How to configure TOR and Tails for better Security and Comfort
Unfortunately, Tails v5.8 (released on 2022-12-20) introduced two changes that favor usability sacrificing security:
- Unsafe Browser (which should be needed only to log in to some network captive portals) is enabled by default. And it even supports downloads and uploads, which can pose an extra risk;
Another change in Tails v5.8 is that you now need to set a (temporary) administration password to handle system configuration files (dotfiles), which are needed to store your customized settings permanently (except for the TOR browser, as already noted), because they can now be accessed only with root privileges. This is a good thing, actually.
To create an administration password, in Tails boot screen go to Additional Settings, press the Plus (+) Button, then click on Administration Password, and then enter the password in both fields and press Enter. It's a password for the current session only and it will be discarded when you shut down the system, so it doesn't need to be super secure. This is only needed when you start Tails to customize your settings and save them permanently, or to fix some other issues, don't set a root password when you start Tails to browse the Web or perform other operations.
To disable Unsafe Browser, in Tails boot screen go to Additional Settings, press the Plus (+) Button, then click on Unsafe Browser, and on Disable the Unsafe Browser, and then click Add.
How to configure TOR for better Security
TOR makes you browse the dark web anonymously, still some default configuration can pose some risk and leave you exposed.
Here you can find some ways to make it more secure:
Go to Edit : Settings (Tails v5.8), or Tools : Options (up to Tails v5.7)
or enter about:preferences in the URL bar of TOR.
Dark ThemeGo to Extensions & Themes: Themes and enable Dark theme.
If the content are of TOR doesn't turn dark, go to Settings: General: Language and Appearance: Website appearance, and set color scheme to Tor Browser theme (or to Dark).
- Make Tor Browser your default browser, and Always check if Tor Browser is your default browser.
- Confirm before closing multiple tabs
- Confirm before quitting with Ctrl+Q
Privacy & SecurityThese are the most important settings to keep you safe while browsing the Dark Web and Clear Web.
- Prioritize .onion sites when known: Always.
Cookies and Site Data
- Delete cookies and site data when Tor Browser is closed.
- Tor Browser will: Use custom settings for history
- Always use private browsing mode
- Warn you when websites try to install add-ons
- When using the address bar, suggest: Browsing history, Bookmarks, Open tabs. Disable suggestions from: Shortcuts, Search engines.
This is the most important setting to keep you safe!
- Enable HTTPS-Only Mode in all windows. Note that this will prevent you to access HTTP only websites on the clearweb. Which are nowadays both rare and unsafe.
How to configure Tails for Security and Comfort
Tails provide a secure environment. Everything is totally encrypted, and anything not expressely saved into the Persistent directory is deleted when you turn off your system.
This also means you also lose every configuration of the user interface, and the software (especially TOR). Having to configure everything every time you boot your PC with Tails not only is tiresome, but can also pose a security threat, since TOR Security Level is set by default to Standard (the lowest possible) and you may forget to set it to Safest before to start browsing the Web or the Dark Web.
However, you can save some configuration files into the Persistent directory. We assume you have created the Persistent space on Tails, if you haven't yet, you can create it from Tails boot screen.
This is how you can have more security and comfort on Tails, by configuring TOR to the Safest Security Level, setting a dark theme for the Desktop User Interface and TOR, and keeping it persistent after the reboot.
Permanent TOR settings
First of all configure TOR as it's explained in the dedicated section above. Especially, make sure you have set the Security Level to Safest.
As noted before, you can only make TOR browser settings permanent on Tails up v5.7. Starting from Tails v5.8 (r2022-12-20) this is no longer possible.
To make TOR configuration permanent, open the Terminal first. You'll have to run some commands manually on the root console.
You can find it on Applications / System Tools / Root Terminal. You'll need to enter the administration password to access it.
Enter the following commands:
cp /home/amnesia/.tor-browser/profile.default/prefs.js .tor-browser/profile.default/
chmod 640 .tor-browser/profile.default/prefs.js
Once you're done with the configuration of TOR, you may want to customize some settings on Tails.
Single Display (prevent windows to open off screen)
To prevent windows to open off screen, go to Applications: System Tools: Settings, then to Displays, and set Single Display. Apply, and Keep Changes.
To make the Single Display persistent, enter the following command in the Root Terminal:
cp /home/amnesia/.config/monitors.xml /live/persistence/TailsData_unlocked/dotfiles/.config/
Dark Theme for Tails
To get a dark theme for Tails, to make it more comfortable, especially when browsing at night.
To enable the dark theme on Tails, enter the following commands in the Root Terminal:
gsettings set org.gnome.desktop.interface gtk-theme 'Adwaita-dark'
gsettings set org.gnome.desktop.background picture-options 'none'
gsettings set org.gnome.desktop.background primary-color '#000000'
gsettings set org.gnome.desktop.background secondary-color '#000000'
If you want to apply the dark theme to the text editor (gedit) as well, open the text editor ( Applications : Accessories : Text Editor ), then go to Menu : Preferences. Font & Colors, Choose Color Scheme: Oblivion.
Then, to make the dark theme persistent, enter the following commands:
cp /home/amnesia/.config/dconf/user .config/dconf/
Then you have to create a text file:
Run editor .config/gtk-3.0/settings.ini on the Terminal.
Then type the following lines into the text file:
gtk-application-prefer-dark-theme = true
gtk-theme-name = Adwaita-dark
Save the text file and quit the text editor pressing CTRL+X, then y, and then hit ENTER.
Now, you're finished: reboot Tails and enjoy the comfort of the dark theme.
Check for System Updates
Normally Tails checks for a system update at every system boot. If you want to check it manually, enter this command in the console: