Silk Road forums
Discussion => Security => Topic started by: stemcell on January 29, 2013, 03:26 am
-
I will literally pay someone to help me I cant figure out what i need to be using. I operate through TOR. i want the extra measure of securit so should I use:
Liberty which i hear nightmares about
Tails which I dont know how to create a seperate computer in my computer
Kleopatra which i also hear problems about?
Which is the most user firendly? Can someone provide me a step by step manual of what I need to do from download to finish? right now im un intstalling them all because TOR/ GPA I dont know wtf im doing. I will pay someone to walk em through this i don't care anymore.
-
Everything you need to know on how to install Tails properly is on it's website - (clearnet) https://tails.boum.org/index.en.html - It's all i needed to install onto a USB drive, then to install a persistant version onto another USB drive. I couldn't be bothered right at this moment to write down all the steps (alot) cause i just smoked some super duper medical vanilla kush and i'm fucken fried :) ~ but i might have a change of heart later on.
Read through the Tails website first like you were reading the SR forums for the first time. Spend hours doing it until you understand how it works. Tails is pretty complicated piece(s) of software. Then come back at me with some specific questions.
Kleopatra is a PGP encryption program that is much harder to use than GPG4USB - available here (clearnet) http://gpg4usb.cpunk.de/gpg4usb-0.3.2-1.zip - that is a direct link to the file.
-
I will literally pay someone to help me I cant figure out what i need to be using. I operate through TOR. i want the extra measure of securit so should I use:
Liberty which i hear nightmares about
Tails which I dont know how to create a seperate computer in my computer
Kleopatra which i also hear problems about?
Which is the most user firendly? Can someone provide me a step by step manual of what I need to do from download to finish? right now im un intstalling them all because TOR/ GPA I dont know wtf im doing. I will pay someone to walk em through this i don't care anymore.
Your primary problem is that you're trying to do too much all at once. If I were in your shoes, I would do the following:
1) Download GPG4USB. You can download it from: http://gpg4usb.cpunk.de/index.html
2) Follow Astor's excellent tutorial, which you can read at: http://32yehzkk7jflf6r2.onion/gpg4usb/
Astor's tutorial will walk you through installing and using GPG4USB. This will have you using GPG within 15-20 minutes.
If you have any questions, feel free to PM me.
Nightcrawler <Nightcrawler@SR>
PGP-Key: 4096R/BBF7433B 2012-09-22
Key fingerprint = D870 C6AC CC6E 46B0 E0C7 3955 B8F1 D88E BBF7 433B
PGP Key: http://dkn255hz262ypmii.onion/index.php?topic=174.msg633090#msg633090
-
There's a fundamental contradiction between these statements:
i want the extra measure of security
Which is the most user firendly?
Sorry, but security is hard. If you want strong security, it won't be easy. You'll need to learn programs and possibly operating systems that you've never used before, and that might be twice as hard if you're a computer newb in general.
I see these demands all the time. People want strong security but make it easy. They want bitcoins that are fast, cheap, and anonymous. You can't have the world.
You need to pick a level of security that you are comfortable using and/or smart or dedicated enough to learn. Here's how I would break it down:
No Security: You use TBB and PGP on an unencrypted hard drive. Everything you do can be discovered by an adversary.
Low Security: All sensitive files are stored on an encrypted thumb drive, partition, or some other volume. This is low because the contents of such volumes can be leaked onto the unencrypted parts of the hard drive. For example, if you are a vendor who stores info in MyDrugClients.txt and you open that file in Notepad, the path and file name will be stored in the Recent Documents list. An adversary can discover the kinds of info stored on the encrypted volume and that alone can get you in trouble. The other problem is that you are still using the malware and shit infested Windows operating system. Microsoft cooperates with LE and even provides tools for forensic analysis of its OS. Your next KB134235325 proprietary binary blob update could be spyware pushed to your computer on behalf of LE.
Medium Security: A portable Linux distro like Tails or Liberte. Better, because they are open source, the developers don't work for a corporation that bows to government pressure, and they use isolated encrypted volumes that don't leak data. The trade off is that you get a lot of little annoyances with the weird filesystem layout, installing applications beyond the defaults that come with the distro can be a pain even for a seasoned Linux user (read the recent thread about getting bitcoin-qt runnin on Tails), and constantly having to reboot between sessions.
