WEBVTT

00:00.710 --> 00:06.890
Now that we have Thales installed, configured with persistence and we learn the basics on how to use

00:06.890 --> 00:08.390
it and interact with it.

00:08.510 --> 00:15.710
In this lecture, I want to talk about the Tor browser that comes with tails and highlight a major restriction

00:15.710 --> 00:20.390
that Thales enforces over the Tor web browser.

00:21.500 --> 00:27.110
So go into the applications, you can see we have in our favorites the Tor browser.

00:27.710 --> 00:34.070
As you know, we've actually covered this browser before and we spoke about how it works and we learned

00:34.070 --> 00:40.610
how to install it on different operating systems and how to properly configure it for optimum security

00:40.610 --> 00:41.810
and anonymity.

00:42.950 --> 00:47.690
So what we have here is an identical version to the browser that I showed you before.

00:47.840 --> 00:52.540
You can go to check the Tor project dot org to make sure that everything is connected.

00:52.550 --> 00:58.880
But we already know that everything is working because as I mentioned before, all connections sent

00:58.880 --> 01:04.490
from Thales, from the whole operating system, go through the Tor network and we can confirm this from

01:04.490 --> 01:05.330
this onion.

01:06.220 --> 01:10.600
But if you really just want to double check, you can just go to check.

01:11.790 --> 01:14.040
The third project dot org.

01:14.340 --> 01:17.490
And as you can see, it's telling us that everything is working.

01:17.520 --> 01:21.480
Everything is configured properly and we are using the Tor network.

01:21.990 --> 01:28.350
Now, as I showed you before, you can go to the onion icon in here to request a new identity change

01:28.350 --> 01:30.940
security settings or check for updates.

01:30.960 --> 01:38.040
You can check your Tor circuit from here and you can also modify the options from here.

01:38.520 --> 01:42.860
Now, like I said, I spent multiple lectures explaining what the circuit is.

01:42.870 --> 01:45.900
What do we mean by a new identity and a new circuit?

01:45.900 --> 01:51.030
How to modify the security options for optimum security and anonymity.

01:51.030 --> 01:53.330
So I'm not going to talk about that now.

01:53.340 --> 01:58.800
You can go ahead and do everything that I showed you previously, because the steps to do it here are

01:58.800 --> 02:05.190
identical to the steps you'd follow with any Tor browser, regardless of what operating system it's

02:05.190 --> 02:06.240
installed on.

02:06.930 --> 02:14.610
So I'm just going to go and change my security settings and crack that to the safest, and we are good

02:14.610 --> 02:15.300
to go.

02:16.050 --> 02:20.760
I'm also going to keep this screen at this size because as I mentioned before, you don't want to use

02:20.760 --> 02:25.680
the screen in full screen because that will give information about your monitor.

02:26.040 --> 02:31.770
Also, keeping it at the default size is always a good idea because that makes you less unique.

02:31.800 --> 02:39.960
And like I said, Tor and Thales work best by making it hard to distinguish the users that use the services.

02:39.960 --> 02:46.410
So when we keep the window at the default size, it's harder to distinguish between me and other users.

02:47.040 --> 02:53.430
What I want to cover, though, in this lecture is an extra feature that Thales implements, or an extra

02:53.430 --> 03:02.520
restriction that Thales applies to the Tor browser to improve the security of the whole browser so that

03:02.520 --> 03:07.620
it's more difficult to exploit and use to gain access to our system.

03:07.620 --> 03:15.900
Thales implement kernel level restrictions over the Tor browser so that it cannot access any folder,

03:15.900 --> 03:20.910
any location within the file system except for one folder.

03:21.810 --> 03:28.080
Therefore, if we wanted to download something from the browser or upload something, we can only do

03:28.080 --> 03:31.350
that from one folder in our file system.

03:32.100 --> 03:39.810
So if we look at the places here, you'll see we have a folder called Tor browser and we have a folder

03:39.810 --> 03:42.180
called Tor Browser Persistent.

03:42.180 --> 03:45.660
Because I enabled persistence on my installation.

