Silk Road forums
Discussion => Security => Topic started by: RIPDonnasummer on May 19, 2012, 12:40 am
-
What do I need to do clean off my computer just in case. This seems like a far fetched possibility being a small buyer but not worth the chance I guess.
I just do not get this ? I thought TOR browser protected us 100%
-
Nothing, the idea behind encrypting your hard drive is that any file or program stored there is indecipherable to anyone with out the correct passphrase, even if they remove the hard drive and hook it up to a different system to inspect it. That's not to say an attacker can't obtain your passphrase through a range of methods (keyloggers, bruteforcing, cold boot attacks being probably the most common).
Tor is an onion router that sends your outbound traffic through a series of proxies with encryption at each hop. The effect is that if you visit say amazon.com using tor, amazon.com will not be able to tell where that traffic is coming from, because they will only see the IP address of the last hop. Tor is meant to give you anonymity.
I'm over simplifying both of these points (and I am a definite non-expert), but it is a huge mistake to think that computer security ends with Tor Browser.
-
I have the same worries as you, man! I am in no way tech savvy and honestly I'm just overwhelmed when I read about all these different security techniques because to me it's like someone speaking a foreign language! I don't get ANY of it! I've been here for a few months and I know I need to just sit down and commit a few hours to learning this stuff... both for my safety as well as the vendors I work with. It's all just so confusing!
-
What do I need to do clean off my computer just in case. This seems like a far fetched possibility being a small buyer but not worth the chance I guess.
I just do not get this ? I thought TOR browser protected us 100%
Did you install the TBB to your computer, or to a USB drive? If it's installed to a USB drive, there should be nothing written to your computer's hard drive to clean up.
-
You should certainly encrypt your entire disk. It is more important to use GPG for communications and Tor to protect from traffic analysis, but FDE can protect from sloppy attackers in certain circumstances. At the end of the day if you are a primary suspect and your attacker has the slightest clue what they are doing, Truecrypt will not protect you much, but if they have no clue what they are doing it could save your ass, and if you are a vendor it could save the asses of all of your customers. Usually they have no clue what they are doing too :).
-
I hear you buddy! I think the program Truecrypt is the easiest one to set up to encrypt your entire hard disk - the website itself contains some really simple step by step guides in the documentation section. If you get stuck I have a link to a video somewhere I can dig out which shows how to encrypt your machine, it is very easy - if it weren't I couldn't do it!
V.
I have the same worries as you, man! I am in no way tech savvy and honestly I'm just overwhelmed when I read about all these different security techniques because to me it's like someone speaking a foreign language! I don't get ANY of it! I've been here for a few months and I know I need to just sit down and commit a few hours to learning this stuff... both for my safety as well as the vendors I work with. It's all just so confusing!
-
I don't agree with the above. If you are a buyer and you are just using TOR to access SR then there is no need for encryption it actually makes you more suspicious.
NOTE: this is only the case if the only thing on your computer is TOR browser bundle.
I only have that on my computer. I used to have truecrypt, eraser etc but then i realized that if they were going to bust me it's just going to make things worse for me because why would some small time buyer have a whole HDD encrypted...
It's also not illegal to have Browser bundle on your computer... just say you use it to search things about STD or something...
Just make sure to memorize the SR url and never bookmark anything and your good to go :)
If you got PGP software on your computer i would advice to use encryption as the private key can identify you.
Once you close TOR everything you did is gone; history etc
-
Having an encrypted disk makes you more suspicious than having a disk filled with traces of criminal activity?
-
Your right truecrypt is not the best protection, all it takes is a judge to demand your password. And sometimes even if you give it they could say you have a hidden os, say your holding out on the second password and still put you're ass behind bars. But don't get me wrong doing everything on a unprotected system with no security in place Is just dumb whether you bookmark silkroad or not. You'll just make the cops day. So if your a buyer or a seller you should still have a good plan. I guess it's just a matter of whether you think the time it takes to learn this is worth keeping your ass out of jail. I think the best thing to do is use tails or liberte Linux. If runs in your computers ram and wipes everything when your done. Also try to keep your files in a truecrypt container with a decoy container on a server in a place like Switzerland.
-
Okay. Then tell me exactly what it is the cops can see after you have closed TOR.
............
If you just surf the web with TOR and don´t save anything to your comp there is not a lot to pin you on.
-
If you want to completely erase a hard drive you must use the secure erase hdd method: http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
-
Your right truecrypt is not the best protection, all it takes is a judge to demand your password. And sometimes even if you give it they could say you have a hidden os, say your holding out on the second password and still put you're ass behind bars. But don't get me wrong doing everything on a unprotected system with no security in place Is just dumb whether you bookmark silkroad or not. You'll just make the cops day. So if your a buyer or a seller you should still have a good plan. I guess it's just a matter of whether you think the time it takes to learn this is worth keeping your ass out of jail. I think the best thing to do is use tails or liberte Linux. If runs in your computers ram and wipes everything when your done. Also try to keep your files in a truecrypt container with a decoy container on a server in a place like Switzerland.
Truecrypt isn't the best protection because there are about ten billion ways to covertly/overtly steal a passphrase, and protecting from all of them isn't very feasible. Truecrypt is also not the best protection because by the time it offers any protection at all you are already identified.
-
Okay. Then tell me exactly what it is the cops can see after you have closed TOR.
............
If you just surf the web with TOR and don´t save anything to your comp there is not a lot to pin you on.
Im wondering the same question. What is stored on my hard drive off Tor.
-
Full disk encryption is a layer of security and indeed could end up being your last one.
When you consider how trivial it is for your ISP to see you are using Tor and the fact if you're arrested your computer can be seized it becomes a matter of common sense to make sure that no further evidence ends up in the hands of LEO.
Truecrypt is by no means the only FDE program - the alternate install of Ubuntu for instance allows you to encrypt your entire OS. Liberte linux is also encrypted by its very nature and can be fitted onto a USB stick.
