Silk Road forums
Discussion => Security => Topic started by: cantellya on March 01, 2013, 03:07 am
-
Hello kind folk of the SR,
Being a slight noob, when I first started using Tor and the SR, I saved some information to a word document so I could get around easier when on the network. (nothing sensitive to shipping, or vendors, but passwords, links to onion sites and such) After doing some thorough research, I now realize this was a poor idea- as now this information is written into my hard drive. I deleted the file, however it probably still exists somewhere on my computer.
I've been reading that I can overwrite my hard drive, erasing any potentially incriminating information. I've also read that this can bring some negative outcomes.
Anyone have any advice on this? Should I do it for security's sake, or just chill the fudge out? 8) Thanks!
-
Yes, if you want to remove all evidence of the file, a full disk wipe is the only (reasonably) secure method.
Use DBAN http://dban.org
Then set up full disk encryption or use an encrypted thumb drive to store sensitive files.
-
Astor is of course correct, and I don't want to sound like the devil's advocate... that being said, unless you plan on saving a bunch more incriminating word documents and whatnot, it's not really worth the effort of reformatting your whole hdd I would actually focus on setting up an encrypted live usb or something so that you aren't shitting where you eat so to speak. Fuck the tor browser bundle and all that.
-
Yes, if you want to remove all evidence of the file, a full disk wipe is the only (reasonably) secure method.
Use DBAN http://dban.org
Then set up full disk encryption or use an encrypted thumb drive to store sensitive files.
thanks for the help. cheers.
-
manually destroy it. they are so cheap nowadays.
-
manually destroy it. they are so cheap nowadays.
You could also dban and sell it on Craigslist. Nobody on there is going to have the tech to recover anything, and then you'll get a few bucks back. Throw it in an external enclosure and it'll sell quick.
-
You don't say what operating system you're using. If you've got linux there's no need to use Disk Boot and Nuke (DBAN) as there is a shred command built in which can overwrite any file or disk with other characters (eg bdebde, 111111, 4h34h3) as many times as you like.
For those using linux who're interested you can check if its included in your distro bu going to the terminal & typing 'which shred'
(without the ')
If it isn't do 'apt-get install coreutils' which will install it. Then to run it:
'sudo shred -vfz -n 5 /dev/sda'
if you want to write data over your entire hard drive (sda) 5 times then do another overwrite of zeroes. the number after -n is the number of passes of random data. z means do the last pass with zeroes. f forces it to ignore any required permissions & overwrite anything, & -v gives you a as it happens %done commentary.
-
You don't say what operating system you're using. If you've got linux there's no need to use Disk Boot and Nuke (DBAN) as there is a shred command built in which can overwrite any file or disk with other characters (eg bdebde, 111111, 4h34h3) as many times as you like.
For those using linux who're interested you can check if its included in your distro bu going to the terminal & typing 'which shred'
(without the ')
If it isn't do 'apt-get install coreutils' which will install it. Then to run it:
'sudo shred -vfz -n 5 /dev/sda'
if you want to write data over your entire hard drive (sda) 5 times then do another overwrite of zeroes. the number after -n is the number of passes of random data. z means do the last pass with zeroes. f forces it to ignore any required permissions & overwrite anything, & -v gives you a as it happens %done commentary.
Awesome tip.. +1 yo!
-
manually destroy it. they are so cheap nowadays.
Bad advice , you might as well just overwrite it and save the money, plus unless you completely destroy the platter by like melting it or some such they can still recover data from even severely damaged drives.
Use ATA Secure Erase, it is the golden standard for wiping drives.
-
Thank you all for the advice. I don't want to destroy my computer.
On a similar note- if I were to Dban it or to wipe my HD, does it selectively erase files? How does this effect programs (such as Tor) that are installed on my computer? Is everything erased if I do this?
Thanks again... I appreciate the help!
-
If you use DBAN or otherwise wipe your hard disk it will wipe everything & you'll be left with the bootstrap loader & a completely clear hard disk.
Bootstrap loader is a small DOS program which loads up a new operating system from disk/usb/etc.
Be clear if you shred or DBAN your hard disk everything will be overwritten: windows operating system, TOR, any other programs or files you have. These will be lost forever. That's why it's important to backup anything you want to keep.
