So how safe is Tails when using my hardware wallet or online accounts?

[20kevin20]

I'm trying to research a bit more about the safer operating systems and I came across Tails and Qubes OS. I'm now interested in placing Tails on some USB sticks for my own safety and using it every now and then for different tasks. One of these tasks is using Tails + my Ledger to create transactions in order to increase my anonymity.

I am just a little bit afraid to use Tails + Ledger and I know there are some members out there who are using Tails pretty often as a Live OS. Therefore, I have a few questions:

• Is there any risk of fund loss if I use Ledger Live together with Tails or is it, in fact, safer to use my hardware wallet on this OS? I'd use Electrum but I have some alts I need Ledger Live for!
• I've never logged in on any website by using Tor (browser) because I was afraid someone would be able to hack my accounts and gather my passwords. Is it safe to log in to my e-mail (no, not my personal one!)? What about BitcoinTalk or a decentralized exchange like Bisq? Does logging in through Tails make it more possible to have my passwords stolen if I log in to them?
• How do I SAFELY download things that I can also open (say an image or a video) through Tails while also online? I heard it's not a good idea at all to open files downloaded through Tor and knowing the fact that Tails enforces any connection to run through it, I guess it's not the best idea to download stuff and open them later..

The only thing that keeps me back from using Tails for such tasks is the fear of losing my cryptos or accounts through hacks. I'm willing to open myself up to the world of freedom and I am hopefully making the right steps towards it!

[1714780051]

1714780051

[jackg]

I haven't used tails but I know about tor:

• I've never logged in on any website by using Tor (browser) because I was afraid someone would be able to hack my accounts and gather my passwords. Is it safe to log in to my e-mail (no, not my personal one!)? What about BitcoinTalk or a decentralized exchange like Bisq? Does logging in through Tails make it more possible to have my passwords stolen if I log in to them?

You can log into other sites freely using Tor, if you want to keep your anonymity up there may be ways to isolate different parts of your desktop although I imagine tor tabs can't interact with each other anyway (much like firefox ones can't unless you add a script).

When connecting to tor, your information is encrypted at every hop and there are layers of encryption, it's like an onion.
If you've hidden a note inside a gold onion, have 3 runners and the king you're sending your note to.
1st runner, peels back their layer with a key
2nd runner peels back their layer with a key
3rd runner peels back their layer with a key
Then king then has the final key to gain access to the note.

1 knows who you are and that you sent an encrypted note to 2 and so on but they don't know what the note is and they don't know all the hops it took, they just knew the last hop and yours.

If runner 1 and 3 were in kahoots, they'd know every hop but as long as you have HTTPS enabled (and if you click the padlock when you go to the site you can check it's authenticated - I'd trust QuoVadis or Comodo CA to be distributing authentic licenses).

• How do I SAFELY download things that I can also open (say an image or a video) through Tails while also online? I heard it's not a good idea at all to open files downloaded through Tor and knowing the fact that Tails enforces any connection to run through it, I guess it's not the best idea to download stuff and open them later..

The thing with downalods is that even an image can contain a tracker or something to hijack your machine. If you trust the source you downloaded it from and accessed it via an encrypted source then you're fine to open it. A bit of a difference with tor is that if there's a warning triangle next to the padlock with a line through it this means some media is NOT encrypted by the source server and I therefore wouldn't trust it.

(I've spent too much of my day discussing european royals)

[20kevin20]

~

The thing with downalods is that even an image can contain a tracker or something to hijack your machine. If you trust the source you downloaded it from and accessed it via an encrypted source then you're fine to open it. A bit of a difference with tor is that if there's a warning triangle next to the padlock with a line through it this means some media is NOT encrypted by the source server and I therefore wouldn't trust it.

Thanks for your reply, very useful information indeed! So I should be safe logging in to any website using Tor (of course, any legit website using HTTPS)

Correct me if I got it wrong: so as soon as I download an image from.. say imgur or a video off Reddit, I should be fine as soon as there is no little warning triangle with a line, right?

(I've spent too much of my day discussing european royals)

Haha, it was an interesting and very ELI5 way to explain it though

[jackg]

Thanks for your reply, very useful information indeed! So I should be safe logging in to any website using Tor (of course, any legit website using HTTPS)

Correct me if I got it wrong: so as soon as I download an image from.. say imgur or a video off Reddit, I should be fine as soon as there is no little warning triangle with a line, right?

Yes you should be fine as long as you trust the poster and reddit. I don't know if they do but they probably strip image meta data that's unnecessary anyway. Facebook goes as far to strip location, even bitcointalk uses a proxy to strip away similar things so I imagine reddit does too but I'm not entirely sure...

Reddits certificate is issued by digicert, they're another certificate I'd trust. If you click the padlock and sometimes the right arrow on the dropdown you'll see who verifies them...

It's possible to hijack a certificate at the exit node but it's not possible for them to get reddits certificate from digicert and pass it off as their own...

