First and foremost, download the ISO from the TAILS website. Make sure to get the latest version. Unless you are pretty linux savvy, avoid the Beta if available. I am assuming that if you are going through this page, you are not as savvy as some.
Make sure to save the ISO somewhere easy to get to. Think of this as a chance to learn how your computer saves information. I know a few people that click the save button and have not a single clue where the stuff goes. Also, Verify the validity of the download, follow the instructions on the download page to do this. It is possible for a “Man in the Middle” attack, and some cyber-security jock to install a backdoor on the ISO enroute to you. Verifying the download should eliminate this point. Should, but your install and your security are in jeopardy if you don’t at least check.
Now you need to go to the Rufus site to get the program to make your bootable USB.
So you have pretty much all you need at this point. You do have two thumbdrives right? I have an 8 gig and a 16 gig drive that I used on mine. Sadly, the 8 gig is shot now that it has the image on it. Not even TAILS will recognize it to wipe it clean. Use my mistake to learn from.
Next step, Click on Rufus and put your destination drive in a port. Verify that Rufus sees it. If you aren’t sure, click on Computer and see what drives you have and make sure that Rufus sees the thumb.
As you are looking at the window there, you will note three check marks in Format options. All three need checked and only if you are using an older thumb drive would I bother with the first one (check bad sectors). Leave it unchecked. The second check mark shows an ISO image moniker. There is an image of a disc drive to the right of that. Click it and browse to where your ISO image is located on your computer. Double click that and you should now see Tails ISO in that box.
You’re ready. Hit START and go grab a beer. It should be ready by the time you get back to the desk. Rufus is much faster and easier to use than some of the programs I have run in the past.
Now comes the fun part. Every manufacturer has a different boot option for getting into the BIOS of your computer. I do not reccomend playing in this area if you are not 100% certain of what you are doing and even then, use levels of caution as if you were in a combat zone. This is what make your computer work everyday and is the Cerebellum of your computer and handles everything from Drive utilities to basic boot options and if you go mucking around in here and making too many changes, you may have a very expensive paperweight on your hands. All you need to worry about is BOOT ORDER this go round.
On my machine, when the initial boot screen starts up, I hit the ESC key and that gives me the option of accessing BIOS. I find the boot order, move USB up the list over the internal HD and then save. Fair warning. You do NOT get to use your mouse in these screens. Its all direction arrows or Function keys, so pay damned close attention to what the screen options are, but also what your fingers are near. One foul keystroke and you are at ground zero of computer meltdown (Ok, so I am exaggerating a bit, but I am dead serious, this is where newbies in the computer field really screw the pooch. The cure is simple, but a real pain in the ass to do and EXPENSIVE if you have to have someone else step in to help. YOU HAVE BEEN WARNED!)
Boot order changed, or just highlight the USB and hit enter (or whatever the lower screen says. Sorry, I can’t get screen shots of this page AND post this page for you. Gotta trust me that the computer will show you the map here.)
When Tails starts, you will see something like a log-in screen. Click on extended options, then forward. There you will see a password option. enter whatever password you are comfortable with or even just a single number. Right now it is not relevant what you put in there as this is only so you have ROOT privileges. What we are going to do next requires that.
Another option with the extended login is the option of stealth mode: IE XP camouflage. Doing this makes your desktop look just like a basic desktop in XP even down to icons in the task bar. (hovering over them will highlight a different name though, Like ‘ice weasel’ instead of Explorer.)
Now, according to the documentation on the TAILS site, you should be able to create the persistent volume on the drive you currently have in the port. I was not able to do this. I kept getting and error that stated, “drive was not created by TAILS, unable to apply changes.” With that in mind, choose which route you would like to go, theirs or mine. If mine, follow along.
Put your second drive in a port, then go to your main menu.
Applications>TAILS>Configure Persistent Volume
You should now see a window with three options in it. Choose CLONE drive. Once this is done, go all the way back to rebooting the computer and dealing with BIOS (unless you change boot order permanently to USB first) MAKE SURE THAT YOU HAVE THE NEW USB IN PLACE< NOT THE OLD ONE> This time around, using the same log in options as last time,Make sure that you use a GOOD PASSPHRASE. This one is going to be saved as your encryption password for the storage part of the drive. Use the usual password security features like alphanumerics and capitol/lowercase options, etc. Make sure you can remember it as well. I have to stress this, a lot. THIS IS YOUR WEAK LINK. Everything in TAILS is protected by this one point. Lose it and everything you do in there is gone forever. Give it away and it is compromised. This includes your private encryption keys to GnuGP which means that someone could act like you online and everyone on your keyring would trust them, thinking they were you. MAKE THIS PASSWORD STRONG BUT UNFORGETTABLE. There are several tricks to making a passphrase that works well, is easy to remember and is stronger than Ft Knox. One way is to take a sentence or quote that means something to you. Here is an example. ” There Ain’t No Such Thing As Free Lunch.” You could make your passphrase “TANSTAAFL” but that is pretty easy to break, if someone knows you. Break it up with numbers (computer geeks call this L33T, long story) T4N544FL. OR, use a different sequence of letters. 1st word 2nd letter, 2nd word, 3rd letter,etc. Of course that doesn’t work with the phrase exampled, but you get the gist. Get creative. The more creative you are, the harder your passphrase should be to break. Again, all of the steps you are taking NOW insure protection of your stuff later on. The only weak link is ultimately YOU.
Now, log in with your newly created passphrase that no one in the world could guess, but you know like the lines in your hand and lets get started.
Next page will be in establishing your Private and Public keys in GnuGP and how to set up your keyring. I will also do a walk through on how to write, encrypt and send an email, AND maintain a level of security. I will also stress the paranoia factor that MUST be used if you want this to work for you and your security and the security of those you communicate with using these techniques.