I have some experience with digital forensics. Although the Tor browser bundle is designed to resist data recovery in this way a detailed analysis of your hard drive may reveal clues as to your browsing activity - indeed if you're worried about seeming suspicious its very presence on your machine seems more compelling to me than an encrypted HDD, particularly if you have any book marks to SR or these forums saved in the browser!
In addition if your PGP keys are stored on the machine, your private key would be compromised. Admittedly the key itself is encrypted but asymmetric encryption is a lot easier to break than symmetric encryption.
For anyone worried about being compelled to hand over their password, Plausible Deniability allows you to have two passwords - analysis of a TC partition in itself will not reveal a hidden volume.
V.
-
Okay. Then tell me exactly what it is the cops can see after you have closed TOR.
............
If you just surf the web with TOR and don´t save anything to your comp there is not a lot to pin you on.
Im wondering the same question. What is stored on my hard drive off Tor.
A detailed analysis of your hard drive can recover deleted cookies, which track your browsing activity. (Admittedly the Tor browser goes to some lengths to delete these).
Also your book marks, and book mark back ups - would you want LEO to see you had a bookmark to your favourite vendor on SR on your PC, particularly if you're trying to plead in court you have ABSOLUTELY no idea that the package sent to your house contained drugs when you signed for it?
Your cache is once again erased in theory when you exit the Tor Browser correctly but can be recovered using freely downloadable tools from the internet if you fail to use encryption. It contains information about the URL's you've accessed and how many times you've done this.
This is such an open and shut issue, it surprises me that people (including more senior members who should know better!) think it's a matter of opinion - encrypting your entire OS, be it on a USB stick or your hard drive is a matter of common sense.
The only time I wouldn't recommend it is if you use a SSD as it can reduce the life of the drive.
V.
-
Yeah having an encrypted disk is going to look real good in front of the Jury. Especially after you have revealed the password of the dummy OS with some nasty porn "hidden" on there that u supposedly tried to hide with your truecrypt encryption but everyone knows it is the wrong password. What is the Dept of Justice suggesting? Maybe even child pornography?! Hidden on that disk?! 2 layers of encryption??
Or they manage to seize your computer while it's still on (laptops!!) and perform a cold booth attack and manage to break into the volume and find your private key and SR bookmarks maybe some decrypted text files etc because you thought you were safe.
TOR is designed not to keep any records whatsoever of your browser session, peoples lives could depend on it (think about some activist using it to fight a regime or something).
Sometimes i think overkill is also not good if it's not necessary. I use my Tor Browser bundle and my memory it's easy just memorize SR url ;)
-
I don't know where to start on how wrong this is.
Firstly having an encrypted hard disk is a very common practice - the Police do this themselves on their home machines and hand held devices.
As for a hidden volume, as I said Truecrypt is specifically designed so that an analysis of the encrypted contents of the drive will not reveal whether there is one or not.
There is no way to know it was the wrong password provided you have set it up correctly and avoid certain applications which can "leak" data to unencrypted parts of your HDD. Details available on request.
A cold boot attack is possible but they're hardly going to need to do that if you leave your entire system unencrypted - why not just hand your laptop in while you're at it, save them the petrol.
How can you be so naive?
V.
Yeah having an encrypted disk is going to look real good in front of the Jury. Especially after you have revealed the password of the dummy OS with some nasty porn "hidden" on there that u supposedly tried to hide with your truecrypt encryption but everyone knows it is the wrong password. What is the Dept of Justice suggesting? Maybe even child pornography?! Hidden on that disk?! 2 layers of encryption??
Or they manage to seize your computer while it's still on (laptops!!) and perform a cold booth attack and manage to break into the volume and find your private key and SR bookmarks maybe some decrypted text files etc because you thought you were safe.
TOR is designed not to keep any records whatsoever of your browser session, peoples lives could depend on it (think about some activist using it to fight a regime or something).
Sometimes i think overkill is also not good if it's not necessary. I use my Tor Browser bundle and my memory it's easy just memorize SR url ;)
-
I don't understand what's naive about saying that if you surf the web using TOR browser and don't add anything to your bookmarks and don't download anything once you close TOR browser everything about that particular session is GONE and IRRETRIEVABLE.
That's what TOR stands for. All your internet traffic is encrypted. And once you close your browser EVERYTHING IS GONE that's what TOR is designed for.....anonymity remember?
Indeed they dont need to cold booth me because there is nothing to cold booth...clean system!!
Furthermore I believe more security can also come from less. Because as you know less is more.
A hidden truecrypt volume invite the user to download a bitcoin client, safe sensitive information on his HDD, add bookmarks to TOR all under the notion he is safe but he couldn't have been more wrong (refer to duckduckgo for all the different attacks). He was simply a naive boy sitting behind his desk playing 1337.
Forgot to mention that encryption might be very common in some social circles (geeks) but I don't have a lot of mates who would have encrypted hard drives (why would they...)
-
Just another suggestion that I think works well...
I run Liberte from a micro SD card. It's about the size of my fingernail. I can literally hide it anywhere, or destroy it in an instant, even eat it if I had to, and it is the ONLY way I access SR. I boot from it using a card reader, and there is another encrypted micro SD card with nothing incriminating on it to be used for a decoy.
My laptop is always out in the open. There are always a couple of encrypted USB sticks laying around next to it. If the shit ever hits the fan, my laptop and USB drives are going to be the obvious prizes, but they contain nothing to incriminate me.
By the time a judge could issue a subpoena forcing me to divulge my passwords ( I would remain silent and refuse until ordered to) the real prize will be long gone and nowhere to be found.
-
OK, I didn't want to have to get technical about this as it's a little unfair on everyone else but so be it.
