It is a brief details of my comparison research about powerful hacking or security-focused Linux distros like Tails, Kali, and Qubes. They’re really useful for browsing anonymously, ethical hacking or penetration testing, and tightening down your system so it’s secure from would-be hackers.
What Is A Linux Distro (Distribution)?
A ‘distro’ refers to a distribution of the Linux Operating System, where a person, group or company builds upon Linux and releases it under their name. Examples of popular Linux distros include Ubuntu, Fedora, OpenSUSE, among others. While all of them use the Linux kernel, they are all different with what software they include. From the the default software to even the user interface and experience, no two distros are alike.
Each distro brings something different to the table, offering up specific features for specific user sets. However, for a beginner, it is best to start simple, with a distro that offers a simple user experience for people that are new to Linux. The most recommended Linux distro for beginners would be Ubuntu Linux, as it is relatively easy to set up and use and has a lot of support.
In the Linux world, there are hundreds of different flavors of distro. Examples include Debian, Ubuntu and Red Hat (among many others). When referencing a Linux OS, administrators usually ask questions like: Which distro does the application sit on top of? or Which distro are you using?
Technically, a distribution is any deployment of software and isn’t specifically Linux. Usually in this case you’ll hear it referred to as a “distribution of software.” Despite this, the term “distro” is nearly always used in a Linux context. So, while a distribution of software is a generic term for any bundle of software, distro is nearly always a flavor of Linux.
Why Linux Is Free?
Most people know Linux as the free operating system, free here meaning free of charge. That’s right, free of charge, but it also refers to free speech. What this means is that the source code for Linux is available for everyone to view, study and modify, along with sharing their changes with anyone who would like a copy.
Compare this to Windows and OS X which, while still popular, are closed source, cannot be studied and cannot be distributed freely. This open nature is one of the main reasons that Linux derived operating systems have been successful, with many people and companies creating their own derivative versions of Linux.
Strengths and Weaknesses of all three distros (Kali, Tails And Qubes)
It seems like every other day we hear about another hack, browser exploit, or nasty bit of malware. If you do a lot of your browsing on public Wi-Fi networks, you’re a lot more susceptible to these types of hacks. A security-focused distribution of Linux can help. For most of us, the use cases here are pretty simple.
If you need to use a public Wi-Fi network at a coffee shop or the library, then one of these distributions can hide your traffic from someone trying to peek in. Likewise, if you’re worried about someone tracking down your location—whether it’s a creepy stalker or something even worse—randomizing and anonyming your traffic keeps you safe. Obviously you don’t need this all the time, but if you’re checking bank statements, uploading documents onto a work server, or even just doing some shopping, it’s better to be safe than sorry.
All of these distributions can run in a virtual machine or from a Live CD/USB. That means you can carry them around in your pocket and boot into them when you need to without causing yourself too much trouble.
Tails – Security Through Anonymity
Tails protects you in a number of ways. First, since all your traffic is routed through Tor, it’s incredibly difficult to track your physical location or see which sites you visit. Tails doesn’t use a computer’s hard disk, so nothing you do is saved to the computer you’re running it on. Instead, everything you’re working on is stored in RAM and erased when you shut down. This means any sensitive documents you’re working on are never stored permanently. Because of that, Tails is a really good operating system to use when you’re on a public computer or network.
Tails is also packed with a bunch of basic cryptographic tools. If you’re running Tails off a USB drive, it’s encrypted with LUKS. All your internet traffic is encrypted with HTTPS Everywhere, your IM conversations are encrypted with OTR, and your emails and documents are encrypted with OpenPGP.
The crux of Tails is anonymity. While it has cryptographic tools in place, its main purpose is to anonymize everything you’re during online. This is great for most people, but it doesn’t give you the freedom to do stupid things. If you log into your Facebook account under your real name, it’s still going to be obvious who you are and remaining anonymous on an online community is alot harder than it seems.
From the moment you boot up, your computer leaves footprints. Websites leave tracking cookies, following you from page to page and session to session, alongside the usual traces left by your IP address. Persistent logins from Google and Facebook tie each site visit to your offline identity. If anyone really wants to go after you, they can also make a direct attack, targeting malware to track your movements in the background. With the right tools, a computer is an open book.
