Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,610 --> 00:00:10,720 A live operating system can be booted from an external disk CD DVD USP stick or SD card to boot the 2 00:00:10,720 --> 00:00:12,200 live operating system. 3 00:00:12,210 --> 00:00:19,590 A person would connect or plug the stick or disk into the machine confirm within the BIOS that the machine 4 00:00:19,590 --> 00:00:27,180 will boot the operating system on the device first before the internal hard drive then power on the 5 00:00:27,180 --> 00:00:34,800 machine the operating system on the USPO stick with them rebooted instead of the operating system on 6 00:00:34,800 --> 00:00:36,370 the internal hard drive. 7 00:00:36,510 --> 00:00:41,730 And these live operating systems are also referred to by the media they're on so they can be called 8 00:00:42,240 --> 00:00:50,820 Live CD or a live DVD or live USP etc. they enable you to run an operating system from this external 9 00:00:50,820 --> 00:00:58,770 device without permanently installing it on the internal hard drive live operating systems can also 10 00:00:58,770 --> 00:01:01,300 be booted in virtual machines too. 11 00:01:01,470 --> 00:01:06,040 Which is great for testing and virtual security isolation. 12 00:01:06,300 --> 00:01:08,400 And this is a big advantage for security. 13 00:01:08,400 --> 00:01:15,030 And while you might want to use one if you boot an entirely separate operating system this lets you 14 00:01:15,030 --> 00:01:22,290 create a separate security domain to enable security and privacy through isolation from your standard 15 00:01:22,290 --> 00:01:24,460 security domain or environment. 16 00:01:24,810 --> 00:01:31,680 They can also enable anonymity if the live operating system supports anonymizing services. 17 00:01:31,920 --> 00:01:39,040 For example you might want to do a live USP on your laptop to access Tor live operating. 18 00:01:39,060 --> 00:01:49,890 I think that useful for security and or with looking at our tails Knoppix Popey Linux Jondo Tor secure 19 00:01:49,900 --> 00:01:54,190 live DVD and tiny colonics Linux. 20 00:01:54,270 --> 00:01:58,590 Most of these live operating systems kohm as ISO files. 21 00:01:58,770 --> 00:02:09,380 You need to then burn this to a disk CD DVD or create a bootable USP or SD card from the iso image. 22 00:02:09,390 --> 00:02:17,040 So if you look here here's an example of the ISO image for tails you would download that and use the 23 00:02:17,040 --> 00:02:20,790 ISO image if you want to burn that image onto a disk. 24 00:02:20,800 --> 00:02:31,650 It's very very simple in windows all you need to do is find the image right click on it and the disk 25 00:02:31,650 --> 00:02:34,440 image and select where you want to burn it to. 26 00:02:34,470 --> 00:02:42,120 Obviously you need a CD or DVD drive that will do the writing click burn and then you'll have a CD or 27 00:02:42,120 --> 00:02:51,050 DVD with which you can boot from if you want to create a bootable us B or SD card with the ISO you're 28 00:02:51,060 --> 00:02:54,770 going to need to use some piece of software to do that. 29 00:02:54,870 --> 00:03:00,570 Now while I would recommend is rufous And if you follow the instructions on here this will walk you 30 00:03:00,570 --> 00:03:02,490 through how to do it. 31 00:03:02,550 --> 00:03:09,660 Basically you download the software and you select the ISO image put in the USP stick and it does it 32 00:03:09,870 --> 00:03:11,420 for you. 33 00:03:11,430 --> 00:03:17,000 Another one that is useful is this one here Pen Drive Linux dot com. 34 00:03:17,040 --> 00:03:19,020 This does pretty much the same thing. 35 00:03:19,230 --> 00:03:26,640 And this will also walk you through it and if using other operating systems that tails website has some 36 00:03:26,730 --> 00:03:34,950 instructions here on how to create bootable USPS and SD cards and some of the live operating systems 37 00:03:35,220 --> 00:03:44,400 such as Knoppix and have functionality within them to allow you to run them from USP or SD cards you 38 00:03:44,400 --> 00:03:46,230 don't need to go through this process. 39 00:03:46,410 --> 00:03:49,330 But of course you do need to run the operating system. 40 00:03:49,410 --> 00:03:54,700 So with tails is an example you would burn it onto a CD or DVD. 41 00:03:54,720 --> 00:04:00,300 Start the operating system using that and then within the operating system it has some options for you 42 00:04:00,300 --> 00:04:04,870 to then put the operating system on a USP or SD card. 43 00:04:04,890 --> 00:04:12,540 Once you have a bootable CD USP stick or SD card you need to boot from that in order to do that in the 44 00:04:12,540 --> 00:04:14,530 right setting in the BIOS. 45 00:04:14,580 --> 00:04:20,400 If you're not sure how to do that then this page here might help you out what you need to find is a 46 00:04:20,400 --> 00:04:21,710 function key. 47 00:04:21,770 --> 00:04:24,710 You need to press when your machine starts. 