Tails for MacBook Users: Anonymity for the Survivalist, by Losttribe

Facebooktwittergoogle_plusredditpinterestlinkedintumblr

Since the exposures of details regarding the NSA’s communication capture and domestic spying programs, many Patriots wish to keep their identities as anonymous as possible. Examples would be avoiding the tracking of us (who read online blogs, search for articles and information applicable in TEOTWAWKI, and make certain purchases that we feel are not the business of the powers that be) by those who wish to capture and store all of this detail for use against particular individuals and groups, whether it be in our current “big brother” era or future TEOTWAWKI.

For many users, reducing your cyber footprint is not so easy. With the vast push over the last decade to expand our identity by sharing email addresses across forums, blogs, and social networking sites, removing this has become an ever more challenging issue. For those who are ready to begin the process of breaking down their cyber footprint or for those who have decided to start fresh somewhere else, such as in the Redoubt, this is an excellent time to also start fresh with your online identity.

The Tails operating system (The Amnesic Incognito Live System) operates completely from a USB drive. Tails is based on Debian Linux– a flavor of the Linux operating system (OS) designed to be run separately from the installed OS baked onto the hard drive in your laptop or PC. For normal PC users, Tails will run under most circumstances using some simple instructions, without an enormous amount of effort just to get it running. For anyone who uses any kind of MacBook, this is not the case.

Newer MacBooks, such as the MacBook air are built on x86 technology (older Mac’s are built on the PowerPC architecture known as RISC) but use UEFI instead of BIOS based firmware (now the same in Windows 8 and above). This creates an issue with simply burning the Tails ISO as an image on the USB drive to get it started. This issue is further exasperated due to most newer MacBook laptops not having an optical drive either (CDROM). For those of you who would like to start using the tools available to add as much privacy as possible to your cyber tasks, I will walk you through getting Tails up and running on a Mac.

If you don’t already have the Tor Browser Bundle, get it installed. Once you’ve got that installed, go to https://tails.boum.org/ to grab the most recent copy of Tails. While there, read up on the technology so you have a better understanding of how it works and have confidence that it’s a fit for you. Remember, the desire to use such technology can sometimes outweigh the benefits, so take long hard consideration into if creating anonymity is for you. The flip side to hiding all that you do online could be an increased desire for those that wish to pry to figure out what exactly it is you’re doing and why you need this ability to “hide”.

Once you have the Tails ISO downloaded to your Mac, let’s go ahead and grab a few more tools you’ll need. First, we’ll head on over to Sevenbits site and grab the most recent copy of Enterprise (0.3.0 at the time of this writing). Enterprise is an EFI program that aids in loading a Linux like Grub boot loader (GRand Unified Bootloader) for the Linux kernel. It was developed by Sevenbits to be used in conjunction with Mac Linux Boot Loader (MLUL); however, integration between the two, with Tails, is not yet 100%, so we will be doing this manually. You can grab Enterprise here: https://sevenbits.github.io/Enterprise/

Now go grab your USB drive; get one with a minimum of 4GB in size, and put it to the side for now. Open up a terminal on your Mac (Applications -> Utilities -> Terminal). Once open, we need to see what your disk layout looks like both before and after inserting the USB drive so we do not confuse the new drive with any of the drives in use. Run the command “diskutil list”.

Here is an example output:

/dev/disk0
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *251.0 GB disk0
1: EFI EFI 209.7 MB disk0s1
2: FDE_FullyEncrypted 225.0 GB disk0s2
3: Apple_HFS Macintosh HD 225.0 GB disk0s2s1
4: Apple_Boot Recovery HD 650.0 MB disk0s3
5: Apple_HFS Restore 25.0 GB disk0s4
6: ppc-disk0.db 262.1 KB disk0s6
7: ppc-disk0.log 4.6 KB disk0s7

We can see from this output I am using disk0 and have no other disks currently running on my system. Go ahead and plug that USB drive into your MAC and you should see the drive appear on your desktop. Let’s rerun “diskutil list”, and now we should see another disk other than disk0. In this example, I will be using disk1.

Next open Disk Utility (Applications -> Utilities -> Disk Utility), and on the right hand side you should see your USB disk, disk0, with the name of the vendor you bought it from, such as Sandisk. If you have created partitions on it or named it something else, you will need to “Unmount” any volumes mounted on it by selecting them and then select “Unmount”. Again, click on the USB drive and in the center of the screen select “Partition Layout”, and make sure it is laid out as a “1 partition layout”. Beneath “Partition Layout”, select “Options”, and select the Partition Scheme “Master Boot Record”, and select OK. To the right of Partition Layout, select format, change the format to “MS-DOS (FAT)”, and click “Apply”. This will prep the USB drive for our new Enterprise setup.

