Computer Guide for Getting Involved with MIM Online

Got a keyboard? Help type articles, letters and study group discussions from prisoners. help out
[Security]
expand

Computer Guide for Getting Involved with MIM Online

0. Things to Avoid

The following will cause you problems using Tor and GPG securely and should be avoided:

  • Apple computers (Tails may not work)
  • Apple mobile devices (No Tor Limited Tor, No Tox)
  • Chromebooks (Tails will usually not work)
  • Protonmail (can’t control GPG keys)
  • Tutanota (can’t control GPG keys)

Note that everything below can become outdated, so double check the links provided if things aren’t working.

1. Tails OS (Est. 2.5 hrs)

Tails is an operating system that is focused on anonymity for the lay persyn. It is relatively user-friendly, especially once you get it installed. It is unique in that whatever you do on Tails is not saved on the hard drive, unless you setup a PERSISTENT folder on the USB. It should be installed on a USB stick, and does not affect whatever Operating system you currently have. You can use your Tails USB stick, once you have it set up, to boot Tails on any desktop or laptop computer. However, Macs are difficult and require more work to setup. If that is hard for you I’d consider getting a different machine.

First, start by installing Tails OS. You will need the following materials:

  • 8GB minimum flash drive (bigger USB stick would be necessary for optimal work so make sure it has space for persistence storage)
  • A computer with the following:
  • Approx. 2GB RAM
  • A 64-bit x86-64 compatible processor
  • The ability to start from a flash drive

Tails OS will not work in Mac models that use the Apple M1 chip. Tails OS can work with computers with less than 2GB RAM but might behave strangely or crash.

Download Tails (Approx 1.5-2.0 hours) There are two ways to download tails, we will first go over how the method of installing without a pre-downloaded Tails flash drive.

  1. Open up Tor Browser (if you don’t already have it: https://www.torproject.org/download/)
  2. Go to the link: https://tails.boum.org/install/index.en.html
  3. Choose which operating system you are downloading Tails from (this is the operating system you are using currently to open up a browser)
  4. Click “Install From MacOS” under “Download and Install”
  5. Click “Let’s Go!”
  6. Verify your download by clicking “Verify Tails” and choosing your Tails file

Install Tails (Approx 30 min)

  1. Download “Etcher” (the instructions page would tell you to use GNOME Disks if you are on Linux; skip this step if you already have Etcher downloaded)
  2. Plug in the 8GB USB stick where you want to install Tails.
  3. Click “Select Image”
  4. Choose the USB Image you downloaded earlier. Etcher should automatically start saving Tails onto your USB disk. Otherwise, click the “Change” link to choose a different USB stick in which you would need another 8GB USB stick.
  5. Click “Flash”
  6. Enter your password if asked
  7. The installation takes a few minutes. After installing, Etcher verifies the installation.
  8. Close Etcher.
  9. Congratulations! You have downloaded TailsOS onto your USB stick!
  10. Print out the next instructions for opening Tails.

Starting TailsOS (Approx 15-20 min)

  1. Shut down your computer and plug in your Tails USB stick.
  2. Identify your boot menu key. (This will depend on your manufacture company; search for this info online, or look at your boot screen before your OS loads to get it. Common examples: ESC, F2, F12)
  3. Turn on the computer and immediately press several times the first possible Boot Menu Key identified in step 2
  4. If the computer starts on another operating system or returns an error message, shut down the computer again and repeat step 3 for all the possible Boot Menu keys identified in step 2. If a Boot Menu with a list of devices appears, select your USB stick and press Enter.
  5. If the computer starts on Tails, the Boot Loader appears and Tails starts automatically after 4 seconds.

Create Persistence Storage (This is a MUST!)

  1. Your welcome screen should show up. Select your language and keyboard layout in the Language Region section. Click “Start Tails.”
  2. Choose Applications ▸ Tails ▸ Configure persistent volume.
  3. Specify a passphrase of your choice in both the Passphrase and Verify Passphrase text boxes.
  4. Click “Create”
  5. Review the list of features - turn on Personal Data, Browser Bookmarks, Thunderbird, GnuPG, and Dotfiles (and anything else you want)
  6. Click “Save”

2. Email Address (Est. 5 minutes)

Before we can get started we will need an email address. You can check the list of providers at https://privacytools.io/providers/email/ for suggestions. We obviously use posteo.net, which accepts cash payment in U.$. dollars for easy anonymous payment. You can use a Posteo email with Thunderbird, the email app on Tails.

If you go with a ProtonMail email, keep in mind you cannot use it with Thunderbird unless you pay for ProtonMail Bridge.

For most of those options you will need to use a web browser with JavaScript enabled to register. This is a potential attack vector. So even though you are in Tails, using Tor to connect, you would be best to set up your email at an anonymous/public internet connection. Once we set up Thunderbird you will not need to log in via the website anymore.

You do not want to pick a username that anyone would connect with your bourgeois identity. And you obviously don’t want to use an account that is connected to your school, work, home, etc.

3. OpenPGP / GnuPG Keys (Est. 15 mins)

By creating an OpenPGP key, you will be able to ensure that your emails are fully encrypted. You will have a private key and a public key. The public key is how others address emails specifically to you. The private key is so that only you can read the emails that are addressed to you. If you want to receive email, you decrypt it with your private key. If you want to send it you encrypt your message with the public key of the person you are sending it to (this can be done automatically by Thunderbird).

You can manage your OpenPGP keys using Kleopatra (which you can find in Applications).

REMINDER: You must have persistence turned on above for any of the stuff below here to be saved.

To create your PGP key pair go to: File -> New Key Pair

Enter in your email account and your nickname. You can set the key to never expire, if you want. You do not have to change any of the other settings.

To export your private key, right click the key you made under GPG keys. Choose “Export Secret Keys”. You will use this file below to import into Thunderbird. (Yes you can create a keypair directly in Thunderbird, but you will probably want to use it for other things so we recommend the above.)

4. Thunderbird (Est. 15 minutes)

When you start up Thunderbird, you will want to enter your email address and password and set up the IMAP(receiving) and SMTP (sending) connections based on the info given by your email provider (see their help page). We recommend not saving your password in Thunderbird and entering it each time. Use KeepassXC to securely store any passwords for email, PGP, and other accounts.

In order to set-up Thunderbird with your PGP keys, go to the top right corner of thunderbird. Choose ≡ ▸ Tools ▸ OpenPGP Key Manager. Import your secret key (which is the same as your private PGP key). Import the MIM(Prisons) public key. (see: https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_i-have-never-used-openpgp-with-thunderbird-before-how-do-i-setup-openpgp)

In order to import our public key, copy it from here: https://www.prisoncensorship.info/contact

Make sure to include the full header and footer identifying it as a PGP Public Key Block. Paste it into the Text Editor and save the file. Then use the Thunderbird instructions above to import our public key like you did your own.

Afterwards, go to the top right again. Choose ≡ ▸ Account settings ▸ End to End encryption. It’ll say none, select your private key (it’ll read like a bunch of numbers and letters).

On that same page under “Default settings for sending messages” check “Enable encryption for new messages”. You may want to check “Sign unencrypted messages”.

Under Advanced Settings, it’s best to check all 3 options.

Now, you can send an email and it’ll automatically encrypt your messages with the other persons public key, and decrypt messages sent to you with your private key!

5. Tox

Tox is a messaging app we use on Tails. For more details on how to install it: https://www.prisoncensorship.info/article/computer-security-setting-up-tox-messenger/

chain