Firstly, the Tor browser is designed with the ultimate goal of not leaving any fingerprints on the host Operating System -they frankly admit they haven't achieved this yet, by all means take a look at their page:
https://www.torproject.org/projects/torbrowser/design/#security
You'll see that they link to a number of sites designed to test your privacy, one of which is browserspy.dk which will clearly show your browser retains cookies.
By default Javascript is enabled in the Torbrowser which can leak your IP information and there are plans for supporting flash objects.
The Tor project also posts a link to a site which contains scripts which can also detect the presence of the Torbutton and reveal your history to a limited extent, although admittedly this could be done remotely, not by seizing your machine:
http://pseudo-flaw.net/content/tor/torbutton/
When it comes to security less is not more, more is more.
None of this means you shouldn't make sure to keep updating to the latest version of Tor browser to prevent remote exploits, but as I said encrypting the partition on which you keep your Tor browser bundle is a matter of common sense.
Those people who have read my posts will know I'm not given to paranoia or stupidity, I honestly believe the only way to be sure forensic recovery of your browsing activities cannot take place is to keep your web browsing application out of reach - this is not a particularly sensational point of view and I'm by no means the first person to say it!
V.
I don't understand what's naive about saying that if you surf the web using TOR browser and don't add anything to your bookmarks and don't download anything once you close TOR browser everything about that particular session is GONE and IRRETRIEVABLE.
That's what TOR stands for. All your internet traffic is encrypted.
Furthermore I believe more security can also come from less. Because as you know less is more.
A hidden truecrypt volume invite the user to download a bitcoin client, safe sensitive information on his HDD, add bookmarks to TOR all under the notion he is safe but he couldn't have been more wrong (refer to duckduckgo for all the different attacks). He was simply a naive boy sitting behind his desk playing 1337.
-
Good man, that's more like it!
V.
Just another suggestion that I think works well...
I run Liberte from a micro SD card. It's about the size of my fingernail. I can literally hide it anywhere, or destroy it in an instant, even eat it if I had to, and it is the ONLY way I access SR. I boot from it using a card reader, and there is another encrypted micro SD card with nothing incriminating on it to be used for a decoy.
My laptop is always out in the open. There are always a couple of encrypted USB sticks laying around next to it. If the shit ever hits the fan, my laptop and USB drives are going to be the obvious prizes, but they contain nothing to incriminate me.
By the time a judge could issue a subpoena forcing me to divulge my passwords ( I would remain silent and refuse until ordered to) the real prize will be long gone and nowhere to be found.
-
OK, I didn't want to have to get technical about this as it's a little unfair on everyone else but so be it.
Firstly, the Tor browser is designed with the ultimate goal of not leaving any fingerprints on the host Operating System -they frankly admit they haven't achieved this yet, by all means take a look at their page:
https://www.torproject.org/projects/torbrowser/design/#security
You'll see that they link to a number of sites designed to test your privacy, one of which is browserspy.dk which will clearly show your browser retains cookies.
By default Javascript is enabled in the Torbrowser which can leak your IP information and there are plans for supporting flash objects.
The Tor project also posts a link to a site which contains scripts which can also detect the presence of the Torbutton and reveal your history to a limited extent, although admittedly this could be done remotely, not by seizing your machine:
http://pseudo-flaw.net/content/tor/torbutton/
When it comes to security less is not more, more is more.
None of this means you shouldn't make sure to keep updating to the latest version of Tor browser to prevent remote exploits, but as I said encrypting the partition on which you keep your Tor browser bundle is a matter of common sense.
Those people who have read my posts will know I'm not given to paranoia or stupidity, I honestly believe the only way to be sure forensic recovery of your browsing activities cannot take place is to keep your web browsing application out of reach - this is not a particularly sensational point of view and I'm by no means the first person to say it!
V.
I don't understand what's naive about saying that if you surf the web using TOR browser and don't add anything to your bookmarks and don't download anything once you close TOR browser everything about that particular session is GONE and IRRETRIEVABLE.
That's what TOR stands for. All your internet traffic is encrypted.
Furthermore I believe more security can also come from less. Because as you know less is more.
A hidden truecrypt volume invite the user to download a bitcoin client, safe sensitive information on his HDD, add bookmarks to TOR all under the notion he is safe but he couldn't have been more wrong (refer to duckduckgo for all the different attacks). He was simply a naive boy sitting behind his desk playing 1337.
Do you really believe that? Encryption does not help you at all with that. Those exploits are general TOR exploits they also apply if your in an encrypted drive that does not change anything.
As for the document you provided indeed read it through and see that they have disabled cookie retention at all so again..I repeat...once you close your browser NOTHING is RETRIEVABLE.
:)
-
OK, I didn't want to have to get technical about this as it's a little unfair on everyone else but so be it.
Firstly, the Tor browser is designed with the ultimate goal of not leaving any fingerprints on the host Operating System -they frankly admit they haven't achieved this yet, by all means take a look at their page:
https://www.torproject.org/projects/torbrowser/design/#security
You'll see that they link to a number of sites designed to test your privacy, one of which is browserspy.dk which will clearly show your browser retains cookies.
By default Javascript is enabled in the Torbrowser which can leak your IP information and there are plans for supporting flash objects.
The Tor project also posts a link to a site which contains scripts which can also detect the presence of the Torbutton and reveal your history to a limited extent, although admittedly this could be done remotely, not by seizing your machine:
http://pseudo-flaw.net/content/tor/torbutton/
When it comes to security less is not more, more is more.
None of this means you shouldn't make sure to keep updating to the latest version of Tor browser to prevent remote exploits, but as I said encrypting the partition on which you keep your Tor browser bundle is a matter of common sense.
Those people who have read my posts will know I'm not given to paranoia or stupidity, I honestly believe the only way to be sure forensic recovery of your browsing activities cannot take place is to keep your web browsing application out of reach - this is not a particularly sensational point of view and I'm by no means the first person to say it!
