Silk Road forums
Discussion => Security => Topic started by: P2P on May 20, 2013, 03:43 am
-
I am wondering how I can delete documents that are within an encrypted partition (truecrypt). I've been putting this off but after recently updating Tor I'm realizing eventually I'm going to need to figure something out (each update being ~30mb a piece, and my partition is not too big). I was thinking of maybe having a separate encrypted partition that could be a sort of "trash can" for the encrypted partition I use. No sensitive documents would be placed in the trash partition, and once it was used up I would destroy it. Now this is just my own personal idea, but I'm sure there must be a better way. If anyone can enlighten me on this, please do, because I know a lot of users on here use an encrypted USB, so I'm sure some of you have gone through and figured out what I am trying to figure out right now.
Sincerely,
P2P
-
Are you worried that when you "delete" the files with your file manager, they will be moved to the trash, where they won't be encrypted?
In Windows XP you can right click on the Trash can and choose to delete immediately, so I'm sure you can do it on other versions of Windows.
Then delete the files and turn the Trash feature back on if you want.
-
If you're using Linux and a non-journaling filesystem (ext2) on a disk without wear-leveling (a standard hard drive with spinning disk platters), which is what you should be using if you require secure delete, you can use the "shred" command from the command line. Type shred, drop your file into the console and press return, your file will be overwritten with random noise a bunch of times and you can then rename it then delete it. Good luck recovering that!
If not then you need to delete the file then fill up the disk with junk, ensuring the data has been overwritten. If you're on a USB flash disk or SSD drive and the disk fails or a sector goes bad while this is happening, there's a chance that a part of your file will be left there forever and can be recovered in a forensics lab. The only way to securely delete the file in this case is to destroy the media, but if you're not James Bond or a terrorist your attackers most likely can't afford a proper forensics lab.
If you're using Linux then I recommend BleachBit to fill the disk with junk, not sure what Windows users use, but the same concept applies: delete file, empty trash, overwrite "empty" space on disk with junk data.
Finally, if you encrypted this file on a per-file basis with a long enough password, you could just forget the password!
-
Simply hold down the Shift key when deleting a file. After you press the Yes button to confirm the deletion, you can release Shift. That's it. Instant delete, which bypasses the Recycle Bin.
You're welcome. ;)
-
Simply hold down the Shift key when deleting a file. After you press the Yes button to confirm the deletion, you can release Shift. That's it. Instant delete, which bypasses the Recycle Bin.
You're welcome. ;)
For the record this removes the file from all directories and marks the space it occupies as ready to be recycled, it doesn't overwrite the file data itself. The file data can easily be recovered if you have an undelete program and the password to the encrypted disk.
-
Who cares? It's encrypted. TrueCrypt uses only the best algorithms, with AES-256 as standard. If the passphrase is long enough, then a usable recovery by LE or anyone else is impossible after deletion. They'll just end up with scrambled garbage.
-
Use a file wiper. Bruce Shneier scheme is plenty. Use Gutmann if you're paranoid.
-
Who cares? It's encrypted. TrueCrypt uses only the best algorithms, with AES-256 as standard. If the passphrase is long enough, then a usable recovery by LE or anyone else is impossible after deletion. They'll just end up with scrambled garbage.
I was wondering why everyone was suggesting to simply delete it, thinking I didn't make myself 100% clear, until I saw this. So even if you delete a file in an encrypted partition as you would a normal file (making sure to bypass the trash can), it is still encrypted? I was always taught if you delete something on a comp you may as well have had it on your desktop to begin with, since it can always be recovered unless it's fully overwritten.
Is the idea here that if I place a file in an encrypted partition, it is itself encrypted, and therefore, when it is deleted, remains encrypted even when recovered by forensics? I'm no comp guru, but I thought the idea was that the PARTITION was encrypted, not necessarily the files themselves (otherwise you'd have a password to open each file, no?). Am I missing something? Is it that when you delete a file on a partition, bypassing the comp's trash can, it does not make an impression on the comp's harddrive, but rather an impression (ones and zeros, protons and electrons, whatever it may be) remains on the encrypted partition, not the computer (assuming the trash can is bypassed)?
