Silk Road forums

Discussion => Security => Topic started by: spindoctor on September 07, 2012, 01:11 pm

Title: USB - USB security question
Post by: spindoctor on September 07, 2012, 01:11 pm
Here's one for you..... I want to move my TOR folder, and all associated bookmarks and various useful files I've picked up on the way, over to a new USB drive as the other one is a bit flakey. If I use Windows 7 to copy the files USB to USB, will it just use memory as it copies, or will it use the hard drive to store files as it goes?

Hope that makes sense, thanks :)
Title: Re: USB - USB security question
Post by: spindoctor on September 07, 2012, 09:49 pm
Well for one you shouldnt be storing bookmarks.  Its gonna be kinda hard to deny anything when you have all of the sites bookmarked.

If you must, at least encrypt the disk on which they are on.  i would even go as far as encrypting a hidden volume and then encrypting the entire disk also.

I use truecrypt on the old USB stick, and will be creating a new encrypted volume on the new disc. I'm not involved in anything other than buying the occasional gram of coke, so I'm just being reasonably cautious. If the police get to the stage where they somehow find my pen drive for info, I will be impressed how much work they do for so little reward! But I just feel I need to take at least the basic precautions. And I certainly don't want any files on my HD.

Like I said, that's why I need to know if copying files from USB to USB would leave any info on the PC. Or would it just use RAM during the copying procedure without touching the hard drive? I'd rather have my TOR etc on a hidden USB stick, than written onto on my PC's HD during cache or something.

Any ideas?
Title: Re: USB - USB security question
Post by: painbow on September 07, 2012, 10:11 pm
I use truecrypt on the old USB stick, and will be creating a new encrypted volume on the new disc. I'm not involved in anything other than buying the occasional gram of coke, so I'm just being reasonably cautious. If the police get to the stage where they somehow find my pen drive for info, I will be impressed how much work they do for so little reward! But I just feel I need to take at least the basic precautions. And I certainly don't want any files on my HD.


So you have TrueCrypt installed on your computer but created a partition on your USB?
Title: Re: USB - USB security question
Post by: spindoctor on September 08, 2012, 12:30 pm
I use truecrypt on the old USB stick, and will be creating a new encrypted volume on the new disc. I'm not involved in anything other than buying the occasional gram of coke, so I'm just being reasonably cautious. If the police get to the stage where they somehow find my pen drive for info, I will be impressed how much work they do for so little reward! But I just feel I need to take at least the basic precautions. And I certainly don't want any files on my HD.


So you have TrueCrypt installed on your computer but created a partition on your USB?

No, I now just have truecrypt installed on the USB as a traveler disc.

But really none of that matters, I just want to know if I use windows 7 to copy files from one USB to another directly, will it leave anything on the Windows hard drive? Will it cache to the hard drive as it copies, or does it just use RAM as I suspect?

I have a failing USB drive, and I need to copy everything over to a new one without leaving any trace on my PC that's all I need to know :)
Title: Re: USB - USB security question
Post by: DrGonzoII on September 08, 2012, 12:53 pm
I can't really answer your question one way or the other.

But If you are worried about it enough to ask, than maybe you should use a LiveCD/LiveUSB of some sort to perform this task.
That way, you can be sure that your HD is not in anyway involved , because the standard LiveOS runs completely from RAM. and you can even unmount any of your HD partitions before you perform the task to be absolutely certain that it is not being used at all.


Hope that helps
Title: Re: USB - USB security question
Post by: spindoctor on September 08, 2012, 06:22 pm
Thanks DrGonzoII. To be honest, I've never heard of those, I'll look into it.

Meanwhile, if anyone else knows the answer to my question, that would be great....

It's gotten personal now. I need to find out the answer. It's a simple enough question, with a simple enough answer.....if you know it :)
Title: Re: USB - USB security question
Post by: DrGonzoII on September 08, 2012, 07:17 pm
Its a little concerning for someone to be on the Silk Road and not be familiar with at least one of Linux Live Operating Systems
you should REALLY REALLY REALLY consider checking them out for your safety.