V.
I don't understand what's naive about saying that if you surf the web using TOR browser and don't add anything to your bookmarks and don't download anything once you close TOR browser everything about that particular session is GONE and IRRETRIEVABLE.
That's what TOR stands for. All your internet traffic is encrypted.
Furthermore I believe more security can also come from less. Because as you know less is more.
A hidden truecrypt volume invite the user to download a bitcoin client, safe sensitive information on his HDD, add bookmarks to TOR all under the notion he is safe but he couldn't have been more wrong (refer to duckduckgo for all the different attacks). He was simply a naive boy sitting behind his desk playing 1337.
Do you really believe that? Encryption does not help you at all with that. Those exploits are general TOR exploits they also apply if your in an encrypted drive that does not change anything.
As for the document you provided indeed read it through and see that they have disabled cookie retention at all so again..I repeat...once you close your browser NOTHING is RETRIEVABLE.
:)
And I repeat that that is a load of RUBBISH - deleted data CAN be recovered if only removed using the methods stated by the Tor browser!
V.
-
If you read the document they cleary state that if a feature is not entirely supported they deactivate it entirely. They don't want to take risks as peoples lives could depend on it. Anyway i know you can read and (kind of) understand the technical slang that's used so I know, that you know, exactly what it is i'm talking about. :)
Let me make it a little clear let's assume i am an activist in China and protesting against the government. I have searched google for some illegal things and they have stored cookies on my computer, now government officials come in and just look at my cookies and kill me.
Ofcourse not mate, that's the whole point, TOR Anonymous webbrowser, Project Anonymity.
-
This is turning into a bit of a yes it is / no it isn't discussion but I'm more than happy to go toe to toe with someone on this.
This is the page for the latest implementation of the Tor Browser Bundle released less than a month ago. It's so recent I don't many SR users will have upgraded - I didn't myself until yesterday.
https://blog.torproject.org/blog/new-tor-browser-bundles-16
Have a look at this feature which was recently fixed:
https://trac.torproject.org/projects/tor/ticket/4017
As you can see for certain users, even with the configuration set not to retain a memory of downloaded files e.g a text file of a person's PGP key, or an image of a product you want to buy, could be recovered. As if this wasn't bad enough, take a gander at this comment on the thread for the latest release:
hello:
hope this message gets to the right people. its about flash cookies and tor security.
installed newest tor package on osx, latest built.
after a little test-surfing the web i installed the "better privacy" plugin in tor-browser to see what flash does to the tor browser.
"better privacy" listed a douzand flash cookies in user/...../library/preferences/macromedia, including a skype cookie and the default flash player cookie.
Yet another vulnerability which was fixed in a previous version and has now resurfaced is the persistence of evercookies. Fortunately this has been fixed for now:
https://trac.torproject.org/projects/tor/ticket/5715
I could go on all day (and will if you try to insist the Tor Browser does not leave traces of browsing activity!) - In theory all traces of browsing activity are erased when you use the Tor Browser Bundle - in practice as you can see this is not the case.
Simple solution : encrypt the partition where it is installed. Perhaps now I've said it five times this will penetrate? :-D
V.
If you read the document they cleary state that if a feature is not entirely support they deactivate it entirely. They don't want to take risks as peoples lives could depend on it. Anyway i know you can read and (kind of) understand the technical slang that's used so I know that you know exactly what it is i'm talking about. :)
-
...and for a bonus point I'd like to provide a few choice extracts from the TorBox project.
For those of you who don't know, TorBOX is a non-offical, community project which creates virtual machines using Tor to test the integrity and security of the Tor Browser.
A few choice extracts for your perusal:
Harden Tor-Workstation
If this VM is compromised all data it has access to, all credentials, browser data, passwords... the user has entered can be compromised. The IP is never leaked but these information can still result in identity disclosure.
...To protect against forensic analysis we recommend to use full disk encryption, wipe the RAM on shutdown. We recommend to use "clean" computers made of parts manufactured by reputable companies and to pay in cash so as to not have hardware IDs leak our identity.
...and again in the Security FAQ section :
To protect against physical attacks use FDE (Full Disk Encryption) and always lock the screen if you leave the system unattended.
Now can we all agree that if the community project who devote their time to finding exploits in the Tor browser think it might actually be a good idea to encrypt the virtual machine / disk on which your TBB is located, that it might actually be a good idea?
V.
-
Registration is totally an LEO and wants everyone to stay unencrypted so we can get locked up more easily. (maybe.... lol... for all I know every other person on here is an LEO)
Who cares if having your HDD encrypted makes you look more suspicious? If they can't prove you're hiding 2 things because you hand them your password for your encrypted porn folder, then they can't prove you have encrypted incriminating material. Reminds me of a situation in university- if you're smoking pot in your dorm room, and your hallway reeks of marijuana, they're going to come in your room and bust you. If your hallway reeks of febreze and cologne, they can't come in your room on the premise that you're smoking pot- there's not pot smell!
I've been reading up on here for a long time and I'm under the impression that:
1) I should either encrypt my entire machine and have an encrypted volume with a porn stash
OR
2) I should remove Tor from my HDD and keep it on an encrypted USB that also contains an encrypted volume with porn inside.
but what if they find the USB? I would think an encrypted machine is somewhat less odd than an encrypted USB. Unless your story is your USB is only for encrypted porn?
3) I also remember reading something that said TAILS is a good option? (not 100% on what this can do)
Vlad, do you happen to have a mac? I really would like to do one of the above options, but I'm unsure which to do... Any thoughts on the correct path to being protected?
-
Hi Sl1pknot,
Thanks for your message - I am hoping the fact that the very team tasked with finding exploits and vulnerabilities in Tor believe disk encryption is a good idea will clinch the issue but I won't hold my breath - no one ever won an argument!
