Silk Road forums
Discussion => Security => Topic started by: JindaByne on December 02, 2012, 02:55 am
-
Is it necessary to wipe my hard drive if I was lurking on SR using the TOR browser bundle before I downloaded tails?
Like I said, just lurking, can a forensics expert see what sites I had accessed on TOR even after it was deleted? I know some will say to just wipe it just to be safe, but it's proved to be rather difficult as I have a netbook with no CD drive to create a bootable CD with. I have tried creating a bootable USB with PMagic but with no success. I am open to the idea of wiping it with a program that you do not need to boot from a CD or USB but I have not found one. Any sugggests?
-
I'm not a security expert , but I think the answer is no. The Tor browser bundle doesn't store anything (except bookmarks). No cookies , no cache , no history.
-
HasselHoff is correct. If you look in torrc, the Tor configuration file, you'll see the following option is set:
AvoidDiskWrites 1
So nothing is cached to disk by Tor. Firefox is also configured not to store cache or history (you can check for yourself in the settings). However, if you saved bookmarks, those would be stored in a file on disk.
-
I did have SR and bitcoin info bookmarked...
Does anyone have any suggestions about a program to use to wipe a drive that doesn't require a bootable CD or USB?
-
To be honest, you should be fine if you simply delete the files. LE is not going to do a long, expensive forensic analysis of a small time drug user's hard drive. They don't have the resources, and you're not that important. You're not Bradley Manning or a terrorist or somebody involved in a multimillion dollar ponzi scheme. Those are the kinds of people where they would look in the free space of the hard drive for deleted files.
-
I did have SR and bitcoin info bookmarked...
Does anyone have any suggestions about a program to use to wipe a drive that doesn't require a bootable CD or USB?
How are you booting tails , From a USB? If so just use hdparm to do a IDE security erase on your hard drive , you don't need any special software - hard drives have built in firmware that can securely wipe the drive. You can find instructions on how to do this with google.
-
I did have SR and bitcoin info bookmarked...
Does anyone have any suggestions about a program to use to wipe a drive that doesn't require a bootable CD or USB?
You can use "dban" ( http://www.dban.org/download ) to overwrite your hard disk drive. (Burn the ISO to CD or DVD and boot your system with it)
In Future think about whole disk encryption. Truecrypt for Windows or Filevault2 for Mac are userfriendly ways to secure your PC.
If you do so, deactivate Firewire, eSata, Thunderbolt in your BIOS and only use shut down or hibernate.
Update: lol, sorry, didn't read well enough. In every OS-X is the "disk utility", which can overwrite free space in a running system.
But well, whole disk encryption with a good password is the right way to go. And not just because of drug related stuff.
-
Everything that the TBB may have written to your disk is going to be within the folder named "Tor Browser" that was created when you extracted the archive.of less likely there may be remnants in your 'swap file'
If you Google "bcwipe', download it, it's tiny, does not need to be run from a bootable CD and can wipe your swap file as well as the 'slack space' of the clusters that used to contain the folder named "Tor Browser".
Once installed, just 'right click' on the folder and in the context menu will be an option to "delete with wiping", make sure you set the correct options before clicking start... the options are simple and self explanatory.
-
My mistake, that should have read:
"or less likely there may also be remnants in your 'swap file' "
-
To be honest, you should be fine if you simply delete the files. LE is not going to do a long, expensive forensic analysis of a small time drug user's hard drive. They don't have the resources, and you're not that important. You're not Bradley Manning or a terrorist or somebody involved in a multimillion dollar ponzi scheme. Those are the kinds of people where they would look in the free space of the hard drive for deleted files.
Depends.
It took 3 months to get all the info (including deleted) from my HDD by local IT expert. All skype logs, emails etc. that includes something about drugs, were attached to the case and given to prosecutor.
Just for possessing 1g of extasy.
So you're lucky if police doesn't waste its time on you, little customer:)
-
To be honest, you should be fine if you simply delete the files. LE is not going to do a long, expensive forensic analysis of a small time drug user's hard drive. They don't have the resources, and you're not that important. You're not Bradley Manning or a terrorist or somebody involved in a multimillion dollar ponzi scheme. Those are the kinds of people where they would look in the free space of the hard drive for deleted files.
Depends.
It took 3 months to get all the info (including deleted) from my HDD by local IT expert. All skype logs, emails etc. that includes something about drugs, were attached to the case and given to prosecutor.
Just for possessing 1g of extasy.
So you're lucky if police doesn't waste its time on you, little customer:)
What country are you from?
-
Depends.
It took 3 months to get all the info (including deleted) from my HDD by local IT expert. All skype logs, emails etc. that includes something about drugs, were attached to the case and given to prosecutor.
Just for possessing 1g of extasy.
So you're lucky if police doesn't waste its time on you, little customer:)
That's why i recommend whole disk encryption.
And don't use google for drug related research. Use duckduckgo.com instead.
(Google logs everything)
-
Better still is to use DuckDuckGo's hidden service here on the darkweb that operates exactly the same as their clearweb search does.
Then you don't have to worry about unencrypted search queries being read by third parties at any of the hops between you and the duckduckgo web server (like for example 'carnivore' and similar, more recent betrayals).
DuckDuckGo's hidden service address is : http://3g2upl4pq6kufc4m.onion
-
Tdk - Can you elaborate on your situation a little bit more? You say they used this information against you in court?
-
Tdk - Can you elaborate on your situation a little bit more? You say they used this information against you in court?
IT-expert did a very good job looking through ~50gb of photos with my tiny kittens and naked girlfriends.. but finally found some pics of 'filled' syringes, green plants (lemons..) and 'high' friends. Asshole.
But investigator did not give a fuck. Nor the prosecutor did. Probably 'cause that was my first time caught they decided to spare me. They already got me with stuff at my pockets, so it wasn't neccessary to get further evidence, IMHO.