Don't assume that just because your running shit from a USB with truecrypt and you use TOR, that no one knows what your doing on your windows machine. Perhaps the following thread will serve as an eyeopener of just how dangerous Windows can be for the denizens of the DarkNet:
http://dkn255hz262ypmii.onion/index.php?topic=33359.msg380143#msg380143

Basically it says that windows 7 (and possibly other versions) maintains all types of connections with various organizations that like to monitor your habits. The scariest of them is the encrypted 10mb/s connection with the NSA. which basically points to complete surveillance.


So please, Do yourself a favor, and stop what your doing and set up a tails LiveUSB (its rather easy and linux isn't as crippled or as scary to use as Microsoft wants you to think it is)

you can find detailed instructions on making it here:
https://tails.boum.org/doc/first_steps/manual_usb_installation/windows/index.en.html



Because worrying about what this thread pertains too while your using windows to access the silkroad is like worrying about the lit cigarette in your ashtray setting your house on fire while your leaving the stove on to keep the house warm.
Title: Re: USB - USB security question
Post by: spindoctor on September 08, 2012, 10:10 pm
That's how to make a point mate, thanks for taking the time.

I will look into it. I am aware linux options are a safe bet, but like I said before, I've never really considered it that important, as I am such an incredibly small player. Jeez, you could make bigger and easier busts outside my local late night shop, and it's a very small shop! Besides, if it's as scary as you say, I am already compromised anyway. Shutting the stable door after the horse has bolted? :)

Anyway, if nothing else, you've grabbed my attention, and I will try and conquer my unusual fear of Linux out of curiosity now.

But I do appreciate your time and concern.
Title: Re: USB - USB security question
Post by: DrGonzoII on September 09, 2012, 03:16 am
no problem man. Better safe than sorry if you ask me. And it is never too late to start being secure. Nor is it ever too early to start for that matter.

And being a windows user, I think that you will appreciate the Windows XP camoflage option that tails has. Very convincing until you notice that all the programs have a different name.


And to give you a perspective on where I'm coming from:
I was on old school Windows user that remembers the confusing days of OS/2 and windows 3.x. And I recently got into linux only a couple of years ago. But in that small time I have learned a million times more about computers than I ever dreamed of knowing before. After a few months of playing with different Linux Distros and keeping a windows dual boot, I eventually scrapped the windows completely and became a total Debian Linux nerd (Ubuntu being my favorite). And nowadays, after learning what i have about the darker sides of Microsoft and Apple, I have pretty much banned all of their products from my household. I just simply don't trust them, and I have have come to despise what those corporations stand for and try to accomplish.

In fact, after you check out the tails LiveUSB/LiveCD and see how easy it is to make one. You should check out one of the ubuntu ones as well (ubuntu studio and its variants are rather nice and complete examples of what it can do). I think you will be pleasantly surprised at just how capable and easy on the eyes a Linux desktop can be. (many would argue that its capabilities dwarf windows in many ways).
Hell I often install it on computers for people that are completey computer illiterate, and they usually find it to be much easier to use and understand.
Title: Re: USB - USB security question
Post by: pine on September 10, 2012, 02:57 am
As far as I am aware spindoctor, the files you move from USB to USB won't be stored by the Windows OS on your HD, that would be most inefficient. There may be a record involving some metadata as a system record, but there shouldn't be actual files stored. I'm not 100% on this, but it makes sense.

One thing to watch for, if you're not using flash memory, but a external HD instead, is that if you're using this and you delete your stuff, the OS definitely makes a record of this because the files wind up in the recycle bin (not the files themselves I hasten to add, but there is a pointer to the file on record in case you want you "undelete" the file). The file is still on your HD, albeit it may get overwritten, but a record is made by the OS on the HD. Best thing is get a 'file destroyer' overwriter piece of software and run it from the HD to wipe anything you want to get rid of on the HD.