High Security: A Linux distro installed on the main hard drive with FDE. It offers the highest security because nothing about your computer can be known to an adversary except the kernel used to boot the system. They can't even prove the computer belongs to you if you purchased it with cash from a Craigslist seller. The main trade off is that this is the costliest option, because you need to dedicate a computer full time for this purpose. If you are wedded to your current OS, you'll need to buy a second computer, which can cost over $100 even for a used one.
Broadly speaking, those are your options. You have to choose how much time, money, effort, and brain cells you are willing to spend on your security.
-
High Security: A Linux distro installed on the main hard drive with FDE. It offers the highest security because nothing about your computer can be known to an adversary except the kernel used to boot the system. They can't even prove the computer belongs to you if you purchased it with cash from a Craigslist seller. The main trade off is that this is the costliest option, because you need to dedicate a computer full time for this purpose. If you are wedded to your current OS, you'll need to buy a second computer, which can cost over $100 even for a used one.
This is personally what i would be most happy using, i am willing to put in the time and effort and learn how to efficiently use Linux as it interests me somewhat. I understand you put a lot of time and effort into helping people out over here on the security forum but would you mind pointing me in the right direction and what Linux OS to use, or topics discussing this method. Basically just a more in depth explanation of this option.
Any help is greatly appreciated.
-
Re: astor's post above - this is why Astor is so fucking awesome. Dude's brilliant but knows how to break it down into accessible terms. Would +k if I could.
-
This is personally what i would be most happy using, i am willing to put in the time and effort and learn how to efficiently use Linux as it interests me somewhat. I understand you put a lot of time and effort into helping people out over here on the security forum but would you mind pointing me in the right direction and what Linux OS to use, or topics discussing this method. Basically just a more in depth explanation of this option.
Any vanilla Linux distro will work, although Ubuntu or Linux Mint will be easiest to install and have the best hardware support out of the box. The latest version of Ubuntu (and by extension Linux Mint, since it is based on Ubuntu) includes a one-click option at install time to set up FDE. The main difference between them is the default desktop environment. Ubuntu includes a DE that a lot of people don't like, although there are derivatives such as Kubuntu, Xubuntu, and Lubuntu that use a different DE by default. Linux Mint uses its own DEs.
The way to choose is to read up on and look at screen shots of Unity, XFCE, LXDE, KDE, Cinnamon and Mate, and choose the one that you like. You can also boot Live CDs and test them out. Keep in mind that once installed, you can switch between any of the DEs by installing them from the software repository. It is even possible to install the Cinnamon and Mate DEs (of Linux Mint) on Ubuntu and vice versa, so it's not a choice that you should be laboring over.
Any normal Linux distro will have a normal filesystem layout without the complications of Tails. You will also be able to install any software available in the repos, unlike Liberte.
My other gripe with Tails and Liberte is that they are "experimental" distros at best. They have been around for less than 3 years and have one (in the case of Liberte) and maybe a handful (in the case of Tails) of developers behind them. In my experience, and judging from dozens of threads on the forum, they are buggy as hell. It would be easier for a newb to use Ubuntu and Linux Mint, which have been around for a lot longer and have more developers behind them.
Once you've committed to installing one of the Ubuntu/Mint spins, it's not that hard at all. The main barrier seems to be in the cost or inconvenience of committing a whole computer for this purpose.
-
heres an initial step-by-step guide on installing tails to usb drive
http://dkn255hz262ypmii.onion/index.php?topic=114141.0
-
HackBB should be a good start. Take your time while going through the security process. You'll be pleased with all the shit you learn about computers.
-
Can someone provide me a step by step manual of what I need to do from download to finish?
If you'll give me a moment, I'll write out a step-by-step tutorial.
In the meantime, you can visit the following sites (THROUGH TOR!)
On GPG4Win (for windows users)
http://www.gpg4win.org/doc/en/gpg4win-compendium_6.html
On Bitcoin
https://en.bitcoin.it/wiki/Bitcoin_Newbie_Guide
https://en.bitcoin.it/wiki/FAQ
On Tor
Debian/Ubuntu is HIGHLY RECOMMENDED!!!!
http://www.torproject.us/docs/debian-vidalia.html.en
However, for Windows users:
http://www.torproject.us/projects/torbrowser.html.en
This includes instructions on how.
I hope this helps!
-
In the meantime, you can visit the following sites (THROUGH TOR!)
On GPG4Win (for windows users)
GPG4Win can be buggy and a lot of people have problems with it.
A lot of us who spend time in the Security forum highly recommend GPG4USB.
There's a tutorial on how to use it linked in my signature.