Silk Road forums
Discussion => Newbie discussion => Topic started by: lettucel on January 17, 2013, 08:24 pm
-
Hello,
I'm new to PGP but have a question.
If I have PGP installed on my computer, and post my key on the forum, is there any way that key can be linked to my computer?
I mean could someone access my computer, open pgp and see my key, and match it to the key that was posted here?
And if they would need my password, what if say you got your computer seized and were forced by law to provide your password?
-
Here's a thought for you, what's to say "somebody" you gave the key to on some random message board up topside didn't share it with someone else and so on until it ended up here? *wink wink*
-
So are you asking if your public key if posted on here could be matched with a record of your public key stored on your computer if someone 'accessed' it?
If so then theoretically the answer would be yes, someone could potentially see that they were the same, I have any sensitive information on my computer locked away safely in an encrypted volume only accessible via truecrypt - highly recommended for all.
Truecrypt also allows you to set up an inner and outer volume too with a different password for each so if 'forced' to give up a password you just give them the one to the outer volume. It is highly debatable if LE could force you to give up a password anyway if you claim to have forgotten it, ask any IT expert how much time they spend dealing with forgotten passwords.
Hope that helps.
-
Funny thing, I was asked the other day if I knew how to crack licensed PGP (the Norton one) by my boss as part of a litigation case (we do the IT part of the work).
There are some interesting articles about giving up passwords and the short of it is that as far as the law is concerned, you can be ordered to give it up. In one case, the guy forgot to dismount his TrueCrypt archive and the border patrol saw the contents but when they went back to dig through forensically it had automatically dismounted. They argued that since they already knew the contents that he had to provide access. Fair enough. But in another case, they only suspected what might be in the woman's drive and used the same logic; total BS to me because they're just fishing at that point.
Personally, I'll take contempt and its consequences over giving it up though.
-
Funny thing, I was asked the other day if I knew how to crack licensed PGP (the Norton one) by my boss as part of a litigation case (we do the IT part of the work).
There are some interesting articles about giving up passwords and the short of it is that as far as the law is concerned, you can be ordered to give it up. In one case, the guy forgot to dismount his TrueCrypt archive and the border patrol saw the contents but when they went back to dig through forensically it had automatically dismounted. They argued that since they already knew the contents that he had to provide access. Fair enough. But in another case, they only suspected what might be in the woman's drive and used the same logic; total BS to me because they're just fishing at that point.
Personally, I'll take contempt and its consequences over giving it up though.
Hence the need to make sure you have the outer volume also set up with some innocuous stuff saved in there so you can 'if forced' give them something, suspicion doesn't constitute evidence and unless you hand it over they cannot prove otherwise. And yes I would take my chances with a "I'm sorry I just cannot remember the password" over handing them my ass on a plate any day, the burden of proof resides with them to prove remember, innocent until proven otherwise. Never talk to the police.
-
Thanks for the help
-
geeeez i never learn this stuff...
-
Yes I need to leafn this stuff also,
-
Yes it could be matched to you if your computer was forensically analyzed. Worse would be having discovered the private key that matches the public key, for while public keys are meant to be shared and anyone could have that, the private key part of the pair is yours alone.
-
Truecrypt was the answer to my worries
-
Truecrypt was the answer to my worries
Just make sure you save something innocuous in the outer volume before you save to the inner, if you add after you can corrupt the hidden inner volume, a lesson I learnt the hard way the first time I got acquainted with trucrypt. Glad to hear you have found your answer, encryption is paramount.
-
Yes I need to leafn this stuff also,
geeeez i never learn this stuff...
Yes I need to leafn this stuff also,
There's a whole topic in the forums called SECURITY, it's you new best friend.
Go forth and encrypt.
-
...your new best friend.
Fix typo for 1 post count ;D
-
UCENY