To answer your question I did use to have a Mac and Truecrypt will allow you to encrypt your entire Operating System with it. You can also create a hidden OS if that's what you want. The Truecrypt bootloader which actually asks for your password and decrypts the hard drive can't be encrypted so it would be possible to tell you've encrypted the drive. I would still recommend you do this, as it's useful in case the laptop is stolen and as I said provides another layer of security against LEO.
Onto question No. 2 - the advantage of encrypting an entire USB with a program like Truecrypt is that the data is indistinguishable from the kind of data you might find if you used a special program like Eraser to delete everything on your USB - such programs overwrite deleted data with random bits of information, which are extremely similar to encrypted data.
Another advantage is that you can encrypt a USB stick with several different ciphers but if you do this on a hard drive it can slow performance.
If the Police ask about the USB you can simply tell them you've wiped it and certainly in the UK at least they wouldn't be able to gainsay you. How do I know this? Because I did what you've suggested here by having a USB drive encrypted with the good old 128 Bit Blowfish encryption algorithim - they kept it for 4 weeks before handing it back in disgust!
As for TAILS - I think they're currently patching a security hole in this. If you do use it, I'd recommend you install the VirtualBox software on your Mac and install TAILS onto a virtual machine. Once again I recommend encrypting your Mac's hard drive, though TAILS allows you to do an encrypted install too and is very easy to set up.
For now, I think you'll be fine encrypting your MacOS and having your Tor Browser Bundle / GPG software on an encrypted USB.
If you need any help, feel free to send me a message.
All the best,
V.
Registration is totally an LEO and wants everyone to stay unencrypted so we can get locked up more easily. (maybe.... lol... for all I know every other person on here is an LEO)
Who cares if having your HDD encrypted makes you look more suspicious? If they can't prove you're hiding 2 things because you hand them your password for your encrypted porn folder, then they can't prove you have encrypted incriminating material. Reminds me of a situation in university- if you're smoking pot in your dorm room, and your hallway reeks of marijuana, they're going to come in your room and bust you. If your hallway reeks of febreze and cologne, they can't come in your room on the premise that you're smoking pot- there's not pot smell!
I've been reading up on here for a long time and I'm under the impression that:
1) I should either encrypt my entire machine and have an encrypted volume with a porn stash
OR
2) I should remove Tor from my HDD and keep it on an encrypted USB that also contains an encrypted volume with porn inside.
but what if they find the USB? I would think an encrypted machine is somewhat less odd than an encrypted USB. Unless your story is your USB is only for encrypted porn?
3) I also remember reading something that said TAILS is a good option? (not 100% on what this can do)
Vlad, do you happen to have a mac? I really would like to do one of the above options, but I'm unsure which to do... Any thoughts on the correct path to being protected?
-
ugghh now I'm even more confused! With so many conflicting opinions its even harder for us noobs :(
-
...and for a bonus point I'd like to provide a few choice extracts from the TorBox project.
For those of you who don't know, TorBOX is a non-offical, community project which creates virtual machines using Tor to test the integrity and security of the Tor Browser.
A few choice extracts for your perusal:
Harden Tor-Workstation
If this VM is compromised all data it has access to, all credentials, browser data, passwords... the user has entered can be compromised. The IP is never leaked but these information can still result in identity disclosure.
...To protect against forensic analysis we recommend to use full disk encryption, wipe the RAM on shutdown. We recommend to use "clean" computers made of parts manufactured by reputable companies and to pay in cash so as to not have hardware IDs leak our identity.
...and again in the Security FAQ section :
To protect against physical attacks use FDE (Full Disk Encryption) and always lock the screen if you leave the system unattended.
Now can we all agree that if the community project who devote their time to finding exploits in the Tor browser think it might actually be a good idea to encrypt the virtual machine / disk on which your TBB is located, that it might actually be a good idea?
V.
Okay you really cannot read well. They are talking about a physical attack as in they kick your door in and there you are with your TOR browser open I just have it open when I am using it once i´m gone i´ll close the browser. They recommend locking you encrypted workstation so that they cannot read it but if you close your TOR browser there is not a lot left to read (Given you don't save anything that is!). TorBOX also encourages encryption because you can save things from your session within the VM. It's a completely different project not even affiliated to TOR besides that it uses Vidalia. I would never trust them.
I would say TAILS, or LIBERTE is your best bet. It accommodates security through not having anything suspicious on the USB disk as every trace of your session is completely wiped clean.
I am not saying TrueCrypt is not safe but if they really want to access it they will, and then they find all kinds of evidence. Whilst using TAILS & your memory there is not a lot to prove even if they find the TAILS usb stick since when is that illegal? There are plenty of legitimate uses for it.
The point I'm trying to make is that persistence in any form whatsoever is no security. Also using your Tor browser don't go wild and only use .onion sites.
Furthermore if they find your private key on your computer they know who you are on the onion web :) so they can identify you and proof you are that particular person that is selling on SR as you have your public key in your profile.....
You think they would really recommend Tor for anonymity if it fills your system with unwanted cookies and saves data to your hard disk that can incriminate you after your TOR session....
Use the internet use the clouds to hide your sensitive information everything through the tor network is encrypted end-to-end especially if you only use .onion.
There are to many attacks against Truecrypt but you guys can research that yourself :)
Read this through: https://www.torproject.org/projects/torbrowser.html.en
I know you are English vlad1m1r so you should be able to comprehend it also I know you accept cash in the mail so it would be quite easy for adversary to discover your location (if your not using a PO box but even then...) also you are building up a reputation through a forum account which in theory could be used against you. I bet you got SR bookmarked and the forums and your private key within your hidden volume :) Probably some decrypted files as well who knows. Your security appears to be one big leakage. I hope for you that you really buy those coins with every envelope that comes in but my commonsense tells me you are selling coins from vendors :)
-
Okay you really cannot read well. They are talking about a physical attack as in they kick your door in and there you are with your TOR browser open I just have it open when I am using it once i´m gone i´ll close the browser. They recommend locking you encrypted workstation so that they cannot read it but if you close your TOR browser there is not a lot left to read (Given you don't save anything that is!). TorBOX also encourages encryption because you can save things from your session within the VM. It's a completely different project not even affiliated to TOR besides that it uses Vidalia. I would never trust them.
