Silk Road forums
Discussion => Security => Topic started by: Sero Tonin on April 06, 2013, 11:52 pm
-
i just bought an 8gb flashdrive
how can i go about setting it up with encryption and everything nice
so i can use TOR/PGP through the usb. and not have anything on my computer.
i already have truecrypt but am at a loss with it.
i searched and couldnt find it on the search engine here.
but if there is already a thread about it please link me!
thanks
-
I like "Tails" found on the Tor.org site. Don't know much about encrypting the USB also, though. Tails to DVD (burn) then install to flashdrive.
-
Haven't tried tails i use liberte its based on hardened gentoo linux http://dee.su/liberte (clearnet). Very easy to use and set-up extract to your usb and set your computer to boot from usb. On first run it generates an encryption key for you and you set a password, there is an encrypted persistent volume set up for you to save files to.
It comes with everything you need(pgp, browser, chat, basic office tools) and all network traffic with the exception of the unsecured browser for accessing public wifi if needed is routed through tor. Make sure you read the short docs http://dee.su/liberte-documentation as there are still some ways you can accidentally compromise security
-
I think you are trying to run before you can walk. I wouldn't ask a hairdresser to come and plumb my kitchen. You are clearly starting out in the security aspects and I commend you for doing so. Big respect sir! :-)
i just bought an 8gb flashdrive
What class/read-write speed? If it ain't fast enough, you'll be spend forever transferring stuff over the USB bus, then waiting for the dog shit internet cafe PC to decrypt the data stream... They probably won't have core i7's with hardware AES routines, unless you live in Essex, in which case you pay a 2nd world country immigrant to buy a new computer every time you want to send an email.
Whether AES is actually secure is another debate. ;-)
how can i go about setting it up with encryption and everything nice
so i can use TOR/PGP through the usb. and not have anything on my computer.
i already have truecrypt but am at a loss with it.
If you cannot do this on a bog standard installed MSDoze machine, what makes you think it is going to be easier/better/more-secure in linux land? Linux is way more securable than MS' offering, but it will not hold your hand in the slightest. Read everything you can, break everything down into little chunks and go one step at a time.
I would take a hardened and secure Windows machine ( slight oxymoron, I know) over a default, basic *nix install any day.
Windows = The acts involved in securing it feel easy, it is VERY difficult to get right.
*Nix = The acts involved in securing it feel difficult, but it is way easier to get the whole system right.
You do know you cannot use full disk encryption with Truecrypt on *nix, right? Looking at more logical volume crypto, LUKS and stuff. Think Liberte uses FDE and tunnels to Tor by default though...
i searched and couldnt find it on the search engine here.
but if there is already a thread about it please link me!
thanks
Some links to get you started (read everything till your blue in the face)
(ALL CLEARNET)
Encrypted volumes in Tails:
https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/
How to install BackTrack to persistant USB with FDE crypto:
http://www.infosecramblings.com/backtrack/backtrack-5-bootable-usb-thumb-drive-with-full-disk-encryption/
Installing liberte on USB:
http://dee.su/liberte-install
I just read on another thread about a guy who uses MicroSD for his portable installations - small enough to swallow if trouble brews. My next build will be on this. Think it is a great idea. :-)
Good luck and may the Tor's be with you.
-
thank youuu +1
i guess i would kinda be starting out on the real security stuff.
-
Just wondering if you guys could help me out, what is a more secure form of encryption, AES or AES-Twofish-Serpant or Serpant-Twofish-AES?
cheers
-
I'm rather unsure about encrypting a USB drive so I'm gonna subscribe.
I'm getting a new drive tomorrow, I'll post any related info I find.
-
at the moment i was trying to just install Tailts onto my usb stick and have it a tails thing...but fuck me i cannot
:\ theres is a tutorial on here but even it didnt help me.
i couldnt find the tails iso within the files i downloaded.
jeez. this is turning into a nightmare.
-
Huh? You can't use full-disk encryption on a Linux installation? Are you absolutely positive about that, because... I don't believe that everyone I've seen say is using full-disk encryption was booting Windows?
AES is fine -- any variant above AES-128 probably is too. Don't go trusting your life to that information or anything though; AES is really a family of algorithms, and to my knowledge none are totally broken. AES-128 is getting pretty close to broken though I think.
Sero: I mean no offense, I truly don't, but if you're having difficulty finding the iso you downloaded... I really don't recommend trying to use Linux as a primary OS even just for SR. We all have to learn sometime, there's nothing wrong with that, but if you're at the stage where finding the iso you downloaded is a problem, you're going to lose your mind wrestling with Linux. It sounds to me like you downloaded a tarball or something and not the iso, for what it's worth. An iso is a disc image file, I'm not sure why they'd distribute it along with the Linux equivalent of a zip file -- it wastes bandwidth when people only need one or the other, not both.
-
This thread is like the blind leading the blind.
