Silk Road forums
Discussion => Security => Topic started by: Emeraldshop on October 08, 2012, 10:57 pm
-
I use a computer just for business purposes, and I have it's drive fully encrypted with Symantec's pgp desktop.
The question is... in case the police one day broke into my home, would they be able to discover the files inside, and use them against me in trial, or it's impossible to recover them if you don't know the password?
Another one: For a while, I used my personal computer for business purposes which I tried to keep relatively clean, erasing all the files involved with business. Is this enough, or should I fully format it, and shred the free space?
Thanks!!
-
I am not a fan of any encryption software that you pay for, open source, use true crypt it does the same thing,
Regardless, if you use pgp encryption with 1024 bit min., you are safe- just make sure you dont use a damn simple bullshit passwrd.
Also remember, if they REALLY want you, they will spend the years and millions to get you. ;)
-
<removed>
-
I use a computer just for business purposes, and I have it's drive fully encrypted with Symantec's pgp desktop.
The question is... in case the police one day broke into my home, would they be able to discover the files inside, and use them against me in trial, or it's impossible to recover them if you don't know the password?
Another one: For a while, I used my personal computer for business purposes which I tried to keep relatively clean, erasing all the files involved with business. Is this enough, or should I fully format it, and shred the free space?
Thanks!!
I wouldn't trust any commercial software, especially from people like Symatec who have regular buttsecks with governments (You do know they handle a lot of security for the Pentagon right?). They could have inserted a backdoor to the encryption for all we know so Open Source is the way to go, using TrueCrypt's is the best example.
TrueCrypt using AES to secure the whole drive is usually enough so long as you use a long enough password, of which I'd recommend using 16 characters at least as that has at least 44,012,666,865,176,569,775,543,212,890,625 possible combinations which even using a supercomputer (Class F brute force attack - highest classification), would take hundreds of years to solve. When formatting with TrueCrypt you have the option to shred all free space whilst it encrypts, I used the Gutman method (35 passes) which took about 3 weeks to complete running in the background but I know it is a complete overkill and releases some paranoia (At the moment, 3 passes is considered enough to leave forensics unable to retrieve data). So using AES, a strong password (I recently changed to using a 31 character password consisting of random numbers, letters and symbols) and wiping all the space as the drive is encrypted should be enough. Just remember to turn off your computer so anything in the RAM is erased and the password cannot be retrieved.
Following you took that advice and kept overall good security (ie, avoiding keyloggers on your keyboard or people filming you type your password), it should be virtually impenetrable unless you fully comply with them and give them the decryption key.
How can I give +? Cause thats perfect advice!
-
<removed>
-
How can I give +? Cause thats perfect advice!
Got to have at least 100 posts before you can give karma points :( You're stalking my posts :P ::)
Nah your stalking mine...lulz check above
-
<removed>
-
Use FRN's - never the same serial number, combine any or all of the various numbers letters and more on the bill, make it a small bill- keep in wallet with other bills- DONT spend, but dont mark it in any obvious way either.
Backup passwrds etc., in a true crypt file- I use a min 100+ passwrds at any given moment, and would never remember all.
Better to use one-two for an encrypted file on truecrypt and a back up microdisk in a safe location (NOT your freezer dumbass) than to only use one psswrd or multiples and forget one.
-
It all depends on how secure your life is, do you tell everyone in rl that you deal or buy online...;) if so- encryption aint shit- all they gotta do is get that girl you had your eye on to roll around with you and get your passwrds ;)
-
<removed>
-
As to the original question, full disk encryption isn't enough because they know you're using encryption, they might be able to compel you to disclose your keys. You need truecrypts hidden os as well, then they can't prove it exists, and you can safely give them the keys to your fde.
-
I use a computer just for business purposes, and I have it's drive fully encrypted with Symantec's pgp desktop.
The question is... in case the police one day broke into my home, would they be able to discover the files inside, and use them against me in trial, or it's impossible to recover them if you don't know the password?
The best real world test of PGP's desktop encryption was a few years ago, with the case of Sebastien Boucher. Boucher was a French Canadian who lived with his father in Vermont. They were crossing over from Quebec to Vermont, when a Customs and Border Protection (CBP) agent noticed a laptop on the back seat of the truck. The laptop was powered up (it had been hibernated, as opposed to shut down). The agent noticed that there was a drive Z with a fiar bit or porn on it, some of which appeared to be child pornography. Boucher was read his rights, and the laptop was seized. Some time later the laptop was powered down completely, and later submitted for examination by a CBP forensic examiner. It was at this time that they realized that the drive Z was actually a PGP Desktop encrypted volume, and was inaccessible without a passphrase. Boucher was asked for the passphrse, and refused to provide it. The Feds hammered away at that volume for between a year and a half and two years, without any success whatsoever.
For more details see the Wikipedia page on Sebastien Boucher. https://en.wikipedia.org/wiki/In_re_Boucher
Another one: For a while, I used my personal computer for business purposes which I tried to keep relatively clean, erasing all the files involved with business. Is this enough, or should I fully format it, and shred the free space?
Thanks!!
If you're really worried about being raided, you should DBAN the drive. Formatting alone isn't enough. http://www.dban.org/
-
I use a computer just for business purposes, and I have it's drive fully encrypted with Symantec's pgp desktop.
The question is... in case the police one day broke into my home, would they be able to discover the files inside, and use them against me in trial, or it's impossible to recover them if you don't know the password?
Another one: For a while, I used my personal computer for business purposes which I tried to keep relatively clean, erasing all the files involved with business. Is this enough, or should I fully format it, and shred the free space?
Thanks!!
