Tails Linux encrypted persistence is not as safe as you might think

I have recenty set up a Tails live operating system with a LUKS-encrypted data persistence partition, and used it for a while, noticing that Tails insists on a FAT filesytem for all its system files, kernel, initrd and filesystem.squashfs. Actually, I was thus very curious about how developers managed to protect their security-focused operating system from system files modifications  FAT means  ‘easily writeable; to me. And concluded that Tails Linux is not the safe place I might think when using encrypted persistence. If I lend my USB key containing Tails Linux to an evil Penguin, am I sure to use it again afterwards? Are my persisted data safe? Is my LUKS key safe? There is no need for an evil Penguin to force or trick me to tell him my LUKS passphrase (as Tails website warns), he only needs to ask me to use my USB key for just a short while. An evil Penguin’s idea is to inject a script into the Tails filesystem which is able to reveal the LUKS master key ??? and eventually send it by the network.

View Full Post

Summary :

Laureato in Ingegneria, è un esperto Analista e Programmatore Web, ha maturato un’esperienza decennale come Sistemista e Distribution Designer ed è un esperto di linguaggi di programmazione, di cui ha pubblicato svariate guide.
Ha lavorato come Linux Engineer, team leader, dal 2016 lavora in Mon-K Data Protection come CTO e Product Manager e da settembre 2018 è entrato il LumIT come Innovation Manager.