If this is what you got out of reading this then I weep for you. Of course data is retained within a virtual machine after each session - just as it is with your workstation. This. is. why. you. need. to. encrypt. the. hard. disk.
I had a feeling you'd try and say you know better though! :-)
I would say TAILS, or LIBERTE is your best bet. It accommodates security through not having anything suspicious on the USB disk as every trace of your session is completely wiped clean.
Now I know you're talking through your hat. Liberte Linux by its nature encrypts the partition on which the OS is installed using OTFE and allows for a persistent install. A password is required on boot up to decrypt the OS - just like I have been saying all along.
"Liberté Linux maintains persistent storage on an OTFE volume accessible via ~/persist — a virtual partition file that is located on the boot media where Liberté is installed. This volume uses AES-256 cipher in XTS block mode, with SHA-256 header hashing. It is best to store all documents on this OTFE volume. In addition, Liberté provides automatic on-demand mounting of permanent and removable media at /media. You are advised to employ extreme care when writing to such non-encrypted media. Specifically, it is recommended to avoid writing to the non-encrypted parts of the boot media, especially since the OTFE partition is fully resizable with sudo otfe-resize. "
Source : http://http://dee.su/liberte-security
Furthermore if they find your private key on your computer they know who you are on the onion web :) so they can identify you and proof you are that particular person that is selling on SR as you have your public key in your profile.....
...If you encrypt the partition on which your private key is installed they won't be able to do this, stop me if I'm getting too technical :-)
[quote[
You think they would really recommend Tor for anonymity if it fills your system with unwanted cookies and saves data to your hard disk that can incriminate you after your TOR session....
[/quote]
This is circular logic. The implementation of Firefox contained in the Tor browser bundle is not supposed to leave any traces but there are various flaws inherent to its design (three of which I've already stated) which means there is a possibility of data recovery on an unencrypted OS. Hence the good people of the TorBox project suggesting you use full disk encryption, remember that part? :-)
Use the internet use the clouds to hide your sensitive information everything through the tor network is encrypted end-to-end especially if you only use .onion.
Where do we find these people? ONLY Tor hidden services are encrypted end to end. This is why the HTTPS everywhere plugin is included with the Tor browser. Any information you give out on a clearnet site is just as liable to be intercepted whether you use the Tor browser or not.
There are to many attacks against Truecrypt but you guys can research that yourself :)
...there are a few potentially effective attacks against Truecrypt granted physical access to the machine such as the cold boot attack - they are extremely difficult to implement. Of course none of this which will penetrate the thick shell of your ignorance.
Read this through: https://www.torproject.org/projects/torbrowser.html.en
Thanks, I read it often. Your concern for my comprehension is very touching but considering you're the one giving out inaccurate and irresponsible information I would suggest you expand your reading a little - perhaps to the pages I mentioned already?
I know you are English vlad1m1r so you should be able to comprehend it also I know you accept cash in the mail so it would be quite easy for adversary to discover your location (if your not using a PO box but even then...)
Or at least the location of the person receiving the cash, this ain't my first rodeo cowboy. :-)
also you are building up a reputation through a forum account which in theory could be used against you. I bet you got SR bookmarked and the forums and your private key within your hidden volume :) Probably some decrypted files as well who knows. Your security appears to be one big leakage. I hope for you that you really buy those coins with every envelope that comes in but my commonsense tells me you are selling coins from vendors :)
I don't really want to get into a discussion of my business methods but rest assured I do encrypt the partition on which my PGP keys and Tor Browser are installed - my laptop is also kept safely under lock and key when I'm not around to prevent someone installing an infected rootkit to it. On top of that I have hardware which flushes my RAM each time the laptop is shut down to prevent a cold boot attack - in all it took me around 15 minutes to set up.
For those people new to the forums, I can only repeat it is VITAL that you encrypt the drive on which your Tor browser bundle / GPG keyrings are installed - admittedly it is only a layer of defence and may end up being your last one but it is important nonetheless.
As for my reputation, as I mentioned anyone examining my posts will know I am not inclined to exaggeration or melodrama. When I tell you that encryption is vital, it's not because I have my ego mixed up in this, it's because it's essential for your own safety.
All the best,
V.
-
ugghh now I'm even more confused! With so many conflicting opinions its even harder for us noobs :(
I really am sorry about this Wonderland it wasn't my intention.
Encrypting an Operating System is actually extremely easy to set up, be it with Truecrypt or a persistent install of Liberte (although Liberte is having a few problems with DNS leaks at the moment so I'd wait for them to fix that).
Once you've done this, any kind of forensic analysis of your drive for your browsing activities, GPG keys and so on will be near nigh impossible. This doesn't mean you can blithely assume you can't be identified in other ways such as the information you give out while online but it hugely increases your safety if your equipment is seized.
If you read my post above, you'll see me go into the reasons why and wherefore this is the case but like I said it's just a matter of common sense and for the sake of something that will take you ten minutes, I really do think it's worth your while.
If you need any help getting set up with this, please feel free to send me a message.
All the best,
V.
-
I have the same worries as you, man! I am in no way tech savvy and honestly I'm just overwhelmed when I read about all these different security techniques because to me it's like someone speaking a foreign language! I don't get ANY of it! I've been here for a few months and I know I need to just sit down and commit a few hours to learning this stuff... both for my safety as well as the vendors I work with. It's all just so confusing!
