1 00:00:00,000 --> 00:00:06,000 In the previous sections, we learned how to use a number of programs and a number of services that 2 00:00:06,000 --> 00:00:09,000 help us improve our anonymity and privacy. 3 00:00:10,000 --> 00:00:15,000 We also learned how to access hidden services or online services or what's known as the Darknet. 4 00:00:15,000 --> 00:00:21,000 And we learned how to use some of these services and some of these websites and all of these sections. 5 00:00:21,000 --> 00:00:28,000 We used an operating system called Tails, and as mentioned, this is a live and amnesic operating system 6 00:00:28,000 --> 00:00:33,000 that is based on a fully patched and hardened Linux distro. 7 00:00:33,000 --> 00:00:40,000 It routes all traffic through the Tor network, so it's relatively secure and it's relatively private. 8 00:00:40,000 --> 00:00:46,000 We installed it on a USB stick, so we use the USB stick to boot into it from any computer. 9 00:00:46,000 --> 00:00:52,000 And then as soon as we shut down that computer or pull the USB stick out, everything will be wiped 10 00:00:52,000 --> 00:00:55,000 from that computer and it will remove all traces. 11 00:00:56,000 --> 00:00:58,000 So all in all, it's a pretty nice package. 12 00:00:58,000 --> 00:01:05,000 It's very portable, very convenient, and that's why I chose to use it in all of the previous sections, 13 00:01:05,000 --> 00:01:10,000 because it provides relative security and good privacy and anonymity. 14 00:01:10,000 --> 00:01:17,000 As long as you don't make any opsec mistakes such as logging into an account that is tied to your identity 15 00:01:17,000 --> 00:01:21,000 or interacting with other accounts that can be linked to your real identity. 16 00:01:22,000 --> 00:01:26,000 Now this is all great, but note that I said relative security. 17 00:01:26,000 --> 00:01:29,000 I said that because we can do better. 18 00:01:29,000 --> 00:01:35,000 See, the problem with tails and most operating systems is the fact that everything is running under 19 00:01:35,000 --> 00:01:36,000 one domain. 20 00:01:36,000 --> 00:01:42,000 So if a hacker manages to hack into this computer, whether it's running Thales or any other operating 21 00:01:42,000 --> 00:01:46,000 system, they'll get access to this whole domain. 22 00:01:46,000 --> 00:01:51,000 And first of all, they'll be able to bypass whatever anonymity measures you're using, and they'll 23 00:01:51,000 --> 00:01:54,000 be able to easily de anonymize you. 24 00:01:54,000 --> 00:02:01,000 And they'll also have access to all of your files and be able to control the computer and do anything 25 00:02:01,000 --> 00:02:03,000 that you can do as a user. 26 00:02:04,000 --> 00:02:10,000 So even if you're using the greatest anonymity methods and you're using different proxies and Tor and 27 00:02:10,000 --> 00:02:15,000 VPNs and all of that, if somebody hacks into your computer, it's game over. 28 00:02:15,000 --> 00:02:17,000 All of that can be bypassed easily. 29 00:02:17,000 --> 00:02:23,000 That's why security is very, very important, and that's why it's linked to privacy. 30 00:02:23,000 --> 00:02:26,000 You can't be private or anonymous if you are not secure. 31 00:02:27,000 --> 00:02:34,000 A good solution to this problem that can improve our security is to use different computers for different 32 00:02:34,000 --> 00:02:34,000 tasks. 33 00:02:34,000 --> 00:02:38,000 For example, use one computer for work related tasks. 34 00:02:38,000 --> 00:02:41,000 Use one computer for your personal related stuff. 35 00:02:41,000 --> 00:02:47,000 Use another one for the untrusted stuff whenever you're just browsing through websites and opening attachments 36 00:02:47,000 --> 00:02:47,000 and so on. 37 00:02:47,000 --> 00:02:53,000 Use one computer that is not connected to the Internet to store your passwords and keys. 38 00:02:54,000 --> 00:03:00,000 This way, if somebody manages to hack into one of these computers, they'll only get access to one 39 00:03:00,000 --> 00:03:00,000 computer. 