This just doesn't seem to hold water when I think about the fact that I'm USING THE OS of my comp to delete this file. I keep feeling the OS must, when it is given the command to delete something, even if the trash can is bypassed, leave some sort of impression of the file on the hard drive. Please, if anyone can explain this to me; I need to know, 100%, that simply deleting a file on an encrypted partition (not encrypted files, as far as I know), will only leave an impression on the encrypted partition (which is encrypted, so no big deal), and NOT the hard drive. This is extremely important, so if you could cite references for any claims, please do not hesitate.
-
Is the idea here that if I place a file in an encrypted partition, it is itself encrypted, and therefore, when it is deleted, remains encrypted even when recovered by forensics?
Yes. That's exactly right... but you have to be aware that unencrypted versions of those same files may be elsewhere on your system, such as in your RAM or in your virtual memory (swap file). That's why whole disk encryption is highly recommended if you want to be safe. See the clearnet links here:
http://security.stackexchange.com/questions/32453/single-file-encryption-in-a-windows-environment/32461#32461
http://www.truecrypt.org/docs/?s=security-model
-
More from the TrueCrypt FAQ:
http://www.truecrypt.org/faq
Do I have to "wipe" free space and/or files on a TrueCrypt volume?
Remark: to "wipe" = to securely erase; to overwrite sensitive data in order to render them unrecoverable.
If you believe that an adversary will be able to decrypt the volume (for example that he will make you reveal the password), then the answer is yes. Otherwise, it is not necessary, because the volume is entirely encrypted.
Also see this hacker's perspective:
http://www.rationallyparanoid.com/articles/truecrypt-sleuth.pdf
And this thread:
http://superuser.com/questions/15048/does-using-truecrypt-makes-file-shredding-tools-obsolete
*Clearnet warning for all the links in this post
-
If an adversary can decrypt your encrypted volume, then you're already screwed, and if you're operating under the assumption that your encrypted volume can/will be decrypted, it's pointless to use an encrypted volume. Then you're no better off than people who try to shred individual files.
-
If an adversary can decrypt your encrypted volume, then you're already screwed, and if you're operating under the assumption that your encrypted volume can/will be decrypted, it's pointless to use an encrypted volume. Then you're no better off than people who try to shred individual files.
Maybe, but it depends on what you're hiding and who you're protecting yourself from. In the USA you're okay to refuse to hand over the encryption keys and drugs are a huge deal, a felony makes you an outcast etc. Here in the UK nobody gives a fuck about drugs but you can get 2 years for not handing over your password when asked, plus background checks for jobs are interested in crimes of dishonesty.
So as a Briton if you keep all your drugs stuff on an encrypted drive but at some point there was also some evidence that you did some white collar crime like fraud, then jail for not giving up your password is more important than a police caution for receiving drugs in the post, but neither are as important as getting time for fraud and/or becoming unemployable. So in that case you'd want to shred files relating to crimes of dishonesty just in case your disk was seized as part of a police investigation.
-
Then what I would do is create a new encrypted volume, copy the files you want to keep into it, and destroy the first encrypted volume by writing over the first few megabytes, destroying the decryption key. And from now on, use separate encrypted volumes for different things.
That's not a perfect solution, because the hard drive may have been defragmented, leaving other copies of the encrypted file in other locations, but I doubt LE is going to forensically analyze the free space of a small time drug user/dealer. That takes a lot of time and costs money. Bradley Manning, yes. A low level drug buyer, no.
-
Things have been going to hell in America since the 90's, but the UK has got that beat by at least a decade.