Dude take 2 hrs on a few days and figure it out....its very well worth it....security is integral to not getting caught if anything ever happens...It really should have been the first thing you covered before ordering or doing anything else, at least you realize you need to do it, props for that, but man pull a NIKE and JUST DO IT.
I bet you find interesting shit along the way and may even find that you are good at it, and its not that difficult, at least the basic parts, making a Linux Liberte USB, and of course PGP.
Pgp is easy as hell! theres a picture walkthrough at the top of the security board....theres no reason you cant do it unless you're retarded...and based on the your post, I can tell your perfectly capable my friend.
I reccomend using Tails as people say Liberte's built in Tor browser "Midori" can leak DNS names (Designated Name Servers) aka the names of websites to the host CPU.....so make a Tails CD, its just a little harder....
forliberte you use duck duck go (search engine that doesnt track you like google.) and search liberte...donload it....
plug in a USB stick with at least 2GB. If you're on Windows right click the removable drive under computer in windows explorer. click format. Use fat 32. dont worry about the other stuff there. click ok......wait til its done formatting...use 7zip or winrar (download winrar from cnet its better IMO) and extract liberte to the USB drive (by selecting the USB drive as the destination path....run setup. once its done...reboot your computer and hold down whatever F# (Mine is F2) key (your computer manufacturer page that pops up when it boots will say at the bottom "hold down F____ for boot options or for Bios). hold it down.. configure it to boot in a new order, instead of booting from hdd first, move USB to the top of the list). plug it in.....self explanitory from there.
-
Libertè and TAILS both allow persistence. Which I still advice against even if it's encrypted. If there's nothing saved there is nothing to be found. Find me a source where it says that having Tor Browser installed on your computer leaves traces on your OS after closure of the program (again, if nothing is saved that is). Do not state the obvious again and tell me what will be written where after i close my TOR browser from the Browser Bundle.
Application Data Isolation
The components involved in providing private browsing MUST be self-contained, or MUST provide a mechanism for rapid, complete removal of all evidence of the use of the mode. In other words, the browser MUST NOT write or cause the operating system to write any information about the use of private browsing to disk outside of the application's control. The user must be able to ensure that secure deletion of the software is sufficient to remove evidence of the use of the software. All exceptions and shortcomings due to operating system behavior MUST be wiped by an uninstaller. However, due to permissions issues with access to swap, implementations MAY choose to leave it out of scope, and/or leave it to the Operating System/platform to implement ephemeral-keyed encrypted swap.
Implementation Status:
For now, Tor Browser blocks write access to the disk through Torbutton using several Firefox preferences. The set of prefs is: dom.storage.enabled, browser.cache.memory.enable, network.http.use-cache, browser.cache.disk.enable, browser.cache.offline.enable, general.open_location.last_url, places.history.enabled, browser.formfill.enable, signon.rememberSignons, browser.download.manager.retention, and network.cookie.lifetimePolicy.
mplementation Status: As a stopgap to satisfy our design requirement of unlinkability, we currently entirely disable 3rd party cookies by setting network.cookie.cookieBehavior to 1. We would prefer that third party content continue to function, but we believe the requirement for unlinkability trumps that desire.
This is what i got from the link you posted earlier.
-
Ok, one more time, obviously my last post was a bit weighty...
The quotations you've cited are stated GOALS for the Tor Project- I have already shown evidence of where information is retained on a hard drive after closing the browser - you might have to use the scroll button to use these.
If as an alternative to encrypting your drives you use a liveCD such as TAILS to browse the web (although this was not what you were advocating originally - still hats off to you for struggling to hang in there!), this might protect you from keyloggers but you'd be just as vulnerable to a cold boot attack if your entire OS was loaded into RAM, so by your own logic this wouldn't do much good!
Having said this, it does admittedly have the advantage and disadvantage of not allowing you to record anything permanently on your hard drive - I say disadvantage as this means you would have to trust a third party with your Bitcoin wallet, bookmarks and indeed your Private Keys, let's see how that worked out for Hushmail users:
http://cryptogon.com/?p=16002
Or as I said (sixth time now!) you can generate your own key pair offline and safely store your private key on an encrypted drive on your machine.
Is there anyone else here who does this i.e keeps their private key on a cloud somewhere as opposed to keeping it safely encrypted on their machine? I'm genuinely curious.
V.
Libertè and TAILS both allow persistence. Which I still advice against even if it's encrypted. If there's nothing saved there is nothing to be found. Find me a source where it says that having Tor Browser installed on your computer leaves traces on your OS after closure of the program (again, if nothing is saved that is). Do not state the obvious again and tell me what will be written where after i close my TOR browser from the Browser Bundle.
Application Data Isolation
The components involved in providing private browsing MUST be self-contained, or MUST provide a mechanism for rapid, complete removal of all evidence of the use of the mode. In other words, the browser MUST NOT write or cause the operating system to write any information about the use of private browsing to disk outside of the application's control. The user must be able to ensure that secure deletion of the software is sufficient to remove evidence of the use of the software. All exceptions and shortcomings due to operating system behavior MUST be wiped by an uninstaller. However, due to permissions issues with access to swap, implementations MAY choose to leave it out of scope, and/or leave it to the Operating System/platform to implement ephemeral-keyed encrypted swap.
Implementation Status:
For now, Tor Browser blocks write access to the disk through Torbutton using several Firefox preferences. The set of prefs is: dom.storage.enabled, browser.cache.memory.enable, network.http.use-cache, browser.cache.disk.enable, browser.cache.offline.enable, general.open_location.last_url, places.history.enabled, browser.formfill.enable, signon.rememberSignons, browser.download.manager.retention, and network.cookie.lifetimePolicy.
mplementation Status: As a stopgap to satisfy our design requirement of unlinkability, we currently entirely disable 3rd party cookies by setting network.cookie.cookieBehavior to 1. We would prefer that third party content continue to function, but we believe the requirement for unlinkability trumps that desire.