Not this computer, though. It’s running Tails, an open-source operating system designed to leave as little trace as possible, after more than five years of open development. It’s an amnesiac system, which means it’s completely fresh every time you boot up. There are no save files, no new programs, and most importantly, it becomes a blank slate the moment you shut down. It’s the digital equivalent of buying a new computer for a single session and tossing it into the river once you’re done.
That trick has earned Tails a lot of attention. It’s already standard software at Glenn Greenwald’s First Look Media, where he’s called it “vital to my ability to work securely on the NSA story.” Tor researcher Jacob Appelbaum praised the project onstage at this year’s Chaos Communications Congress, and in March Tails received a $50,000 grant to keep the project going. Nearly 8,500 computers booted up with Tails on a given day in March, 500 more than the month before. Those are surprisingly high numbers for a project that’s this hard to use, and does this little. But if you need a secure line, Tails is the best way to get it. In the era of the NSA, that’s a rare thing.
pros: Routes all your traffic through Tor, comes with a ton of open-source software, has a“Windows Camouflage” mode to make it look more like Windows 8.
Cons: Can’t save files locally, slow, loading web sites through Tor takes forever.
Who It’s Best For: Tails is best suited for on-the-go security. If you find yourself at coffee shops or public libraries using the internet a lot, then Tails is perfect for you. Anonymity is the game, so if you’re sick of everyone tracking what you’re doing, Tails is great, but keep in mind that it’s also pretty useless unless you use pseudonyms everywhere online.
Kali – Offensive Security
Where Tails is about anonymity, Kali is mostly geared toward security testing. Kali is built on Debian and maintained by Offensive Security Ltd. You can run Kali off a Live CD, USB drive, or in a virtual machine.
Kali’s main focus is on pen testing, which means it’s great for poking around for security holds in your own network, but isn’t built for general use. That said, it does have a few basic packages, including Iceweasel for browsing the web and everything you need to run a secure server with SSH, FTP, and more. Likewise, Kali is packed with tools to hide your location and set up VPNs, so it’s perfectly capable of keeping you anonymous.
Kali has around 300 tools for testing the security of a network, so it’s hard to really keep track of what’s included, but the most popular thing to do with Kali is crack a Wi-Fi password. Kali’s motto adheres to “a best defense is a good offense” so it’s meant to help you test the security of your network as a whole, rather than just making you secure on one machine. Still, if you use Kali Linux, it won’t leave anything behind on the system you’re running it on, so it’s pretty secure itself.
As stated before Kali is based on Debian. However, unlike Debian it is focused on forensics. For this reason Kali preinstalls packages relevant for forensics. Kali also actively seeks bugs in forensics-related packages. Thus Kali saves you from finding and installing forensic packages. It also keeps you informed about bugs in these packages. Furthermore it provides a community platform for those interested in forensics.
Added later on: All right, Kali focuses on penetration testing as well. The main point is still that Kali preinstalls useful things for a specific domain, and it provides a community platform. General purpuse distributions like Debian do not have a similar focus.
Kali is Backtrack 6 in all but name, and Kali has a totally revamped software loadout (including base distribution; Debian instead of Ubuntu). In my experience, Kali is more stable, but your mileage may vary. The core functions remain the same but some packages may have been swapped out for alternatives, depending on what you want to do. Also you can update Kali packages without the whole thing falling to shit 🙂
Besides a Live CD, Kali can also run on a ton of ARM devices, including the Raspberry Pi,BeagleBone, several Chromebooks, and even the Galaxy Note 10.1 – How to Install Kali Linux on Android
Pros: Everything you need to test a network is included in the distribution, it’s relatively easy to use, and can be run on both a Live CD and in a virtual machine.
Cons: Doesn’t include too many tools for everyday use, doesn’t include the cryptographic tools that Tails does.
Who It’s Best For: Kali is best suited for IT administrators and hobbyists looking to test their network for security holes. While it’s secure itself, it doesn’t have the basic daily use stuff most of us need from an operating system.
Qubes – Security Through Isolation
Qubes is desktop environment based on Fedora that’s all about security through isolation. Qubes assumes that there can’t be a truly secure operating system, so instead it runs everything inside of virtual machines. This ensures that if you are victim to a malicious attack, it doesn’t spread to the operating system as a whole.