The Police and Criminal Evidence Act of 1984 demonized the Right to Silence. Even in the US- even in cases of TERRORISM (!!!)- the accused has the right to remain silent and that right may never be used against them. It's been completely the opposite in the UK for nearly 30 years now.
It gets worse. The Criminal Justice Act of 1987 granted the Serious Fraud Office powers to completely deny a person their Right to Silence. This applies to money laundering, tax evasion/avoidance/fraud, terrorism and really whatever the government decides to label as "fraud" or "terrorism".
The real fucking cherry on top of all this came in 2000 when the Regulation of Investigatory Powers Act criminalized the failure to disclose passphrases to encrypted data. Instant 2 year prison term if you don't get down on your knees and comply.
As bad as things have gotten over here, I sure am glad I don't live in the UK. No guns, no right to remain silent, and tens of thousands of cameras watching your every move. I definitely feel sorry for Britons. Still, I have the feeling that the cameras will make their way over here >:(
Maybe, but it depends on what you're hiding and who you're protecting yourself from. In the USA you're okay to refuse to hand over the encryption keys and drugs are a huge deal, a felony makes you an outcast etc. Here in the UK nobody gives a fuck about drugs but you can get 2 years for not handing over your password when asked, plus background checks for jobs are interested in crimes of dishonesty.
So as a Briton if you keep all your drugs stuff on an encrypted drive but at some point there was also some evidence that you did some white collar crime like fraud, then jail for not giving up your password is more important than a police caution for receiving drugs in the post, but neither are as important as getting time for fraud and/or becoming unemployable. So in that case you'd want to shred files relating to crimes of dishonesty just in case your disk was seized as part of a police investigation.
-
Baraka - Is file shredding needed, then? According to that thread you posted, it is. But I don't know if there is any difference between that and simply deleting an encrypted file. Please enlighten me if you would.
As far as encrypting the system partition I agree, and it's actually something I've been meaning to get around to. However, I just tried it on truecrypt and I got an error message saying that encrypting the system is not recommended, and I should just encrypt the OS instead. I literally had no idea what it was saying as far as its rationale for this decision, but I will post up the error message shortly (I can't be running truecrypt to create a new volume, i.e. I can't be on tor). I believe it had to do with recovery files or something of that nature. I had no idea what it was saying - this is not my area of expertise (very unfortunately).
Also, I was wondering if encrypting the system partition really does encrypt the RAM as well? Or is it just the hard drive? I definitely need RAM encryption for sure. And another question regarding RAM - once the computer is shut off, is that the equivalent of deleting the encrypted files stored in the comp''s RAM?
Thanks for all your help thus far.
-
You should definitely shred files you are no longer using, even if they are encrypted. If you use an encrypted volume, the non-shredded files can still be recovered even after they are deleted, if the volume is mounted when you are attacked. Shredding files removes them entirely, and they can no longer be recovered even if the attacker gets you with the encrypted volume mounted. In the case of singly encrypted files, shredding them removes your ability to decrypt them if you are court ordered to do so, whereas if they are not shredded you could face being held in contempt of court for not decrypting them.
-
I just tried to encrypt my whole disk with truecrypt and was given the following error message:
Your system drive contains a non-standard partition
If you are using a notebook, your system drive probably contains a special
recovery partition. After the whole system drive is encrypted (including any
recovery partition), your system might become unbootable if your computer is
using an inappropriately designed BIOS. It would also be impossible to use any
recovery partition until the system drive is decrypted. Therefore, we
recommend that you encrypt only the system partition.
Do you want to encrypt the system partition instead of the entire drive?
Note that you can create partition-hosted TrueCrypt volumes within any
non-system partitions on the drive (in addition to encrypting the system
partition).
---------------------------------------------------------------------------------------------------
Can anyone explain what this means? Should I still go ahead and encrypt? It does give me the option to do so. But a very important part of this is to encrypt the RAM, and I don't think just encrypting the OS would also encrypt the RAM (as far as I know). Any guidance on this would be appreciated.