If you want to make your computer more secure and private, you should anonymize your internet traffic. One way to do that is to use trending OS “Tails”
Download Tails Torrent And Compare MD5
Here is a list of files we need. First the actual ISO download, then the signature file and the signing key we need to be able to verify the signature file!
- 1) Tails Torrent (Direct Link)
- 2) Tails Signature File (Direct Link)
- 3) Tails Signing Key (public key) (Direct Link)
MD5 of the torrent file: 62e0f9e82e831cba73d904c3a7510155 You can verify the MD5 sum with a context menu MD5 checker or get the liteweight tool from http://www.winmd5.com/
Official Download Site
The official Tails download site is at https://tails.boum.org/download/index.en. Make sure to visit this URL from a Tor browser. You can verify your IP by going to whatismyip.com to make sure you are behind the Tor network. Don’t sign into any services like Google or Facebook when behind Tor. You can also download the Torrent from our mirror above.
Verify Integrity via GPG
So make sure to download the full version at Gpg4win for Windows and install it. Then download the tails signature key from the link above and you can verify it.
1. Step Open the location where you downloaded the ISO and signature files to
2. Step There are signature files for both the ISO and the torrent file. The signature files use the extension *.sig
Wrong Way: Via Context Menu
GPG tools will be added to your context menu, however you first have to import the public key, so you can’t simply click on the file and say “verify” as you would with hashes (MD5)
Creating A GPG Key!
Before we can actually verify the integrity of a public key we need to create a key for our computer:
1. Step Select Create a personal OpenPGP key pair
2. Step Enter your details and proceed
3. Step Enter a passphrase!
4. Step You should see the result “Certificate created successfully” and a fingerprint
5. Step Backup your keys
Correct Way: Import Public Key (Signing Key) Into Kleopatra
The easiest way for a Windows user who is not familiar with the command prompt is to simply use Kleopatra. Go into the folder C:\Program Files (x86)\GNU\GnuPG and double-click kleopatra.exe and open it via the system tray icon
1. Step We are now going to import the signing key (public key) into Kleopatra, 3 steps are necessary
2. Step This is what it looks like:
Certify Certificate
Before we can proceed with decrypting and verifying the Tails developer key, we have to certify their certificate. This is necessary.
1. Step Right-click on the cert and click Certify Certificate, follow the instructions on the screen
2. Step Verify everything is correct and looks similar to this. To verify the details like fingerprint, right-click on the cert and click “Certificate Details”
3. Step Once you are done, the certificate will be listed under “Trusted Certificates”
Decrypt/Verify Signature
1. Step Now click on File, Decrypt/Verify:
2. Step Alrighty, now it should work, proceed by clicking Decrypt/Verify
3. Step It is now verifying the signature, the end result should show you this:
Burn ISO File Or Make Bootable USB Drive
You can now burn a bootable ISO file using Nero or other tools or create a bootable USB drive that you can use to boot Tails via a Raspberry Pi.
1. Step Download LiveUSB from http://live.learnfree.eu/download/
2. Step Select Tails from the dropdown
3. Step Insert your pendrive and create a bootable USB drive
4. Step Plug this into your Raspberry PI
Help, I get the error: The validity of the signature cannot be verified Kleopatra
This error always appears if you did not create a PGP key and did not certify the public key. Please read our instructions more carefully and you will NOT get this error:
This can also happen when you don’t tell Kleopatra that you fully trust the public key. Try changing the trust level:
You should get a message owner trust change successfull or similar.
Additional Resources Part 1 – 8
Everything about Bitmessaging, Cryptic Fonts, Index.Dat, Tor vs VPN