40 00:03:00,000 --> 00:03:06,000 And it will be very difficult for them to move from this computer and compromise the other computers. 41 00:03:07,000 --> 00:03:12,000 Not only that, but the fact that you have an untrusted computer that you don't do any personal or work 42 00:03:12,000 --> 00:03:19,000 stuff on means that this will be the computer that will probably be hacked, not the other ones. 43 00:03:19,000 --> 00:03:25,000 So all of your important stuff in work and personal will not be hacked and the hackers will not be able 44 00:03:25,000 --> 00:03:26,000 to gain access to them. 45 00:03:27,000 --> 00:03:34,000 Also, if you're using a separate identity on this untrusted computer, then your real identity or the 46 00:03:34,000 --> 00:03:38,000 identities that you use on work and personal again will not be compromised. 47 00:03:39,000 --> 00:03:41,000 So this is a really, really good solution. 48 00:03:41,000 --> 00:03:43,000 The only problem is it's not cheap. 49 00:03:43,000 --> 00:03:47,000 You need a number of computers and it's also not easy to achieve. 50 00:03:47,000 --> 00:03:53,000 So imagine having to use a different computer every time you want to do a different task. 51 00:03:53,000 --> 00:04:00,000 You can make this slightly easier and use one computer, but use multiple tails, USB sticks and again, 52 00:04:00,000 --> 00:04:05,000 use each one of them for a separate domain one for work, one for personal work, one for untrusted. 53 00:04:05,000 --> 00:04:12,000 But again, this is not very usable because let's say, for example, you are using the work USB stick 54 00:04:12,000 --> 00:04:17,000 and you open your work email, you're reading an email and there is an attachment and you really want 55 00:04:17,000 --> 00:04:22,000 to open that attachment, but you can't really trust that attachment because it could be anyone. 56 00:04:22,000 --> 00:04:27,000 It could be a hacker pretending to be a friend, or it could be someone who gained access to your friend's 57 00:04:27,000 --> 00:04:27,000 account. 58 00:04:28,000 --> 00:04:34,000 So if you want to follow this model and if you want to be secure, you need to boot into the untrusted 59 00:04:34,000 --> 00:04:38,000 distro or the untrusted USB stick and open the attachment there. 60 00:04:38,000 --> 00:04:45,000 Then once you open it and read it, if it's fine, you need to turn this off, boot back into your work 61 00:04:45,000 --> 00:04:48,000 USB, stick your work domain and then reply to the email. 62 00:04:49,000 --> 00:04:54,000 So you can see that if you're doing this every day, it's not very practical and it's going to become 63 00:04:54,000 --> 00:04:55,000 very, very annoying. 64 00:04:56,000 --> 00:04:59,000 This is where the idea of cubes came from. 65 00:04:59,000 --> 00:05:06,000 Cubes is an operating system that is designed to improve security by compartmentalization. 66 00:05:07,000 --> 00:05:15,000 So as soon as you boot into this operating system, it boots into Xen, which is a hypervisor and then 67 00:05:15,000 --> 00:05:22,000 once the operating system starts, everything inside this operating system is separated into different 68 00:05:22,000 --> 00:05:23,000 domains. 69 00:05:23,000 --> 00:05:29,000 You'll have a domain for work, a domain for personal and untrusted domain and so on. 70 00:05:29,000 --> 00:05:35,000 And each one of these domains is a completely separate virtual machine. 71 00:05:35,000 --> 00:05:41,000 So you can think of these virtual machines like completely separate computers and hence the name Virtual 72 00:05:41,000 --> 00:05:41,000 Machine. 73 00:05:41,000 --> 00:05:49,000 So each one of these virtual machines has its own RAM, its own CPU, its own file system and so on, 74 00:05:49,000 --> 00:05:53,000 and is completely unaware of the other virtual machines. 75 00:05:53,000 --> 00:06:00,000 So just like running different computers, if your untrusted virtual machine or the untrusted domain 76 00:06:00,000 --> 00:06:06,000 gets compromised or hacked, it is very difficult for a hacker to move from there to your work or to 77 00:06:06,000 --> 00:06:08,000 your personal virtual machine. 