Just wondering if you guys could help me out, what is a more secure form of encryption, AES or AES-Twofish-Serpant or Serpant-Twofish-AES?
cheers
The last two options are equivalent and better than the first. Obviously using three layers of encryption is more secure than using one, but it in terms of which order you use them in (like layers of an onion), it makes no difference if you're using the same three ciphers. Keep in mind that you will pay a performance penalty for each layer of encryption, which may manifest in normal app use taking 5% longer (per layer), but disk heavy activities (like bootup) can take up to twice as long (per layer).
at the moment i was trying to just install Tailts onto my usb stick and have it a tails thing...but fuck me i cannot
:\ theres is a tutorial on here but even it didnt help me.
i couldnt find the tails iso within the files i downloaded.
jeez. this is turning into a nightmare.
Which tutorial? Did you follow this one? https://tails.boum.org/doc/first_steps/usb_installation/index.en.html
-
This thread is like the blind leading the blind.
Just wondering if you guys could help me out, what is a more secure form of encryption, AES or AES-Twofish-Serpant or Serpant-Twofish-AES?
cheers
The last two options are equivalent ... in terms of which order you use them in (like layers of an onion), it makes no difference if you're using the same three ciphers.
I hate to sound pedantic, but strictly speaking, I don't believe that oversimplification is actually true. But you know that as well as I do I'm sure -- just pointing out that it's not always that simple and you can't trust that to hold universally.
-
Practically speaking, the strength of your passwords is orders of magnitude more important to protect against people who want to charge you with a crime before you die...
Whether you use AES-Twofish-Serpant or Serpant-Twofish-AES, it's irrelevant if your passwords are password1, password2, and password3. :)
The magic numbers are 39 and 44. A 39 character password composed of all printable characters, or a 44 character password composed of numbers and letters, has ~256 bits of entropy. Stronger passwords are unnecessary with these ciphers, because if the attacker knows they are stronger, he will try to brute force the encryption key directly, rather than the password on the key.
-
Oh, I didn't mean those three specific ciphers -- I meant just in general, it actually can make the difference between a secure algorithm and a broken one if you apply them in different orders. That's all.
I'm just a nut who tries to file away in my head every reliable piece of info I come across, and since you're generally the authority on this stuff I was just making sure anybody like me doesn't end up thinking it never matters what order you apply such things in. That's all :)
-
at the moment i was trying to just install Tailts onto my usb stick and have it a tails thing...but fuck me i cannot
:\ theres is a tutorial on here but even it didnt help me.
i couldnt find the tails iso within the files i downloaded.
jeez. this is turning into a nightmare.
Which tutorial? Did you follow this one? https://tails.boum.org/doc/first_steps/usb_installation/index.en.html
i couldnt use that one because i dont have tails installed on another device dvd/flashdrive.
there was a tutorial on the forums here but now i cant find the link for it.
i know what the iso is but when i download the iso off of the tails site...boum.w/e it gives me a zip of 3 folders.
none of which to my eyes have an iso in them :l
or do i need another tool like daemon tools so see it?
gah.
any suggestions?
id just like to be as safe as possible(minus a migraine) instead of just using tor off of my main computer >.>
-
i know what the iso is but when i download the iso off of the tails site...boum.w/e it gives me a zip of 3 folders.
none of which to my eyes have an iso in them :l
I don't get it. What happens when you click this link:
http://dl.amnesia.boum.org/tails/stable/tails-i386-0.17.1/tails-i386-0.17.1.iso
You should download an ISO, right? At what point does it "give" you 3 zip files?
or do i need another tool like daemon tools so see it?
You need a tool that will burn it as an *disc image*, not data.
I always used the freeware ImgBurn on Windows.
http://www.imgburn.com
Here's a tutorial on how to use it: http://neosmart.net/wiki/display/G/Burning+ISO+Images+with+ImgBurn
You need to use the "Write image file to disc" option.
Here's an even more concise tutorial that skips the installation steps: http://forum.imgburn.com/index.php?showtopic=61
-
i know what the iso is but when i download the iso off of the tails site...boum.w/e it gives me a zip of 3 folders.
none of which to my eyes have an iso in them :l
I don't get it. What happens when you click this link:
http://dl.amnesia.boum.org/tails/stable/tails-i386-0.17.1/tails-i386-0.17.1.iso
You should download an ISO, right? At what point does it "give" you 3 zip files?
or do i need another tool like daemon tools so see it?
You need a tool that will burn it as an *disc image*, not data.
I always used the freeware ImgBurn on Windows.
http://www.imgburn.com
Here's a tutorial on how to use it: http://neosmart.net/wiki/display/G/Burning+ISO+Images+with+ImgBurn
You need to use the "Write image file to disc" option.
Here's an even more concise tutorial that skips the installation steps: http://forum.imgburn.com/index.php?showtopic=61
when i open your link i get an error 404 :\
even on clearnet.
-
Yeah, because they updated to 0.17.2 today. FFS it's the big green download button on the site.
http://dl.amnesia.boum.org/tails/stable/tails-i386-0.17.2/tails-i386-0.17.2.iso
-
i ended up doing this tut and i got it onto my flashdrive finally lol
https://tails.boum.org/doc/first_steps/manual_usb_installation/windows/index.en.html
but when i go to turn the computer back on it wont start up as tails.
i rearranged the boot order to my usb too.
hmmm
-
is usb really necessary i just run tor on my mac i mean there would be no way to link me unless they found me with something illegal and found my computer right