Activist Digital Security Guide: Tails OS & Beyond

For Those Who Challenge Power By Liz Howard, The Multiverse School


⚡ Quick Start: Under Active Threat?

If you're reading this because something just happened:

  1. Power off all your regular devices.
  2. Leave your phone at home (or put in faraday bag).
  3. Go to a public computer (library, internet café).
  4. Download Tails onto USB drive.
  5. Read the rest of this guide on Tails.

Not an activist, just been compromised? You want this guide.

Is it your partner or your ex? Are you in a bad situation? You want this guide.


🎯 Understanding Your Threat Model

As an Activist, You Face:

State-Level Surveillance:

Corporate Surveillance:

Oppositional Groups:

Your Data is Political. Protect It Accordingly.


🔐 Tails OS: Your Digital Panic Room

What is Tails?

The Amnesic Incognito Live System

Why Tails for Activists?


📀 Phase 1: Creating Your Tails USB

A. What You Need:

B. Download & Verify Tails

From a reasonably secure computer:

  1. Go to https://tails.net/install/
  2. Select your current OS (Windows/Mac/Linux)
  3. Download Tails (about 1.3GB)
  4. CRITICAL: Verify the download
  5. Download the signing key
  6. Verify the ISO signature
  7. This prevents backdoored versions

Red Flag: If verification fails, DO NOT proceed. Try different network/computer.

C. Create Installation USB

Method 1: From Windows

  1. Download Etcher: https://etcher.balena.io/
  2. Run Etcher
  3. Select Tails ISO
  4. Select first USB drive
  5. Flash (takes ~10 minutes)

Method 2: From Mac

  1. Download Etcher (same as above).
  2. If blocked: System Preferences > Security > Allow.
  3. Follow same steps as Windows.

Method 3: From Linux

$ lsblk
$ sudo dd if=tails.iso of=/dev/sdX bs=16M status=progress

D. Create Final Tails USB

  1. Boot from first USB (may need to change boot order)
  2. Select "Tails" at boot menu
  3. Once in Tails, use included installer
  4. Install to second USB with persistent storage
  5. First USB becomes your backup

🛡️ Phase 2: Tails Operational Security

A. Boot Discipline

Every Single Time:

  1. [ ] Remove battery from phone (or faraday bag)
  2. [ ] Ensure no cameras can see screen
  3. [ ] Boot Tails with network cable unplugged
  4. [ ] Set admin password if needed
  5. [ ] Connect to network only when ready

Never:

B. Persistent Storage Setup

What to Store:

Create Persistent Storage:

  1. Applications → Tails → Configure Persistent Volume
  2. Choose strong passphrase (diceware method)
  3. Select features to persist
  4. Restart Tails
  5. Unlock persistence at boot

C. Network Security

Tor Bridge Setup (if Tor is blocked):

  1. Get bridges: https://bridges.torproject.org
  2. Configure at Tails startup
  3. Use obfs4 bridges for heavy censorship
  4. Save working bridges to persistence

MAC Address Spoofing:


📱 Phase 3: Identity Compartmentalization

A. The Activist Trinity

1. Public Identity

2. Activist Identity

3. Secure Identity

B. Account Architecture

Email Structure:

Public: firstname.lastname@gmail.com Activist: [pseudonym]@protonmail.com Secure: [randomstring]@tutanota.com (Tails only)

Communication Channels:

Public: Regular SMS, WhatsApp Activist: Signal, Element Secure: Briar, SecureDrop, PGP

Social Media:

Public: Normal Facebook/Twitter Activist: Separate activist accounts Secure: None. Ever.


🚨 Phase 4: Protest/Action Security

A. Pre-Action Preparation

Digital Preparation:

Burner Phone Setup:

B. At Actions

Device Protocol:

If Arrested:

C. Post-Action Security

Immediate Steps:

  1. [ ] Get to safe location
  2. [ ] Check in with legal support
  3. [ ] Document any injuries/incidents
  4. [ ] Back up evidence to encrypted storage
  5. [ ] Debrief with trusted comrades only

Digital Cleanup:


🔍 Phase 5: Counter-Surveillance

A. Physical Surveillance Detection

The Four-Turn Rule:

  1. Make four random turns
  2. Anyone still behind you is following
  3. Don't be obvious about checking
  4. Have escape routes planned

Digital Surveillance Indicators:

B. Infiltration Prevention

Vetting New Members:

Security Culture:


📝 Phase 6: Documentation & Legal

A. Evidence Collection

Secure Documentation:

Chain of Custody:

B. Legal Preparedness

Know Your Rights:

Legal Support Structure:


🌐 Phase 7: Advanced Techniques

A. Air Gap Systems

For Highest Security:

  1. Computer never connects to internet
  2. Transfer files via USB (carefully)
  3. Use QR codes for small data
  4. Encrypt everything
  5. Physical security paramount

B. Anonymous Communications

Tor + VPN Layering:

You → VPN → Tor → Internet (for hiding Tor use)
You → Tor → VPN → Internet (for endpoint security)

SecureDrop for Whistleblowing:

C. Cryptocurrency for Activists


💪 Mental Security

A. Sustainable Security

Burnout is a Security Risk:

Community Care:

B. Threat Modeling Reality

Most Activists Aren't Snowden:


📋 Quick Reference Cards

Daily Practice Card

Morning:

□ Check news on Tails
□ Review calendar for risks
□ Verify backup status

Active Period:

□ Compartmentalize identities
□ Use appropriate devices
□ Maintain situation awareness

Evening:

□ Secure device check
□ Review day's activities
□ Plan tomorrow's security

Protest Day Card

Before:

□ Backup everything
□ Charge batteries
□ Clean social media
□ Prep burner phone
□ Write lawyer number

During:

□ Airplane mode
□ Faraday when not needed
□ No face photos
□ Disappearing messages
□ Stay with buddy

After:

□ Safe location first
□ Check in with legal
□ Process media safely
□ Secure debrief
□ Monitor for threats


🔗 Resources

Essential Tools:

Training & Support:

Emergency Contacts:


✊ Remember:

"You don't have to be perfect. You just have to be careful."

Solidarity Forever.


For secure support: liz@themultiverse.school
Private consultation: https://jitsi.themultiverse.school

This guide is for educational purposes. Always consult lawyers for legal advice.

Clear browser history. Stay dangerous. Stay safe. 🏴