Silk Road forums
Discussion => Security => Topic started by: HeatFireFlame on June 07, 2013, 02:17 pm
-
Hi all, So im getting a new laptop soon. Need some advice on how to set it up from scratch for total anonymity. Now im pretty good with security just no expert.
Il have a USB with tails and a persistent volume. Im going to have Linux as the operating system. Of course the latest tor package. Is there anything else anyone can add to this that would be great for security. I always use PGP encryption etc as well just for the record.
Just wondering if there would be anything i should/could do seeing as the laptop will be completely clean and brand new before i start using it for SR stuff. The way i have it already is fine on this, but i want to make it extra secure if possible.
thanks all =D
-
Full disk encryption, custom Whonix.
-
Full disk encryption, custom Whonix.
I agree, whonix over a clean OS is the safest way to go.. You can safely open PDFs too without nobody ever being able to know your IP. TAILS is good because of it's "amnesiac" properties but whonix is safer if you use it right but it's a little more complicated.
-
I would get a SSD with full disk encryption, Thunderbird with Enigmail for pgp secured email communications,I2P (Invisible Internet Project), Tor, and the proxychains open source software packages. TrueCrypt and GNUPG for encryption.
-
Hi all, So im getting a new laptop soon. Need some advice on how to set it up from scratch for total anonymity. Now im pretty good with security just no expert.
Il have a USB with tails and a persistent volume. Im going to have Linux as the operating system. Of course the latest tor package. Is there anything else anyone can add to this that would be great for security. I always use PGP encryption etc as well just for the record.
Just wondering if there would be anything i should/could do seeing as the laptop will be completely clean and brand new before i start using it for SR stuff. The way i have it already is fine on this, but i want to make it extra secure if possible.
thanks all =D
Remove the hard disk prior to booting up the 1st time and boot to a TAIL's via CD/USB.
Ideal SR machine has no HD. Probably overkill for a buyer. Highly advisable for vendors.
-
Full disk encryption, custom Whonix.
I agree, whonix over a clean OS is the safest way to go.. You can safely open PDFs too without nobody ever being able to know your IP. TAILS is good because of it's "amnesiac" properties but whonix is safer if you use it right but it's a little more complicated.
Ok, any step by step's or tutorials you know of that are decent?
I would get a SSD with full disk encryption, Thunderbird with Enigmail for pgp secured email communications,I2P (Invisible Internet Project), Tor, and the proxychains open source software packages. TrueCrypt and GNUPG for encryption.
great idea, might need a little help with the SSD with full disk encryption. if you could enlighten me a bit it would be great.
Proxychains? I was under the impression you didn't really need proxychains software when using tor? Definetely going with truecrypt and GNUPG anyway.
Full disk encryption, custom Whonix.
what do you mean custom whonix? what should i customize?
Hi all, So im getting a new laptop soon. Need some advice on how to set it up from scratch for total anonymity. Now im pretty good with security just no expert.
Il have a USB with tails and a persistent volume. Im going to have Linux as the operating system. Of course the latest tor package. Is there anything else anyone can add to this that would be great for security. I always use PGP encryption etc as well just for the record.
Just wondering if there would be anything i should/could do seeing as the laptop will be completely clean and brand new before i start using it for SR stuff. The way i have it already is fine on this, but i want to make it extra secure if possible.
thanks all =D
Remove the hard disk prior to booting up the 1st time and boot to a TAIL's via CD/USB.
Ideal SR machine has no HD. Probably overkill for a buyer. Highly advisable for vendors.
it isnt just for SR so i would probably need the HD, However i would be defo booting up tor from tails on a usb when possible. Im npot really a bulk buyer or anything so it probably is a tad overkill.
Thanks everyone for all your advice great help!
-
probably goes without saying but no tor or sr from your own personal isp/ip...
-
You can find a tutorial on whonix here : www.sourceforge.net/projects/whonix/ it's also where you download it. Everything on how to customize it is said there but it's really long so it will take some time. There's also really good security guideline there that aren't specific to whonix.
I would get a SSD with full disk encryption, Thunderbird with Enigmail for pgp secured email communications,I2P (Invisible Internet Project), Tor, and the proxychains open source software packages. TrueCrypt and GNUPG for encryption.
I don't really know why an SSD is more secure than an HDD, from what I've heard you should encrypt your SSD as soon as you start using it because it's not possible to completely erase anything from an SSD, even if you use the gutmann method, so that would make it less secure. If you encrypt it as soon as you have it, why would it be more secure?
-
Does anyone know about how virtual box and/or whonix uses swap space? I ask because I think this might be an issue for machines with the hard disk still connected. On a linux host you could run sudo swapoff -a and again on whonix but I'm not sure this would entirely stop whonix.
tree, I think it would think that it is because once encrypted a single pass overwrite would mean that all that could be recovered was encrypted garbage (since used and empty space is indistinguishable). That seems inarticulate but I personally blame the late hour (and possibly the tail end of the ketamine....). I'll try to tidy it up tomorrow.
-
Hi all, So im getting a new laptop soon. Need some advice on how to set it up from scratch for total anonymity. Now im pretty good with security just no expert.
Il have a USB with tails and a persistent volume. Im going to have Linux as the operating system. Of course the latest tor package. Is there anything else anyone can add to this that would be great for security. I always use PGP encryption etc as well just for the record.
Just wondering if there would be anything i should/could do seeing as the laptop will be completely clean and brand new before i start using it for SR stuff. The way i have it already is fine on this, but i want to make it extra secure if possible.
thanks all =D
Remove the hard disk prior to booting up the 1st time and boot to a TAIL's via CD/USB.
Ideal SR machine has no HD. Probably overkill for a buyer. Highly advisable for vendors.
Fucking brilliant!
-
Setup Ubuntu with FDE, and have all your data secondarily encrypted using TrueCrypt.
For your internet buy a burner phone that you can tether to the computer so even your internet provider doesn't know who you are, or use a wireless dongle brought with cash. For secondary protection use a privateinternetaccess VPN for all Clearnet browsing. Use Whonix for anything related to Silk Road.
I recommend using Gpg4Usb for your PGP encryption on Ubuntu as it's simple to set up and use.
-
If you want to have some fun and maximum security, try Qubes OS. http://www.qubes-os.org
-
Full disk encryption, custom Whonix.
I agree, whonix over a clean OS is the safest way to go.. You can safely open PDFs too without nobody ever being able to know your IP. TAILS is good because of it's "amnesiac" properties but whonix is safer if you use it right but it's a little more complicated.
Ok, any step by step's or tutorials you know of that are decent?
http://dkn255hz262ypmii.onion/index.php?topic=161335.msg1198271
Custom as in using other than the default OS for the workstation. Personal preference mostly.
-
Use Tails liveDVD.
-
Thanks everyone, sorry i didnt write back sooner had some issues IRL to deal with over the last couple of days.
some really great ideas and i appreciate you all helping out. Laptop is ordered anyway and should be here within a week or so, not sure though as postage is never truly reliable.
When it does get here il basically post a recap of what im going to do and let you all know , it would be great if someone said "yeah thats what to do" or "no heres why not to do it" type thing.
Il be sure to start checking out all the links you have provided around now so that im prepared type thing. Cheers all speak soon
Hff
-
subbed