I wouldn't trust any commercial software, especially from people like Symatec who have regular buttsecks with governments (You do know they handle a lot of security for the Pentagon right?). They could have inserted a backdoor to the encryption for all we know so Open Source is the way to go, using TrueCrypt's is the best example.
TrueCrypt using AES to secure the whole drive is usually enough so long as you use a long enough password, of which I'd recommend using 16 characters at least as that has at least 44,012,666,865,176,569,775,543,212,890,625 possible combinations which even using a supercomputer (Class F brute force attack - highest classification), would take hundreds of years to solve. When formatting with TrueCrypt you have the option to shred all free space whilst it encrypts, I used the Gutman method (35 passes) which took about 3 weeks to complete running in the background but I know it is a complete overkill and releases some paranoia (At the moment, 3 passes is considered enough to leave forensics unable to retrieve data). So using AES, a strong password (I recently changed to using a 31 character password consisting of random numbers, letters and symbols) and wiping all the space as the drive is encrypted should be enough. Just remember to turn off your computer so anything in the RAM is erased and the password cannot be retrieved.
Following you took that advice and kept overall good security (ie, avoiding keyloggers on your keyboard or people filming you type your password), it should be virtually impenetrable unless you fully comply with them and give them the decryption key.
Thanks for the advice!
I use a computer just for business purposes, and I have it's drive fully encrypted with Symantec's pgp desktop.
The question is... in case the police one day broke into my home, would they be able to discover the files inside, and use them against me in trial, or it's impossible to recover them if you don't know the password?
The best real world test of PGP's desktop encryption was a few years ago, with the case of Sebastien Boucher. Boucher was a French Canadian who lived with his father in Vermont. They were crossing over from Quebec to Vermont, when a Customs and Border Protection (CBP) agent noticed a laptop on the back seat of the truck. The laptop was powered up (it had been hibernated, as opposed to shut down). The agent noticed that there was a drive Z with a fiar bit or porn on it, some of which appeared to be child pornography. Boucher was read his rights, and the laptop was seized. Some time later the laptop was powered down completely, and later submitted for examination by a CBP forensic examiner. It was at this time that they realized that the drive Z was actually a PGP Desktop encrypted volume, and was inaccessible without a passphrase. Boucher was asked for the passphrse, and refused to provide it. The Feds hammered away at that volume for between a year and a half and two years, without any success whatsoever.
For more details see the Wikipedia page on Sebastien Boucher. https://en.wikipedia.org/wiki/In_re_Boucher
Another one: For a while, I used my personal computer for business purposes which I tried to keep relatively clean, erasing all the files involved with business. Is this enough, or should I fully format it, and shred the free space?
Thanks!!
If you're really worried about being raided, you should DBAN the drive. Formatting alone isn't enough. http://www.dban.org/
Interesting case... it looks like we finally give away the password and was convicted.
-
Lesson 1 - when crossing international lines, NEVER show the BP your porn
Lesson 2 - NEVER create a separate drive-
Lesson 3 - use security that you cannot remember, and that relies on external cues that can be easily destroyed.
Lesson 4 - Dont deal in child porn its gross and if your already doing drugs...why?
Lesson 5 - Canada Ay'
-
Interesting case... it looks like we finally give away the password and was convicted.
Yes, he was eventually forced to divulge his passphrase and was convicted. The reason why he was forced to give up his passphrase hinges on the particular facts of the case. Because the laptop was never shutdown all the way, but rather was hibernated, the encrypted volume was never closed and dismounted. All that it took for the customs officer to see the contents of the encrypted drive (drive Z) was for them to resume the laptop from its hibernated state.
As soon as the customs officer did that, they went into drive Z and observed the contraband materials. After the laptop was shutdown, the encrypted volume was closed and dismounted; another customs officer was later unable to open it.
The problem with Boucher asserting a 5th Amendment defense in this particular case is that the Customs officer had already observed the contraband on the encrypted volume. This meant that he government already knew there was contraband on the machine, thus Boucher's right not to incriminate himself failed, because the result was a foregone conclusion -- he had already effectively incriminated himself when the officer saw the contraband.
If, on the other hand, Boucher had shut the laptop down completely, and the encrypted drive volume was closed and dismounted, then he would have been in a much stronger position to assert his 5th Amendment rights. In that case, the government would not have been able to prove the existence of contraband; the government could suspect the existence of contraband, but they could not prove it, and under the 5th Amendment, Boucher could have validly invoked his right to refuse to incriminate himself.
Boucher's problem with invoking the 5th lay in that the government had already seen the contraband that he was invoking his 5th Amendment right over to prevent the government from seeing, thus bringing in the legal doctrine of "foregone conclusion".
For our purposes here, the essential lesson to take away is that the government couldn't crack the encrypted drive in almost two years of effort.
-
always create a container layer, its easy, first you truecrypt your whole drive with boot pw, then create a container called whatever container.exe , and make it 50mb, then in that container create another container that has all the good shit. truecrypt also has a setup for making like two partitiions or something, if you get set it up right then yeah its enough to be secure that your pc cant be cracked. now worry about how you are connecting to sr :)
-
always create a container layer, its easy, first you truecrypt your whole drive with boot pw, then create a container called whatever container.exe , and make it 50mb, then in that container create another container that has all the good shit. truecrypt also has a setup for making like two partitiions or something, if you get set it up right then yeah its enough to be secure that your pc cant be cracked. now worry about how you are connecting to sr :)
Connections - use directional antennas and sub on others wifi- or, hack the local trunk - better yet, do what I do- use multiple layers and rotate regularly. Sure it is slow, and you cant watch videos but- its safe, far safer than most.