Every operating system you use leaves a trail. Browser history. File access logs. Network connections. Swap files. Temporary data. DNS cache. Your computer keeps a diary you never meant to write — and anyone with physical access can read it.
Tails is the answer to that problem.
A live operating system that boots from a USB stick, remembers nothing, routes all traffic through Tor, and vanishes without a trace the moment you pull the plug. No browser history. No file access log. No proof you were ever there.
"Privacy is not a crime. It is self-defense."
What Is Tails?
Tails stands for The Amnesic Incognito Live System. The name explains the concept completely:
- Amnesic — it forgets everything after each session
- Incognito — it routes all traffic through Tor
- Live — it runs from a USB stick, not your hard drive
First released on June 23, 2009, Tails emerged from the merger of two earlier projects: "Amnesia" and "Incognito." In September 2024, the Tails Project officially merged with the Tor Project — two of the most important privacy tools in existence, now under one non-profit roof.
Technically, Tails today is based on Debian 13 (Trixie), uses the GNOME desktop, and is roughly 1.9 GB in size.
Three Principles That Make It Work
1. Amnesia — No Traces Left Behind
Tails runs entirely in your computer's RAM. It writes nothing to the hard drive. When you shut it down or remove the USB stick, it overwrites the RAM — protection against cold-boot attacks.
Every session starts from zero. No browser history. No saved passwords. No trace of what you did. The computer you used has no idea you were ever there.
2. Tor Forced Routing — Anonymity on the Network
Tails forces every outgoing connection through the Tor network. No exceptions. Applications trying to reach the internet without Tor are automatically blocked.
Tor routes your traffic through three independent relays. No single relay knows both who you are and where you're going. Your ISP sees only that you're using Tor — not what you're doing with it.
For networks where Tor itself is blocked, Tails supports bridges — obfuscated entry points that hide the fact that you're connecting to Tor at all.
3. Persistent Storage — Selective Memory
The amnesic design is powerful. But sometimes you need data that survives sessions: passwords, documents, Wi-Fi credentials, additional software.
Tails solves this with an optional Persistent Storage — an encrypted partition on the USB stick itself, secured with LUKS and DMCrypt. You decide what gets stored. You decide at startup whether to unlock it.
Important: the partition is encrypted, but not hidden. A forensic analyst examining your USB stick can detect that an encrypted partition exists — but cannot read it without your passphrase. Use five to seven random words. Nothing less.
The Software Toolbox
Tails ships with a curated set of pre-configured security tools:
| Category | Tools |
|---|---|
| Browser | Tor Browser (Firefox), uBlock Origin, NoScript |
| Communication | Thunderbird (OpenPGP), Pidgin (OTR), OnionShare |
| Cryptography | GnuPG, Kleopatra, VeraCrypt / LUKS |
| Privacy | Metadata Cleaner (mat2), GNOME Secrets |
| Bitcoin | Electrum |
| Productivity | LibreOffice, GIMP, Inkscape, Audacity |
Everything ships with secure defaults. The goal: make doing the right thing easier than doing the wrong thing.
Who Uses Tails — and Why
Journalists and whistleblowers have the most to lose if their tools fail. This is not theoretical. When Edward Snowden handed classified NSA documents to journalists Glenn Greenwald, Laura Poitras, and Barton Gellman, as well as security researcher Bruce Schneier, all parties used Tails for secure communication. It worked.
Activists in repressive regimes use Tails to organize anonymously, publish without attribution, and communicate without leaving evidence.
Privacy-conscious everyday users use it for a simpler reason: booting Tails on a friend's laptop or a library computer means working privately without leaving anything behind. No passwords in the browser. No session cookies. No history. You leave as if you were never there.
The NSA took notice. Internal documents leaked in 2014 revealed that NSA's XKeyscore system tracks and flags anyone who searches for Tails or visits its website. Internal slides from 2012 classified Tails as a "major threat" to their mission and noted that using Tails alongside other privacy tools was "catastrophic" to their surveillance capabilities.
That is a recommendation.
What Tails Cannot Do
Tails is powerful. Tails is not magic.
- BIOS and firmware attacks: No operating system protects against firmware manipulation. Tails cannot either.
- Hardware keyloggers: Physical devices attached to USB ports or between a keyboard and its connection can capture keystrokes. Tails includes a screen keyboard as a countermeasure — but if someone had physical access to your hardware before you sat down, software cannot fix that.
- Compromised exit nodes: The connection from the last Tor relay to the destination server is only protected if you use HTTPS. Always use HTTPS.
- Your own behavior: Logging into your real email account while using Tails defeats the purpose. Don't mix identities. Restart between tasks.
A real-world example from 2017: the FBI, working with Facebook, exploited a zero-day vulnerability in GNOME Videos — the default video player in Tails — to reveal the real IP address of a criminal (the Buster Hernandez case). The vulnerability is believed to have been patched. The lesson remains: zero-days exist, and state actors use them.
Installation: What You Need
Warning: Protect Yourself Before Downloading
The NSA's XKeyscore system tracks and flags anyone who visits the Tails website or downloads the image — this is documented fact, not speculation (see above). Download Tails using the Tor Browser. If you don't have Tor Browser yet: at minimum, activate a trustworthy no-log VPN (e.g. Proton VPN) before visiting tails.net. Downloading in your regular browser = your IP ends up on a list.
- A USB stick with at least 8 GB of storage — dedicated exclusively to Tails
- A 64-bit x86 processor — most PCs from the last decade qualify
- Download the ~1.9 GB image from tails.net only — verify the signature
- Install from a clean, uninfected system
- Shut down completely before inserting the USB stick — never plug it into a running system
Tails does not run on smartphones or tablets. This is not a limitation — it is the correct scope.
Tails vs. GrapheneOS
These two tools are often mentioned together. They solve different problems:
| Tails | GrapheneOS | |
|---|---|---|
| Platform | Desktop / Laptop | Smartphone (Pixel) |
| Operation | Temporary, live from USB | Permanently installed |
| Network | Tor-forced | Standard internet |
| Purpose | Anonymity, no traces | System hardening, app sandbox |
They complement each other perfectly. GrapheneOS hardens your persistent daily identity on mobile. Tails creates a temporary, amnesic identity on desktop — for the tasks where it matters most.
Conclusion
Tails is not for everyone, every day. It is for specific situations where the cost of leaving a trace is too high.
A foreign correspondent in an authoritarian state. A whistleblower preparing documents. Anyone who must use a computer they don't trust.
For those situations, a USB stick with Tails is one of the most powerful privacy tools available. The NSA confirmed it themselves.
Download at tails.net. Verify the signature. Boot from bare metal. Use it correctly.
"Trust is good. Cryptography is better."
Tools for True Owners
-
📖 GrapheneOS: Android in the Age of Surveillance
Setup, Apps & Digital Sovereignty — the complete handbook for your Google-free Android. DRM-free, €4.99.
alien-investor.org/buecher.html · also on Amazon KDP -
Privacy & Mail: Email, VPN and cloud without Big Tech — Proton.
alien-investor.org/proton -
₿ Bitcoin in Self-Custody: Hardware wallet instead of exchange account. Code
ALIENINVESTOR= 5% off the BitBox.
alien-investor.org/bitbox -
₿ Buy Bitcoin (Europe): Bitcoin-only, no shitcoin noise. Code
ALIENINVESTOR= permanent −0.2% fee reduction.
alien-investor.org/21bitcoin