03:45.660 --> 03:53.520
You will only see this if you enable persistence and as the names suggest, the Tor browser folder is

03:53.520 --> 04:00.030
non persistent, so anything you place in this folder will be deleted once you shut down or restart

04:00.030 --> 04:00.750
tails.

04:00.750 --> 04:07.650
The persistent folder is persistent, so if you start anything in that folder it will not be deleted

04:07.650 --> 04:10.020
when you restart or shut down tells.

04:10.830 --> 04:18.450
Now these two folders or directories are the only folders that the Tor browser has access to.

04:18.750 --> 04:24.570
So if, for example, you wanted to save this image, so you're going to go right click and save image

04:24.570 --> 04:29.730
as I'm just giving this as an example, but this applies for anything that you want to save.

04:29.910 --> 04:35.340
You'll see we're automatically in amnesia, which is the name of our user Tor browser.

04:35.340 --> 04:37.680
So this is the path that we are in.

04:37.770 --> 04:43.770
And if we wanted to change this path, to save this somewhere else, for example, if you click on desktop,

04:43.770 --> 04:47.160
you'll see we get an error message saying Permission denied.

04:48.400 --> 04:55.720
You'll get this error message if you click on any other directory in your computer except the Tor browser

04:55.720 --> 04:59.920
directory, the Tor browser normal and the Tor browser persistent.

04:59.950 --> 05:05.770
So let's start this, for example, in the Tor browser in here, and it's just going to be called Tor

05:05.770 --> 05:07.090
on Pag.

05:07.120 --> 05:08.380
I'm going to save it.

05:08.740 --> 05:12.550
And now if I go to places tor browser.

05:13.750 --> 05:14.350
You'll see.

05:14.350 --> 05:15.700
We have the image here.

05:16.300 --> 05:18.840
So it's just like any other directory.

05:18.850 --> 05:24.280
The only thing is this is the only directory that is visible to the Tor browser.

05:24.430 --> 05:31.270
So the same thing applies if you wanted to upload a file and send it anywhere you want to be able to

05:31.270 --> 05:36.580
upload any files unless they are stored in Tor browser or in the Tor browser.

05:36.580 --> 05:37.240
Persistent.

05:37.240 --> 05:43.210
So if you had something on desktop or in music or in the documents, you'll have to first copy it to

05:43.210 --> 05:49.750
one of these directories, either to Tor browser or Tor browser persistent and then upload it from there.

05:50.840 --> 05:54.740
So if I just go to a tiny upload dot com.

05:55.190 --> 05:57.070
This is a file sharing service.

05:57.080 --> 05:59.690
It's by no means anonymous or private.

05:59.720 --> 06:06.320
I'm just using it as an example to show you how the browser only have access to specific directories.

06:07.040 --> 06:13.220
So if I click on Browse to select the file that I want to upload again, you can see by default in the

06:13.220 --> 06:17.660
Tor browser directory which I can upload files from with no problems.

06:17.660 --> 06:24.600
But if I try to go to my documents again, I'll get the same error downloads or any other directory.

06:24.620 --> 06:26.690
I'll always be getting this error.

06:26.720 --> 06:32.540
Therefore, if you want to upload something, you'll have to copy it, paste it in your Tor browser

06:32.540 --> 06:36.860
or your Tor browser persistent if you have one, if you enable persistence.

06:37.130 --> 06:43.790
And then from here, you can just select it, open it, and it'll upload just like any other operating

06:43.790 --> 06:44.450
system.

06:44.960 --> 06:49.810
Now, like I said, this is not a private or an anonymous way of uploading files.

06:49.820 --> 06:53.300
I will show you a better way later on in the course.

06:55.020 --> 06:56.510
So that's it for this lecture.

06:56.520 --> 07:00.810
We've already used the Tor browser and we are already a little bit familiar with it.

07:00.840 --> 07:07.770
I just wanted to highlight the restriction that Thales enforces on the Tor browser, and in the next

07:07.770 --> 07:13.500
lecture I'm going to introduce you to the insecure browser that comes with Thales.