-
If you use DBAN or otherwise wipe your hard disk it will wipe everything & you'll be left with the bootstrap loader & a completely clear hard disk.
Bootstrap loader is a small DOS program which loads up a new operating system from disk/usb/etc.
Be clear if you shred or DBAN your hard disk everything will be overwritten: windows operating system, TOR, any other programs or files you have. These will be lost forever. That's why it's important to backup anything you want to keep.
Yeah, that's why I initially proposed that a wipe may be extreme.. If the op didn't know the extent of a hdd wipe then reinstalling and configuring his machine is likely to be a laborious project for him. Idk, its a deleted word document.. I think it will be ok for now, at least until his skills improve.
-
You don't say what operating system you're using. If you've got linux there's no need to use Disk Boot and Nuke (DBAN) as there is a shred command built in which can overwrite any file or disk with other characters (eg bdebde, 111111, 4h34h3) as many times as you like.
For those using linux who're interested you can check if its included in your distro bu going to the terminal & typing 'which shred'
(without the ')
If it isn't do 'apt-get install coreutils' which will install it. Then to run it:
'sudo shred -vfz -n 5 /dev/sda'
if you want to write data over your entire hard drive (sda) 5 times then do another overwrite of zeroes. the number after -n is the number of passes of random data. z means do the last pass with zeroes. f forces it to ignore any required permissions & overwrite anything, & -v gives you a as it happens %done commentary.
+1!!!!
-
There's two parts to this. 1) Delete only removes the file system reference (Not the Data) 2) Even overwritten data can be forensically retrieved. They literally will go in and imagine the magnetic take to see the composite image of everything you wrote to that bit (read about for a murder case... so).
So you need a secure delete method from now on (Eraser for windows), and you need to either start over and mentioned already OR you can try to find the deleted file or wipe Free Space on the drive you used (CCleaner). I'm assuming you are using Windows so you should download, rtfm, and install: Eraser, CCleaner, and TrueCrypt. This way you wont have to reformat (although that is the most secure option).
I used to have a program that could find partial files and recover them... you could find a similar program and recover, then secure delete.
-
There's two parts to this. 1) Delete only removes the file system reference (Not the Data) 2) Even overwritten data can be forensically retrieved. They literally will go in and imagine the magnetic take to see the composite image of everything you wrote to that bit (read about for a murder case... so).
So you need a secure delete method from now on (Eraser for windows), and you need to either start over and mentioned already OR you can try to find the deleted file or wipe Free Space on the drive you used (CCleaner). I'm assuming you are using Windows so you should download, rtfm, and install: Eraser, CCleaner, and TrueCrypt. This way you wont have to reformat (although that is the most secure option).
I used to have a program that could find partial files and recover them... you could find a similar program and recover, then secure delete.
Thank you. Link to CCleaner?
-
if in linux,
sudo hdparm
might be worth looking into...
not sure the same commands in windows, sure its similar.
According to National Institute of Standards and Technology (NIST) Special Publication 800-88: Guidelines for Media Sanitization, Secure Erase is "An overwrite technology using firmware based process to overwrite a hard drive. Is a drive command defined in the ANSI ATA and SCSI disk drive interface specifications, which runs inside drive hardware. It completes in about 1/8 the time of 5220 block erasure." The guidelines also state that "degaussing and executing the firmware Secure Erase command (for ATA drives only) are acceptable methods for purging."
you can fuck up the drive permanently with hdparm commands be careful :)
hdparm is for secure erase command for those who dont know : /
-
Thank you. Link to CCleaner?
Instead of using snake oil tools for windows ( http://en.wikipedia.org/wiki/Snake_oil_(cryptography) ) you could also use this:
Quit all programs.
Click Start, click Run, type cmd, and then press ENTER.
Type cipher /w:driveletter:\foldername, and then press ENTER. Specify the drive and the folder that identifies the volume that contains the deleted data that you want to overwrite. Data that is not allocated to files or folders will be overwritten. This permanently removes the data. This can take a long time if you are overwriting a large space.
http://support.microsoft.com/kb/315672
But i would prefer dban! http://www.dban.org/download