48 00:04:24,780 --> 00:04:30,330 In order for you to get into the BIOS if you look on this page here you might find your machine's function 49 00:04:30,330 --> 00:04:32,980 key nodes get into the BIOS. 50 00:04:33,180 --> 00:04:34,890 And here's an example of the BIOS. 51 00:04:34,890 --> 00:04:37,970 For me it was EF 2 to get into the BIOS. 52 00:04:38,040 --> 00:04:44,150 You need to search through here to find something like boot and the Phoenix bias is quite a common bias 53 00:04:44,150 --> 00:04:44,190 . 54 00:04:44,190 --> 00:04:49,020 You might even have the same one and you can see they've got removeable devices you'll have some sort 55 00:04:49,020 --> 00:04:55,590 of equivalent and you need to move that to the top or to have that as a higher priority is your internal 56 00:04:55,590 --> 00:04:58,070 drive which is hard drive here. 57 00:04:58,230 --> 00:05:01,850 Or if you booting from the CD ROM you need to have that moved up further. 58 00:05:01,860 --> 00:05:07,980 If you want to boot them from a virtual machine you just have to select the ISO as a disk in the virtual 59 00:05:07,980 --> 00:05:09,350 CD drive. 60 00:05:09,350 --> 00:05:11,040 Now show you how you might do that. 61 00:05:12,500 --> 00:05:17,750 You will need to create a template for the live operating system here. 62 00:05:17,880 --> 00:05:20,680 So mine is going to be tails. 63 00:05:20,830 --> 00:05:29,900 So I know that tails is Linux Debian next next and you can just select defaults here but if you want 64 00:05:29,900 --> 00:05:36,680 it to be a non-persistent then you want do not add virtual disk and if you want the option of it being 65 00:05:36,680 --> 00:05:40,780 persistent then you want to create a virtual hard drive. 66 00:05:40,790 --> 00:05:46,920 I'll talk about the difference between persistent and non-persistent in a second. 67 00:05:46,980 --> 00:05:50,770 So then we have a template for tails settings 68 00:05:52,820 --> 00:05:57,760 storage select the drive that you want to mount it from. 69 00:05:57,750 --> 00:06:01,150 So CD drive and select. 70 00:06:01,160 --> 00:06:04,940 So you're going to go and choose where the disk is. 71 00:06:04,940 --> 00:06:11,800 There's more details disk open and you can select here that it's a live CD. 72 00:06:11,810 --> 00:06:17,810 When that's checked virtual disk will not be removed when the guest system rejects it. 73 00:06:18,000 --> 00:06:19,130 Rick here. 74 00:06:19,120 --> 00:06:20,160 OK. 75 00:06:20,460 --> 00:06:27,280 And then when I start that tails will start just as if you've booted it from your regular machine. 76 00:06:27,320 --> 00:06:34,370 So as I mentioned live operating systems can be persistent non-persistent each having advantages and 77 00:06:34,370 --> 00:06:36,060 disadvantages. 78 00:06:36,110 --> 00:06:42,840 Persistence means that you can make changes within the operating system download files onto the stick 79 00:06:42,840 --> 00:06:43,050 . 80 00:06:43,190 --> 00:06:48,830 And these changes would persist the next time you boot the operating system they will be saved. 81 00:06:48,830 --> 00:06:55,070 The disadvantage of persistence is an attacker with physical access to your device or through an exploit 82 00:06:55,310 --> 00:07:01,550 could take control of the operating system and that would persist to the live operating systems designed 83 00:07:01,550 --> 00:07:09,530 for security like tails being configured with security in mind which is good but with persistence someone 84 00:07:09,530 --> 00:07:14,780 who doesn't know what they're doing can make changes to configuration and make it less secure. 85 00:07:14,790 --> 00:07:19,500 With persistence you must also keep the software up to date with security patches. 86 00:07:19,700 --> 00:07:21,980 So you'll need to check for patches. 87 00:07:21,980 --> 00:07:23,870 If you don't use it very often. 88 00:07:23,870 --> 00:07:31,000 On the positive side persist in operating systems can often be upgraded without having to download the 89 00:07:31,000 --> 00:07:34,460 full ISO again which is really useful. 90 00:07:34,750 --> 00:07:37,910 And you have Gnome persistence which is really the opposite. 91 00:07:37,910 --> 00:07:39,620 So no changes are saved. 92 00:07:39,620 --> 00:07:47,990 Everything is lost when you shut down a DVD for example would by its nature be Read-Only so be non-persistent 93 00:07:48,000 --> 00:07:48,090 . 