Anyone know when they announce the winner?

I wrote the developers I doubt we will see Wine on T.A.I.L.S.
Aslo the developers do not like truecrypt

"... Tails developers do not recommend TrueCrypt. We include TrueCrypt only to allow users of the (old and now unsupported) Incognito live system to access the data on previously created media. In the future, we would like to provide proper alternatives and stop distributing TrueCrypt. This means that you should not create new TrueCrypt media if you intend to stay with Tails in the long run."
I would say that backtrack 5 R3 is still the best choice at the moment

Please add Wine and TrueCrypt
Inbox
   x
Hudson Seiler <>
   
Dec 25 (1 day ago)
      
to tails-dev
Hello recently I wrote an article about avoiding banking trojans and bots on http://www.ethicalhacker.net using Backtrack 5 r3 live cd. I thought that Backtrack 5 r3 was okay for the power user, but not the common user. Then I was told about Tails my only complaint with it is the lack of Wine and TrueCrypt. It would be awsome if you could add Wine and TrueCrypt to the live cd.

article
http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,9571.0/

sincerely,
Hudson Seiler

Reply

   
5:27 PM (4 hours ago)
      
to Tails, me
> Truecrypt is very useful indeed, but it can be installed on Tails,
> simply download the tar.gz package from truecrypt.org and execute the
> script, it will install it.
>
> I also recommend to the development team that truecrypt should be
> included by default and come with the DVD already.

TrueCrypt is already included in Tails, please refer to the doc:

https://tails.boum.org/doc/encryption_and_privacy/truecrypt/.

Regarding Wine, Tails is not meant to be a general purpose operating
system but a selection of tools designed to answer some particular use
cases, see our design doc:

https://tails.boum.org/contribute/design/

Apart from the fact that I really doubt we want to encourage people
running probably non-free software through Wine. How would Wine help us
fulfil better our goals?

That's defiantly a good idea. It would be great to see wine and truecrypt on a more user friendly OS like  T.A.I.L.S.

Also posted this on hak5.org encouraging people to come to ethicalhacker.net

157 views so far...
http://forums.hak5.org/index.php?/topic/28192-12-steps-to-a-malware-free-existence-using-a-backtrack-5-r3-live-cd/

Tried out T.A.I.L.S it's cool and user friendly but it lacks wine and truecrypt. So I still would say backtrack 5 r3 is a better choice if your only going to use a live cd.

TAILS is for anonimity not security Tor's security sucks (http://nspill.blogspot.com/2010/04/tor-exit-node-sslstrip.html) but it's anonymity is good. Using backtrack 5 R3 with vpn is much more secure but it's not anonymous. Also the chances of having a attacker that is dedicated is really low. Compared to Windows and Mac and Ubuntu your much more secure.

I assume that the sd cards are read-only and that no hard disk is not mounted. The files on the read only sd card are encrypted with truecrypt and the password for truecrypt is on a Yubikey to decrypt. The passwords are in Keepass a password manager and require keyfile on a separate read only sd card. Also I assume the power user is smart enough to change the default root password and run no-script on firefox.

Yes live cds have flaws and running as root does have it's drawbacks but because live cd sessions are non-persistent that would require an attacker to re-exploit machine multiple times. These assumptions are reasonable for a power user to follow 99% chance of not getting hacked.

BackTrack 5 maybe out dated but it has Backtrack 5 boot option BackTrack Forensics (http://www.backtrack-linux.org/wiki/index.php/Forensics_Boot)
As long as you change the default root password it's okay to run as root on a live cd. Provided you power the pc down after each session that should provide more then enough protection.

So any thread I start will automatically enter will enter me in the contest?

Thanks for not destroying me on my first post. This was written more toward the power user crowd. I agree standard users will never do this. winmd5Free is simple to use that's why I suggested it but you make a valid point.

Microsoft Windows has a long history of mass attacks launched at it with exploit kits such as Black Hole and usb spreading. Once the Windows machine is exploited banking bots are installed on that machine.  Zeus targeted Internet Explorer and Firefox web browsers. Zeus introduced form grabbing http://en.wikipedia.org/wiki/Form_Grabber and web-injects and ATS attacks using web-injects (http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp_automating_online_banking_fraud.pdf). Also Zeus featured vnc (like RDP full gui access to victims machine) and backconnect (allows the botmaster to use the victim’s pc as a proxy andl also to access the victim pc file system). Zeus source code for 2.0.8.9 was leaked.

SpyEye built on Zeus adding support for the web browsers Chrome, Opera.
Unlike Zeus SpyEye requires a vps or dedicated server.
SpyEye uses collector daemon and requires debian or centos server.
SpyEye added screenshots to defeat onscreen keyboards. SpyEye also added dns changer allowing the attacker to change the dns settings of infected computers. SpyEye added webfakes plugin allowed the attacker to intercept and change the page victim machine is viewing. Also DDOS module was added and credit card grabber plugin was added.
The hidden rdp plugin is by far the best of SpyEye’s plugins as it uses a hidden Remote Desktop session instead of vnc like zeus.The SpyEye hidden rdp daemon only works with debian or centos. SpyEy also has socks proxy plugin and a ftp plugin both uses the same backconect daemon.

Citadel built off Zeus source code is now the prefered bot by cyber criminals.
Citadel is a work in progress checkout http://malware.dontneedcoffee.com/2012/10/citadelupdate1.3.5.1.html for more info on citadel.

Why do we still use Windows it’s clearly not secure. This failure rate is not acceptable just assume that your infected.

Okay so Mac is secure? No not really. Mac also has Zeus like clones Weyland Yutani bot.
http://krebsonsecurity.com/2011/05/weyland-yutani-crime-kit-targets-macs-for-bots/
Also Mac now has rats such as netwire
http://www.xylibox.com/2012/07/netwire-first-multi-platform-rat.html
and Incognito
http://krebsonsecurity.com/2011/05/something-old-is-new-again-mac-rats-crimepacks-sunspots-zeus-leaks/

Okay Linux is secure? Currently linux only concerns are trojans such as Netwire and java trojans.


How can we bank online safely? The answer is using a linux live cd like BT5R3-GNOME-64 wine is loaded on it and read only sd cards to store your passwords and settings on.

First burn the iso and check the md5 sum.
Boot the iso and insert the sd cards in write mode download your programs to the sd creat your email account and other accounts using
a password manager such as keepass http://downloads.sourceforge.net/keepass/KeePass-1.24-Setup.exe
once finished lock the sd cards into readonly mode.

12 Steps to a malware free existence

1. Use a wired connection. Wifi sucks
http://hakshop.myshopify.com/products/wifi-pineapple

2. Use a wired keyboard and mouse. Hacking bluetooth is closer then you might think
http://hakshop.myshopify.com/products/ubertooth-one

3. Use a VPN http://strongvpn.com/

4. Use truecrypt encrypt your files on your sd card.

5. Use a Yubikey for your truecrypt password.
http://www.yubico.com/products/yubikey-hardware/yubikey/

6. Use a second sd card for a keyfile if using keepass.

7. Use two factor authentication for email a good choice would be gmail.

8. Always use  a password generator such as keepass to create your passwords.

9. Only use your email account on the livecd never use it anywhere else.

10. Backup your sd card data and your Yubikey password.

11. Use WinMD5Free works in Wine to check md5 sums of your live cd and your programs

12. Remember that your banking computer is not a toy and only do banking on it.