHopping). Tails sounds like a great option to test and get a feel for other security-focused tools available for Linux.

  2. This is probably a dumb question but I’m not clear on one thing in the following scenario…

    Suppose I connect to a public wifi network, I would have two areas of concern:

    1. The local network admin keeping logs of all visited sites. Would tail obfuscate the urls I visit from this person? Access to webmail, search engine search queries, news articles, etc.

    2. The ISP providing service to this open wifi network. Would tails also obfuscate urls, making it difficult for them to see the sites I visit?


    1. Hi john,

      Yes. Tails uses Tor to encrypt your data before it leaves your PC, before routing it through at least 3 random “nodes”. Neither the router owner or the ISP can see what you get up to on the internet (although they can know that you are connecting to Tor.

Leave a Reply

Your email address will not be published. Required fields are marked *