Silk Road forums
Discussion => Security => Topic started by: lonerism on December 28, 2012, 03:56 pm
-
I've been using TOR/bitcoin-qt on my imac but have decided I want to run it off a USB on a spare laptop.
What is the best method for completely clearing any traces of these programs ever being on my computer (aside from the secure empty trash) option.
cheers
-
Search function at the top of the forum, "delete tor", first page of results:
http://dkn255hz262ypmii.onion/index.php?topic=72700
The short story is that there no safe way to remove individual files from journaled filesystems. It's possible the files were written to multiple places on the disk and a good forensics program could search the free space and find them.
The only safe way is a full disk wipe with something like DBAN, but you would have to backup all important data and reinstall the OS.
-
Hmm, sounds easier to sell and just upgrade mac.
cheers
-
I've been using TOR/bitcoin-qt on my imac but have decided I want to run it off a USB on a spare laptop.
What is the best method for completely clearing any traces of these programs ever being on my computer (aside from the secure empty trash) option.
cheers
If you dl'ed the correct version of Tor, you could run it a True Crypted USB drive as I do. This leaves no trace of tracks locally on any computer, makes it very portable and when you shut it down, there is NOTHING to uninstall or for others to find.
Luv
PG
-
If you dl'ed the correct version of Tor, you could run it a True Crypted USB drive as I do. This leaves no trace of tracks locally on any computer, makes it very portable and when you shut it down, there is NOTHING to uninstall or for others to find.
Technically not true at all...
Windows especially, writes tons of junk everywhere, though most of the time it's fairly harmless, records of exe paths etc
https://svn.torproject.org/svn/torbrowser/branches/macos/docs/traces.txt Shows some of the stuff that windows does to pretty much any app you run. In most cases they are harmless, since Tor isn't illegal to use or run (in USA at least), any really bad stuff would be temp/caches of the websites themselves.
If you do more risky stuff like copy/paste/"file open" pictures etc from tor to your thumb etc more records and possibly even temp files etc could be saved.
All of this is true even if running off USB...
The only real way to have a completely TORless system is to not download or run it on your computer. Use a VM or a Live USB OS (like linux) to download run/setup and use Tor. Even then encryption is still highly suggested since these are more "stealth" security, you also want "lock/key" security if found.
I am not a tor expert, I haven't looked into how it caches images, webpages, history etc, and more importantly how it removes traces of said files. Those would be real issue that needs review. I would be VERY surprised if it stored anything outside of the directory the app was located in, so if you encrypt that you should be 90% safe.
You have to decide what risk is reasonable for yourself. Personally as a small, infrequent customer seperating online identities and encrypting my "tor" USB drive is enough.
-
On Windows there's the added problem of defragmenting, which moves files around and only "deletes" the old copies in the sense of removing the pointers. They still exist on disk.
I agree the mere presence of Tor isn't illegal and wouldn't worry about it as long as you didn't save a link to SR in your bookmarks, but OP asked how to remove it anyway.
I firmly believe that a random write across the whole hard drive is the only safe way to remove all potential traces of a file. "Shredding" programs that overwrite individual files multiple times are an illusion of safety, since they only overwrite the most recent copy of the file, that the OS knows about.
-
If you dl'ed the correct version of Tor, you could run it a True Crypted USB drive as I do. This leaves no trace of tracks locally on any computer, makes it very portable and when you shut it down, there is NOTHING to uninstall or for others to find.
Technically not true at all...
Windows especially, writes tons of junk everywhere, though most of the time it's fairly harmless, records of exe paths etc
If you do more risky stuff like copy/paste/"file open" pictures etc from tor to your thumb etc more records and possibly even temp files etc could be saved.
Yes, there's too much data leakage from encrypted volumes (files, partitions, external media) to make them safe. See the discussion I had with someone here:
http://dkn255hz262ypmii.onion/index.php?topic=71415.msg686230#msg686230
The only real way to have a completely TORless system is to not download or run it on your computer. Use a VM or a Live USB OS (like linux) to download run/setup and use Tor. Even then encryption is still highly suggested since these are more "stealth" security, you also want "lock/key" security if found.
I believe full disk encryption is safe as long as the device isn't on when LE arrives, so they can't extract the encryption key from RAM, but realistically speaking, the LE that pursue a drug buyer or low level drug dealer won't be sophisticated enough to do that, so I believe full disk encryption is safe in our threat model. Although, as discussed in the link above, an OS on real-only media or in a VM with FDE are the strongest protection.
-
Just destroy your hard drive, then buy a new one. That is what I will do