Tails profile

Carlsagan

Just a thought.
Could it be possible to create a tails like profile.
Meaning:

it has a persistent VPN connection
read-only. Basically, every time you leave the profile, all data is lost.

Any thoughts on this?

23Sha-ger

What stops you from creating a guest profile, with the Wireguard app cloned to it, and using it as your "disposable" profile? Just delete the profile, and all data is lost. I do it many times when I travel, I register a local throwaway SIM card number on social platforms such as whatsapp/telegram, then when I leave the country I nuke the entire profile.

Murcielago

fxnn

If you set up a guest profile under Settings> System> Multiple users, there is a "Delete guest activity" button.

The hint below reads as if all guest profile data is removed when activated: "Delete all applications and data when guest profile is closed".

And from the GrapheneOS FAQ (which you thankfully already linked to - just quoting it again for ease of use):

https://grapheneos.org/faq#encryption

Sensitive data is stored in user profiles. The user profiles each have their own randomly generated hard disk encryption key, which is used for encryption.

and

File system-based encryption is designed to allow files to be deleted without having the keys for their data and file names, which allows the owner profile to delete other profiles without them being active.

and from this post (which talks about the pros and cons of user profiles):

https://discuss.grapheneos.org/d/4867-secondary-user-profile-as-a-main-one-advantages-and-disadvantages

To improve forensics, you can delete profiles with a keystroke, which deletes the encryption keys and leaves minimal to no artifacts since all profiles are encrypted.

This reads to me (someone please correct me if I am wrong) as if access to the data is not possible and purging a profile leaves at most minimal traces in the form of artifacts.

23Sha-ger Very cool idea to use the guest profile like this, by the way, I like it.

fxnn

Tails aims to leave no trace of itself and the user activity on the device it is used on. Do guest profiles do that? Imo this mainly boils down to:

When a guest profile is deleted, is its data either erased in an irrecoverable way or in some other way protected (for example encrypted)?
Is there any way to prove the existance of a guest profile and/or the activities done inside it after it has been deleted?

Obviously Tails has other features as well, but I think this would be the most important.

Links that might be of interest:
https://source.android.com/docs/devices/admin/multi-user
https://grapheneos.org/features#improved-user-profiles
https://grapheneos.org/faq#encryption

fxnn

Murcielago

Thanks for your comment!:)

This reads to me (someone please correct me if I am wrong) as if access to the data is not possible and purging a profile leaves at most minimal traces in the form of artifacts.

I also think this is the case for normal user profiles. However, is that the same for the guest profile? Does it have its own encryption key or use the same as the owner etc, as iirc there's no password/pin?