Now that you’re feeling confident about all of this, let’s open up the drive that should have pre-mounted itself with a USB drive icon on your desktop. If not, go back to Disk Utility and mount it. Once you’re inside, create a folder called “efi”, and then go into this new folder and create another folder called “boot” and head on into this new boot folder. Set that window to the side for now.

Open up Finder, and assuming you downloaded both Tails and Enterprise to your Downloads folder, you’ll want to extract the contents of the zipped Enterprise package. This will leave you with a new folder called Enterprise and inside a few files and binaries. You will need to copy the “boot.efi” and “bootX64.efi” binaries into the folder were created earlier onto your USB under the “efi/boot folder”. Once that’s done, copy in the Tails ISO into the same folder and rename it “boot.iso”.

Whew, now that we have all of that done, we are getting close but not done yet. We have just a few more things to do! We will need to create a config file for Enterprise to use to find the Tails kernel and boot images for Linux named “vmlinuz” and “initrd”. To do this, we will open up the text editor (Applications -> Utilities -> Textedit) and create a file called “enterprise.cfg”. Copy and paste this detail into your Textedit file. You can also customize it, if you are familiar with Linux boot options for the kernel, especially if you have specific video needs for any custom video graphics or displays (MAC towers).

# This is a sample enterprise.cfg file, demonstrating how to boot kernels.
# Lines beginning with a pound sign are comments and are ignored.
# Some of this is not necessary, but for completeness I have left all of the examples and modified it for the setup we just did. Feel free to modify or remove what you like; you can find an outline of what the different lines mean.
entry Tails
family Debian
iso boot.iso
kernel /live/vmlinuz config live-media=removable findiso=/efi/boot/boot.iso nopersistent noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 nox11autologin module=Tails noapic noapm nodma nomce nolapic nomodeset nosmp

Save that file under the “USB drive/efi/boot” called “enterprise.cfg”. Once you save it, don’t close it just yet; save it again as: “.MLUL-Live-USB”. Save and close all of what you have opened, unmount the volumes on your USB drive, and eject it. Give yourself a pat on the back, and treat your self to a cup of coffee because the fun is about to begin!

With the USB drive in your MAC, reboot the machine. Once it is down and before it starts to boot up, hold down the option key ⌥ also called “alt” to some, as this will keep your Mac from booting up normally, allowing additional boot options. You should see your USB drive on your screen as one of the options called “EFI Boot”. Select “EFI boot”, and let Enterprise boot load up. Again, you will be given the option of what to load, select “1” for Tails, and at the next screen select “1” again. By this time, you should see it attempt to load the Linux kernel “vmlinuz” followed by the “initrd” image. Note that it’s common to see a video error that should pass. Depending on the speed of your Mac, after about a minute, you will finally see Tails begin to load and will eventually be presented with the Tails Greeter.

The configuration of Tails, Tor, VPN’s, encrypted email, and instant messaging will be covered in a separate article. For now, feel free to log in and take your new USB-based operating system for a test drive. Once you pull out the USB drive, the Tails operating system will wipe the memory from your system and shut down, leaving everything you’ve done wiped away. Your Mac’s RAM (not the hard drive or USB) will have “amnesia”!!

I will leave you with this: As you embark on reducing your cyber footprint, think long and hard about whether or not you need to be involved in social networks, such as Facebook, Twitter, Instagram, and LinkedIn, just to name a few. Just remember their business model is built on surveillance tradecraft designed to collect as much data about you as possible. Building a complete profile of you, your habits, enabling government agencies to produce facial aged/modified photos of you in the event you choose to go off the grid. All the information you share via online profiles is collected by corporate surveillance giants, and in turn, captured by government agencies. Such agencies are looking to classify groups of people based on their narcissistic stereotypes, while destroying your freedom. You may find you have a need to keep some things around, such as LinkedIn for your career. Consider the idea of separating your new (anonymous) identity from all sites and tools that you have used in the past or currently use from your non-anonymous identity. I will go into more detail in future articles.

For now, I bid you safe surfing, and to stay frosty! The time is near at hand for these little things to have major impact in a changing world of control and compliance.

Bookmark the permalink.

Advertisements:


Leave a Reply

Your email address will not be published.
Anonymous comments are allowed, but will be moderated.
Note: Please read our discussion guidlelines before commenting.