When former National Security Agency contractor
Edward Snowden published internal documents on how and to what extent the NSA was spying
on the general public, he soon rose to a prominent figure in the global community of privacy
advocates and civil rights activists. Many people concerned about privacy and security
listen to his opinions and follow his software recommendations. But the most important system software, the
operating system, often gets neglected when looking for ways to improve privacy. In the past, Snowden has approved two desktop
operating systems in particular. Letās look at what they are, how they work
and who should use them. The operating systems most people use every
day today arenāt really geared towards privacy. Microsoftās Windows 10 was criticized from
the beginning for invading itās users privacy by collecting excessive amounts of diagnostic
data, monitoring usage and analyzing behavior. While it has improved slightly since its release,
it definitely is not on Snowdenās recommended list. Appleās macOS is a similar story. On the one hand, the operating system is often
considered more secure and even slightly more private than Windows. On the other hand, it is closed-source and
developed by an American company meaning it is impossible to completely verify itās
privacy and independence from US government agencies. Then there are common Linux distributions
like Mint, Debian and Ubuntu. These are all a big step in a more private
and secure direction but these werenāt the ones Snowden recommended. Back in 2013, Snowden in fact used the operating
system Tails to communicate with journalists. Itās designed to be booted as a live DVD
or USB and to leave no trace on the machine. This already hints at the fact, that it is
not intended to replace a fully-featured everyday operating system but rather for specific sensitive
tasks. The advantage is: You can even use it on other
peopleās computers and carry selected documents and settings in an encrypted persistent storage
of Tails. All network traffic is automatically routed
through the Tor network for anonymous communication and Tails includes some useful tools like
an e-mail client, a password manager, an office suite and a file sharing application. Tails helps to avoid online surveillance,
censorship and tracking and is one of the few operating systems that arenāt even easily
compromised by physical access because of its temporary nature. Everything the user did disappears once itās
shut down. A few years later in 2016, Edward Snowden
recommended another operating system, seemingly he had replaced Tails. He tweeted about Qubes OS, a system that is
all about security by isolation. Contrary to Tails, it can be used as a permanent
operating system. Qubes uses virtualization technology to isolate
various programs from each other and even sandboxes many system components like networking
and storage. This way, even if one of these programs or
components is vulnerable to attacks, it does not affect the integrity of the entire system. Itās one of the most effective ways to defend
against zero-day exploits. Every window in Qubes has a certain color
to indicate in which domain it runs, fully isolated from other domains. The isolated compartments called qubes like
the operating system are categorized by purposes, level of trust and template virtual machines. Apart from popular Linux distributions like
Fedora and Debian, Qubes can also run Windows programs in itās virtual machine. That should be a deciding factor for many
users thinking about switching from Windows. The system kind of reminds me of the Firefox
add-on āTemporary Containersā which opens every tab in itās own isolated container. It looks a bit complicated at first glance,
probably lowers system performance because of the virtualization and makes some tasks
like copy pasting between applications more tedious but that is a small trade off for
the security it provides. Iām guessing it isnāt targeted at grandma
checking Facebook once a day anway. Depending on if you are looking for a private
portable operating system or a permanent secure one, give Tails or Qubes a try. They are both freely available and recommended
by the worldās top security experts.
Link won't load but tails, it's got to be tails, right?
There, tried to save you a click