With Qubes, you create virtual machines for each of your environments. For example, you could create a “Work” virtual machine that includes Firefox and Thunderbird, a “Shopping” virtual machine that includes just Firefox, and then whatever else you need. This way, when you’re messing around in the “Shopping” virtual machine, it’s isolated from your “Work” virtual machine in case something goes wrong. You can create virtual machines of Windows and Linux. You can also create disposable virtual machines for one time actions. Whatever happens within these virtual machines is isolated, but its not secured. If you run a buggy web browser, Qubes doesn’t do much to stop the exploit.
The architecture itself is set up to protect you as well. Your network connection automatically gets its own virtual machine and you can set up a proxy server for more security. Likewise, storage gets its own virtual machine as well, and everything on your hard drive is automatically encrypted.
The major downfall with Qubes is the fact that you need to do everything manually. Setting up virtual machines secures your system as a whole, but you have to be proactive in actually using them. If you want your data to remain secure, you have to separate it from everything else.
Our overall impression of Qubes is positive. Its design is well thought out. Everything worked after installation without issues (network, video, sound, USB, DVD-ROM, etc.) and without the need to manually edit files. The performance, although certainly not blazing fast, was better than expected when considering what Qubes is doing in the background. The software is still in beta and so we did run into a couple of bugs however they were mostly pop-up messages that did not prevent us from doing what we were trying to do. We did not experience any problems creating, deleting, and updating the software in AppVMs. We were expecting to experience at least a few technical issues after installing Kali Linux in a new HVM, however it booted up fine with no errors and Qubes didn’t erroneously get in the way as we started using nmap to scan external systems. We are reassured by the discussions of the developers in the Qubes mailing list which show that they understand information security and are implementing measures to protect against various types of attack scenarios that others don’t even consider. All that to say we are quite pleased with this OS and are planning on keeping it installed. This is one to keep watching for its eventual non-beta release.
Pros: The isolation technique ensures that if you do download malware, your entire system isn’t infected. Qubes works on a wide variety of hardware, and it’s easy to securely share clipboard data between VMs.
Cons: Qubes requires that you take action to create the VMs, so none of the security measures are foolproof. It’s still totally susceptible to malware or other attacks too, but there’s less of a chance that it’ll infect your whole system.
Who It’s Best For: Qubes is best for proactive types who don’t mind doing a bit of work to set up a secure environment. If you’re working on something you don’t want in other people’s hands, writing out a bunch of personal information, or you’re just handing over your computer to a friend who love clicking on malicious-looking sites, then a virtual machine’s an easy way to keep things secure. Where something like Tails does everything for you out of the box, Qubes takes a bit of time to set up and get working. Qubes user manual is pretty giant so you have to be willing to spend some time learning it.
The Rest: Ubuntu Privacy Remix, JonDo, and IprediaOS
Tails, Kali, and Qubes certainly aren’t the only security-focused operating systems around. Let’s take a quick look at a few other popular options.
- Ubuntu Privacy Remix: As the name suggests, Ubuntu Privacy Remix is a privacy focused distribution built on Ubuntu. It’s offline-only, so it’s basically impossible for anyone to hack into it. The operating system is read-only so it can’t be changed and you can only store data on encrypted removable media. It has a few other tricks up its sleeve, including a system to block third parties from activating your network connection and TrueCrypt encryption.
- JonDO: JonDo is a Live DVD based on Debian that contains proxy clients, a preconfigured browser for anonymous surfing, and a number of basic level security tools. It’s similar to Tails, but is a bit more simplified and unfamiliar.
- IprediaOS: Like Tails, IprediaOS is all about anonymity. Instead of routing traffic through Tor, IprediaOS routes through I2P.
Of course, none of these operating systems are particularly ideal for day-to-day use. When you’re anonymizing your traffic, hiding it away, or isolating it from the rest of your operating system you tend to take away from system resources to slow things down. Likewise, the bandwidth costs means most of your web browsing is pretty terrible. All that said, these browsers are great when you’re on public Wi-Fi, using a public computer, or when you just need to use a friend’s computer that you don’t want to leave your private data on.
They’re all secure enough to protect most of us with our general behavior, so pick whichever one is best suited for your particular needs.
Recommended Articles To Become A Hacker: