Using TAILS OS for a Secure, Private and Anonymous Browsing Experience

Security Dec 22, 2021

Have you ever experienced right after having a phone conversation with a friend about something (say changing your car tyres) you start seeing ads for tyres during your online browsing? If this bothers you, this article might pique your interest.

For most online users today, browsing the internet using a regular browser on their laptop or phone is akin to not drawing their curtains in their homes. Even if you have nothing to hide, there is very little online privacy and security. That's because large corporations collect vast amounts of user data and track users for profits and governments are involved in Mass Surveillance and Online Censorship. This has limited the users ability to explore the internet freely and securely.


If you are looking for an operating system that offers you online anonymity and security while respecting your privacy, you should consider the Tails (The Amnesic Incognito Live System) Live OS. Tails is a Debian-based Live Linux distribution that offers online anonymity, privacy and security. It achieves these three core functions by including a curated list of advanced tools and techniques like the Tor Network, Tor Browser, Cryptography, Encryption, OnionCircuits, OnionShare and browser extensions like uBlock Origin, HTTPS Everywhere and NoScript into a live system. All of the tools are packaged into a single image that you can download and write onto a USB stick or DVD.

Tails (current version is 4.24) is based on Debian. Tails being a live system runs from the memory of any computer (by booting from a USB stick or DVD Drive), while securing user privacy and online anonymity and leaving no traces of its usage or user data on the computer that it's running on. That's because in its default setup, it does not use the hard drive of the computer. If users need persistence for their configurations and data, it lets them create an encrypted partition or drive (using LUKS) to persist their data and configuration. It can be installed from any computer running either Windows, Linux or MacOS operating systems.

First released in 2009 as a Gentoo-based distribution, Tails moved to the Debian-based distribution. Version 4.2 was the first version thats based on Debian 10 (Buster). When compared to the 3.x version, 4.x users will find many performance and usability improvements, support for automatic updates to latest versions (thereby avoiding multiple manual updates), applications like KeePassXC have been included, some old and less popular applications have been removed as well. It also includes fixes all of the security vulnerabilities identified and fixed in previous versions.

Tails uses the Tor (The Onion Router) anonymity network to protect user privacy. All incoming and outgoing network connections from the computer are routed through Tor which provides anonymity by encrypting data and routing connections through three Tor nodes. It also enables MAC address spoofing by default so that within the local network, user device can't be identified or tracked. All the softwares installed are configured so as to route the network traffic via the Tor network. All non Tor connections are blocked by default and there by improves user security.

Tails has inherited and leveraged the work done by Debian, Knoppix, Tor and GNOME. It's managed by a small group of volunteers (coders, writers, translators) and paid employees (full-time and part-time) totalling less than 100. They can be contacted via mailing lists, chat rooms and email. A third of their funding is secured by individual donations, a third by foundations like Mozilla and the rest by private companies and entities related to the US government. The donations are managed by a non-profit organisation called RiseupLabs which focuses on technology research and education for social causes.      

Advantages of Tails

Tails protects users against online surveillance, prevents online tracking and circumvents online censorship. It uses the Tor network, which protects users against traffic analysis which is a form of surveillance. Tor network anonymises a user's network location and prevents web sites (and intermediaries) watching their connection from tracking the user. Tor Browser prevents web-sites from tracking it's users by blocking cookies, third-party trackers and ads. Tor Browser lets users access any web site their network has blocked thereby circumventing any attempt at censorship.

Tails Installation

The operating system can either be installed from an existing Tails installation by cloning or download the fresh image and install it on a USB stick or DVD drive. Most first time users will need to download Tails binary, verify and install it. The installation process involves the creation of a bootable USB stick/ DVD using the downloaded file, changing the computer setting to boot from USB/DVD drive, booting into Tails, creating a persistent storage, rebooting and activating persistent storage. Detailed step-by-step instructions are available on their web site for each of the operating systems. A fresh install can take up to couple of hours to complete.

Tails Upgrade

This distribution has a well defined, time-based release schedule published on their web site. In general, updates are released every six weeks. For critical fixes, emergency releases with the fixes are made available earlier. Tails provides automatic and manual upgrades using the Tails Upgrader. When an update is available, the user will prompted to download and install it. Multiple updates are applied in the order they are released. If the user is running an older version, the automatic upgrades might not work and will need to be done manually. Detailed instructions to upgrade manually are available on the web site. Updates can take less than 15 minutes to complete.

Tails Setup

My setup is running on an 8 year old Sony Vaio laptop (64 bit Intel Dual Core, 2.2 GHz processor) with 4 GB RAM and a 300 GB Hard Drive. Tails was booted from an 8 GB USB stick. After setting up an administrative password, I created and used an encrypted persistent partition on the USB stick. I was also able to mount and write to the hard drive on the laptop which had a different OS installed on the drive.

Tails Desktop

The distribution uses the GNOME desktop. The desktop user interface was clean, sparse, simple and intuitive. The top bar has five drop down menus. Applications menu lets you select from a list of various applications neatly categorised based on functionality. Places menu lets you navigate common locations like Home, Desktop, Videos, Documents and  Drives using the Files explorer. Universal Access menu lets you use several of the assistive technologies like screen reader, screen zooming and screen keyboard. Keyboard Layout menu lets you select your keyboard language. The System menu lets you manage various setting on your computer. It also lets you log-off, restart or hibernate your Tails system. First time users for Tails will benefit from the first steps guide which details getting started, accessibility options, startup options, persistence volume creation and configuration and managing additional software installation.

Tails Tools

Tor Browser is a Firefox-based web browser that lets a user browse the internet anonymously via the Tor network. It is bundled with three powerful extensions called uBlock Origin, Https Everywhere and NoScript. uBlock Origin performs content filtering including ads, trackers, malware and privacy compromising links, there-by essentially blocking ads, pop-ups, web sites from tracking or harvesting private data from a visitors. It currently has the ability to filter out content based on over 100,000+ signatures. HTTPS Everywhere forces secure connections to web sites that support it. NoScript by default blocks executable web content  like JavaScript and Flash. Users can partially or wholly unblock the site or domain by white-listing the web site or domain. These three extensions helps maintain user privacy and security during their web browsing. In short, Tor Browser (with help from the extensions) provides the user a reasonably fast, ad-free, secure, anonymous, private, browsing experience.

Onion Circuits shows all the current Onion connections and circuits from a users machine. This is useful to determine the sites a user is connected to currently. A user can observe when connections are closed (after a particular duration) and through which onion relays his connections to a particular web site is being made. This tool gives users  information about the all of the user's network connections and its statuses.

OnionShare is a tool that helps users share files/folders anonymously and securely. Once a file or folder is selected to be shared, the tool will generate a URL/OnionShare address which can be shared with others who can use the TorBrowser to access the shared files/folder. By default, the sharing is disabled after a single access to the shared resource. However, there are options to setup a persistent sharing setup as well. This is an utilitarian application to share resources easily, securely and anonymously without having to rely on any of the cloud sharing services.

DuckDuckGo is the default search engine option bundled along with the Tor Browser which ensures that user searches, search history (and all of the associated metadata) are not stored, monitored, tracked or sold. Hence, users can enjoy a private browsing experience without being followed by ads during their browsing.

Many publicly accessible networks like at an airport, library, university, cafe or hotel requires a user to first login into a captive portal, authenticate themselves before being allowed to connect to the internet. Since Tails cannot connect to Tor through a captive portal, an unsafe browser is provided which can be used to authenticate oneself via the captive portal and once the internet connection is secured, Tor Browser can be started for browsing anonymously. This tool ensures that users are not stranded with this OS while they are on the go.

Tails comes with LibreOffice for word processing, spreadsheet, presentation and drawing needs. Between LibreOffice, GIMP and Inkscape all the desktop publishing and graphics needs are addressed.

Seahorse is an application that manages users passwords and keys. It lets the user save passwords, ssh keys, PGP keys and certificates. KeePassXC is a cross platform password manager. It stores all user credentials and secures them by a master key. If enabled, it also auto-types them during browsing and application usage. This helps with not having to remember the various passwords and its variations that one end up using on a daily basis. Users can define a combination of hotkeys to act as shortcuts to all their common functions like changing windows, work-spaces and launching tools. This is a great handy feature for users who enjoy keyboard shortcuts. Being a live system doesn't mean once can't access existing data from USB drives or internal hard drives which are part of computer. Users will still be able to view and write into them by navigating to Places > Computer > Other Locations and clicking on the appropriate drive. Users will need to authenticate themselves with the administration password before being granted ability to read/write data to those drives.


Tails does a lot of things right to give its users what they promised. The online anonymity and privacy, secure web browsing experience, apt-get access to Debian's vast collection software packages, timely upgrades to newer versions of Tails and assistive technologies for users with special needs (Screen reader, Screen keyboard and Screen zoomer) are some of the positives.

Depending on user preferences, there could be a few things some users might not like about Tails. GNOME desktop's polished look and feel, the small set of applications installed by default and minor slowness in loading of web pages in the Tor Browser.

Like all systems, Tails has its set of limitations. Tails can't protect anonymity and privacy against compromised hardware (keylogger), BIOS attacks or compromised Tor exit nodes. Detailed limitations are documented on their web site along with steps to overcome some of them. Users are recommended to review the list to determine if Tails is the right tool for them. For most users, as long as they are running the latest version of Tails, these limitations will not matter and they can be guaranteed of their anonymity and privacy.  

The distribution could improve by considering the inclusion of Privacy Badger browser extension (automatically blocking third party trackers) and secure and encrypted messaging application called Signal for chat, voice and video.

Tails, for the last 10 years has focused on developing a live Linux OS that's focused on anonymity, security and privacy. It has done a good job at it and has proved to be an excellent live OS option for anyone who is privacy conscious. In today's world of eroding online privacy, Tails stands out prominently for their commitment towards protecting user privacy and anonymity.

Join us

Scalability, reliability and maintainability are the three pillars that govern what we build at Halodoc Tech. We are actively looking for engineers at all levels and if solving hard problems with challenging requirements is your forte, please reach out to us with your resumé at

About Halodoc

Halodoc is the number 1 all around Healthcare application in Indonesia. Our mission is to simplify and bring quality healthcare across Indonesia, from Sabang to Merauke. We connect 20,000+ doctors with patients in need through our Tele-consultation service. We partner with 4000+ pharmacies in 100+ cities to bring medicine to your doorstep. We've also partnered with Indonesia's largest lab provider to provide lab home services, and to top it off we have recently launched a premium appointment service that partners with 500+ hospitals that allow patients to book a doctor appointment inside our application. We are extremely fortunate to be trusted by our investors, such as the Bill & Melinda Gates Foundation, Singtel, UOB Ventures, Allianz, GoJek, Astra, Temasek and many more. We recently closed our Series C round and In total have raised around USD$180 million for our mission. Our team works tirelessly to make sure that we create the best healthcare solution personalised for all of our patient's needs, and are continuously on a path to simplify healthcare for Indonesia.

Lenish Namath

Director of Engineering, Site Reliability Engineering (SRE) and Security