78 00:06:09,000 --> 00:06:16,000 Not only that, but Cuba's also separate other system components into virtual machines. 79 00:06:16,000 --> 00:06:23,000 So you have your networking, your file system, your USB controller and your firewall all running inside 80 00:06:23,000 --> 00:06:24,000 their own virtual machines. 81 00:06:24,000 --> 00:06:30,000 So if a hacker manages to exploit a vulnerability in any of these components, then only get access 82 00:06:30,000 --> 00:06:37,000 to this isolated virtual machine that is not even aware of the existence of your work and your personal 83 00:06:37,000 --> 00:06:39,000 domains and so on. 84 00:06:40,000 --> 00:06:47,000 And with this you won't need to have multiple computers and you won't need to keep restarting and booting 85 00:06:47,000 --> 00:06:48,000 into different USB sticks. 86 00:06:48,000 --> 00:06:54,000 You'll always be using the same operating system, and the different virtual machines will be running 87 00:06:54,000 --> 00:06:57,000 inside this one single operating system. 88 00:06:58,000 --> 00:07:01,000 Now these nice features come at a price. 89 00:07:01,000 --> 00:07:06,000 Cubes is very resource hungry and has specific requirements. 90 00:07:06,000 --> 00:07:11,000 I'm going to include these requirements in the resources of this lecture, so please go through them 91 00:07:11,000 --> 00:07:13,000 before attempting to install it. 92 00:07:14,000 --> 00:07:16,000 Now, before moving into the next lectures, what? 93 00:07:16,000 --> 00:07:19,000 I'm going to show you how to install cubes and use it. 94 00:07:20,000 --> 00:07:24,000 I know right now you're thinking, do I really need to install cubes? 95 00:07:24,000 --> 00:07:28,000 And the answer really depends on you and your threat model. 96 00:07:28,000 --> 00:07:33,000 With cubes, we're not going to be using any other magical methods to become more anonymous. 97 00:07:33,000 --> 00:07:35,000 So you'll still be using TOR. 98 00:07:35,000 --> 00:07:38,000 You can still use a VPN and multiple proxies. 99 00:07:38,000 --> 00:07:40,000 Nothing that you can't do entails. 100 00:07:40,000 --> 00:07:47,000 The only difference is the added security that cubes allows by compartmentalization. 101 00:07:47,000 --> 00:07:54,000 Therefore, if if someone targets you specifically trying to de anonymize you, they're less likely 102 00:07:54,000 --> 00:08:01,000 to be able to hack into your computer or to gain access to it and therefore d anonymize you. 103 00:08:01,000 --> 00:08:07,000 So Cubes is only more anonymous and more private because it is more secure. 104 00:08:07,000 --> 00:08:13,000 It makes it more difficult to hack into your computer and therefore more difficult to de anonymize you. 105 00:08:14,000 --> 00:08:19,000 So whether you should use cubes or tails really depends on your threat model. 106 00:08:19,000 --> 00:08:26,000 If you think there are people that will actively try to hack into your computer in order to anonymize 107 00:08:26,000 --> 00:08:31,000 you, then obviously cubes is a better solution because it's a more secure operating system. 108 00:08:31,000 --> 00:08:38,000 Other than that, tails is good enough as long as you don't make any opsec mistakes such as communicating 109 00:08:38,000 --> 00:08:41,000 with accounts linked to your identity. 110 00:08:41,000 --> 00:08:48,000 And as long as you use it within one domain so you don't need to use Thales for work personal and for 111 00:08:48,000 --> 00:08:52,000 browsing, you're only using it to access the darknet for research or for other reasons. 112 00:08:52,000 --> 00:08:55,000 Then in that case, Thales can be good enough. 113 00:08:55,000 --> 00:09:01,000 So just like anything else in this course, go through the cube section, understand how it works and 114 00:09:01,000 --> 00:09:03,000 why it's useful. 115 00:09:03,000 --> 00:09:09,000 And at the end, based on your threat model and based on what you want to do, make a decision on what's 116 00:09:09,000 --> 00:09:10,000 best in your case.