[HCP]

Is there any risk of fund loss if I use Ledger Live together with Tails or is it, in fact, safer to use my hardware wallet on this OS? I'd use Electrum but I have some alts I need Ledger Live for![/li][/list]

Given a lot of hardware wallets claim that you can use them on a compromised PC without issue... then using it with a Tails Live USB should be not different to using it on say a Windows or MacOSX machine.

In theory, (unknown and/or unpublished flaws in HW security aside) the OS you use your hardware wallet on should not make any difference to the security of your private keys... they're effectively "shielded" from the network by the hardware wallet itself, regardless of what that device is connected to. The only way to "lose" your cryptocurrency would be if you didn't follow the proper checks and procedures and executed transactions without properly confirming outputs, addresses and amounts etc.

[hatshepsut93]

Tails is by default amnesiac, meaning it won't persist any data between sessions. So, the biggest danger is creating a wallet, failing to write down the seed or backup the wallet file on a USB, and then ending the session - this would mean that the wallet is gone forever.

As for the rest, Tails is just Linux that routes everything through ToR, it's more secure than Windows because Linux is more secure than Windows, but it's not a silver bullet against hacks, and in general there's no such things.

[KrisAlex18]

On my own opinion, having hardware wallet and online wallet have advantage and disadvantage things, but I prefer more the online wallet.
The advantage of having hardware wallet:
*It is safe for hacking, there is no way for hackers to access if because it is not accessible online, it just a real wallet because you can touch it because of being hardware.
The disadvantage if having hardware wallet:
*Once you forget where you put your wallet, then you should be scared because that is the only thing for you to access your wallet

Where online wallet is prone to hacking because of some malware and virus online on your computer or cellphone but if you add 2FA, strong password, and if secure it well, it will be hard for hackers to access it.

[Chikito]

• Is there any risk of fund loss if I use Ledger Live together with Tails or is it, in fact, safer to use my hardware wallet on this OS? I'd use Electrum but I have some alts I need Ledger Live for!

I thing hardware wallet better safe than software wallet ( electrum), "private key never leave your device" even your OS has malware or bad connection. I hear tails 4.3 was include trezor package, they know how to safe your fund.

• What about BitcoinTalk .. Does logging in through Tails make it more possible to have my passwords stolen if I log in to them?

No problem atm, when you close or shut down it, all history (cookies, cache, site data, etc)  has gone, your IP will change next login, so on. but you need to login bypass captcha for it.

[Lucius]

One of these tasks is using Tails + my Ledger to create transactions in order to increase my anonymity.

The anonymity of transactions can only be achieved by creating brand-new wallets, and then to mix all your coins (by mixer for BTC or via exchanges for altcoins) and send them back to new wallets. Then you should always use TOR and don't send them to the exchange where you did KYC, or to someone privately who knows you. What I really want to say is that complete anonymity is not an easy thing, and some live in such a belief only because at some point they start using TOR or VPN.

As HCP has already written, hardware wallets should be secure on any OS, and everything is really a matter of preference and habit of each individual user. As far as general security is concerned, I think it's already known that Windows isn't best choice, so you will not go in the wrong direction if you're try some alternatives.

[ABCbits]

• Is there any risk of fund loss if I use Ledger Live together with Tails or is it, in fact, safer to use my hardware wallet on this OS? I'd use Electrum but I have some alts I need Ledger Live for!

If you use Hardware wallet, OS you use won't make much different, unless it's possible to extract private key/seed from possible. Just make sure you always check the transaction before confirm it and always update firmware of your HW wallet.

It's more likely you lost access to your coin because you forget to backup the seed when reset/initialize hardware wallet or create wallet on Electrum.

• I've never logged in on any website by using Tor (browser) because I was afraid someone would be able to hack my accounts and gather my passwords. Is it safe to log in to my e-mail (no, not my personal one!)? What about BitcoinTalk or a decentralized exchange like Bisq? Does logging in through Tails make it more possible to have my passwords stolen if I log in to them?

As other user mentioned, there's no major security risks if you use HTTPS connection. Take note that not all website welcome Tor user, they either block you or require you to solve captcha (which could take few minutes).

[jackg]

• I've never logged in on any website by using Tor (browser) because I was afraid someone would be able to hack my accounts and gather my passwords. Is it safe to log in to my e-mail (no, not my personal one!)? What about BitcoinTalk or a decentralized exchange like Bisq? Does logging in through Tails make it more possible to have my passwords stolen if I log in to them?

As other user mentioned, there's no major security risks if you use HTTPS connection. Take note that not all website welcome Tor user, they either block you or require you to solve captcha (which could take few minutes).

I've used archive sites as a middleman in the past or you can use other proxies at the outer layer. They're unlikely to add trackers to the files you download, but they might do. Anyway most social media like reddit, imgur, Facebook and twitter freely welcome users over tor without any slowness so this shouldn't be too much of a problem.

[20kevin20]

Alright, thank you all for the answers! I knew this is the best place to ask. Got my answers now so I don't have to be worried about using hardware wallets or accounts on a Tor-enabled OS. Awesome!