94 00:07:48,200 --> 00:07:55,490 If the OS allows for it all media forms can be non-persistent so you can make a non-persistent us be 95 00:07:55,710 --> 00:07:59,060 all live us be in live SD card. 96 00:07:59,060 --> 00:08:05,730 The advantage of non-persistent is being that no evidence will be retained after the OS is shut down 97 00:08:05,990 --> 00:08:12,010 and any hacker who has compromised the machine cannot persist as everything is lost. 98 00:08:12,110 --> 00:08:14,190 Which is a key security control. 99 00:08:14,360 --> 00:08:20,120 If you want to force it on persistence you can do this at the hardware level as well by buying one of 100 00:08:20,120 --> 00:08:24,850 those right lock USP sticks and SD cards. 101 00:08:24,850 --> 00:08:30,380 I probably might run into though is if you have an older machine that you're wanting to use so you're 102 00:08:30,380 --> 00:08:33,490 wanting to use an on machine as a secure laptop. 103 00:08:33,530 --> 00:08:39,920 You may not be able to start from USP or SD card as it's not always support on these older machines 104 00:08:39,940 --> 00:08:40,220 . 105 00:08:40,220 --> 00:08:43,380 You might have compatibility issues with the old hardware. 106 00:08:43,490 --> 00:08:51,130 On the positive side USP sticks and SD cards are small transportable and give you a physical security 107 00:08:51,130 --> 00:08:55,110 domain so you can easily hide and store them securely. 108 00:08:55,260 --> 00:09:00,360 But on the other hand they can be easily lost which means encryption is required. 109 00:09:00,500 --> 00:09:05,320 If you're going to be transporting them around and if anything private is stored on them while operating 110 00:09:05,330 --> 00:09:12,380 systems can be used as virtual houses were shown to create separate security domains through virtual 111 00:09:12,380 --> 00:09:20,300 isolation for example using tails as a guest so as to access Tor like we said or using Knoppix to surf 112 00:09:20,300 --> 00:09:28,430 the web providing increased security through Nahm persistence in the section on isolation and compartmentalisation 113 00:09:28,420 --> 00:09:35,600 we'll go further into more detail on what is best for security privacy and anonymity in relation to 114 00:09:35,600 --> 00:09:39,040 virtualization and live operating systems. 115 00:09:39,050 --> 00:09:44,930 If you're wondering about what sort of USP stick to use and if you don't have on this is actually one 116 00:09:44,920 --> 00:09:49,070 that I have and I do recommend is very very tiny. 117 00:09:49,120 --> 00:09:52,500 You see here you can see just how tiny it is. 118 00:09:52,820 --> 00:09:57,150 You want to use B-3 search pretty fast and definitely recommend this. 119 00:09:57,150 --> 00:10:00,900 It runs hot but I have a couple of them and they do work well. 120 00:10:00,910 --> 00:10:04,290 SD card wise this one has worked just fine for me. 121 00:10:04,310 --> 00:10:10,910 The security are interpreted live Wes's will offer software encryption but you could look to get an 122 00:10:10,900 --> 00:10:13,830 extra layer of encryption at the hardware layer. 123 00:10:13,860 --> 00:10:21,080 Now when it comes to USPS the offer encryption what you'll usually find is that the encryption is provided 124 00:10:21,080 --> 00:10:25,490 by software so they are restricted as to what can be on there. 125 00:10:25,520 --> 00:10:32,660 Say you you little you put the USPS in and then something on there will run in say Windows to decrypt 126 00:10:32,720 --> 00:10:37,320 that USP so that's no good for you with a live operating system. 127 00:10:37,490 --> 00:10:48,290 But you do have some hardware based encryption USPO devices one is here and you can see that you literally 128 00:10:48,350 --> 00:10:51,510 tie pin the pin code to decrypt it. 129 00:10:51,740 --> 00:10:53,120 I haven't tried this. 130 00:10:53,120 --> 00:10:58,670 All I know is that this is available and it's saying the right things such as a Fips standard and a 131 00:10:58,660 --> 00:11:04,390 yes to 5:6 with X TS but obviously that could be implementation failures. 132 00:11:04,390 --> 00:11:10,100 Personally if it really mattered to me and the consequences were high I'd have this poster have an extra 133 00:11:10,100 --> 00:11:15,980 layer of encryption on the device and have some sort of encryption that enabled plausible deniability 134 00:11:16,040 --> 00:11:17,260 but that's just me. 135 00:11:17,270 --> 00:11:22,030 No other option is here and this one is by metrics. 136 00:11:22,100 --> 00:11:25,110 It encrypts and decrypts by a fingerprint. 137 00:11:25,180 --> 00:11:31,500 I believe in the US when the key disclosure laws you do have to provide biometrics but just bear that 138 00:11:31,520 --> 00:11:32,270 in mind. 139 00:11:32,370 --> 00:11:35,890 I'll talk more about key disclosure laws later on 15485