This is what i got from the link you posted earlier.
-
Every buyer and seller on this website uses the cloud to store things :) Think of SR, or a Bitcoin tumbler, or tormail? or freedomhosting? other onion hosting? Privnote? etc
Bitcoins open the possibility to getting some anonymous web space or some email even though for a small time buyer i don't reckon it necessary.
Hushmail is a good example but if you have always used TOR to access hush and have followed the TOR guideline for remaining anonymous you should be fine.
Indeed that page are Tor goals, as you can see from the implementation statuses they take no risk, some features might not have been entirely
developed yet but then they deactivate it.
However you have not answered my question, can you show me what information is leaked to my OS after I have closed down TOR browser bundle? Just answer it with sources no nonsense (no more general TOR bugs or TorBOX).
**On a side note it is not entirely true that TAILS is vulnerable to cold booth attack as when they are trying to kick your door in you pull it out and it wipes your RAM.
-
Hushmail is a good example but if you have always used TOR to access hush and have followed the TOR guideline for remaining anonymous you should be fine.
Honestly, where did we find this lemon? You're a moron sir, and you're giving out inaccurate information with every line you write, please for the love of God give it a rest!
V.
-
Can you show me what information is leaked to my OS after I have closed down TOR browser bundle?
As far as hush goes I'm not even going to elaborate your right I'm a lemon.....
All you have done is gone "technical" a few times and posted nothing but unrelated nonsense and a whole bug report of Tor Browser that applies even when your in a hidden volume. If you don't understand that what you post is also applicable when your mounted in your hidden volume then where do I have to start?
To be honest I actually thought for a second you knew what you were talking about but I am kind of disappointed.
Actually i should not be surprised because by your postcount it appears you spend way to much time on these forums and not enough time studying security measures.
As a matter of fact I'm actually willing to admit I was completely wrong If you show me;
Can you show me what information is leaked to my OS after I have closed down TOR browser bundle?
.....................with source that is ;)
Comprendes amigo??
-
Every buyer and seller on this website uses the cloud to store things :) Think of SR, or a Bitcoin tumbler, or tormail? or freedomhosting? other onion hosting? Privnote? etc
Erm, no no, and no with the possible exception of Freedom Hosting - Cloud Computing isn't an appropriate way of describing such activities in this context. I suggest (once again) you might actually want to take some time to educate yourself on these topics before you actually try to weigh in on them.
Bitcoins open the possibility to getting some anonymous web space or some email even though for a small time buyer i don't reckon it necessary.
You're right about one thing - it isn't necessary! Encrypt your private keys and Tor browser software locally and there's no need!
Hushmail is a good example but if you have always used TOR to access hush and have followed the TOR guideline for remaining anonymous you should be fine.
The service which handed over users private keys to the government "should be fine"? Do you ever listen to yourself?
Indeed that page are Tor goals, as you can see from the implementation statuses they take no risk, some features might not have been entirely
developed yet but then they deactivate it.
Oh you did read that part did you? Perhaps you read those examples about features they haven't activated? I mean where shall we run with this logic ? :
MS Windows contains bugs and security flaws which makes it easy for someone to access a person's private data but I don't need to encrypt my machine because Windows tells me that they'll plug the hole soon. Erm...
However you have not answered my question, can you show me what information is leaked to my OS after I have closed down TOR browser bundle? Just answer it with sources no nonsense (no more general TOR bugs or TorBOX).
I've already provided a straight answer to your question. Forensic recovery of deleted data is always possible and you've seen three examples of data being retained even after the browser is closed. If you would like me to give you a 101 on how deleted cookies and so on can be recovered I suggest you sign up to the "Linux Forensics" group on Yahoo where we regularly discuss digital forensic processes and procedures - most recently one of our users efforts to retrieve a person's browsing history failed because a user had taken the very sensible step of encrypting their home folder and installing a browser there.
I am more than happy to do a 101 on how commonly used distros like DEFT Linux can be used to recover deleted data, it would do you no harm to actually learn a thing or two but I feel that you'd be best served spending a month or two brushing up on some of the fundamentals of IT Security and Applied Cryptography before we move on to anything more advanced, I wouldn't want to overburden you. :-)
Of course you've gone one step further and apparently are saying now that even your GPG private key should be stored remotely - where did you have in mind exactly? I have to tell you you're flying in the face of a number of Security experts in saying your secret key should ever leave your PC:
Try this one for size from the IT Dept of Harvard:
"...First and foremost, do not place your private key in your seas provided home directory (either on unix or windows). The file storage system is not designed to secure this type of identity information. Your private key should be stored only on machines that you have physical access to, and that you regularly use."
(Source : https://intranet.seas.harvard.edu/it/standards-and-best-practices/)
If that's not August enough for you, let's see if Microsoft believe that your private key leaving your machine is a good idea:
"The security of private keys is crucial for public key cryptosystems. Anyone who can obtain a private key can use it to impersonate the rightful owner during all communications and transactions on intranets or on the Internet. Therefore, private keys must be in the possession only of authorized users, and they must be protected from unauthorized use.
...An attacker with access to a computer might use low-level disk utilities to locate encrypted private keys on the hard disk and perform cryptanalysis to decipher the key. In general, the risk of attacks on private keys is much lower when keys are stored on tamper resistant hardware devices such as smart cards."
(Source: http://technet.microsoft.com/en-us/library/cc962023.aspx)
As you can see Microsoft go one step further and suggest using hardware based encryption.
Two pioneering researchers at Cambridge University have actually postulated on keeping your secret keys in the Cloud in a research paper back in 2010. Their solution is a promising one in theory but considering your advocating Hushmail, I have my doubts this was what you had in mind:
https://www.cl.cam.ac.uk/~jra40/publications/2010-SPW-key-storage.pdf
So what exactly is it that you're trying to pull here? Is this a pride thing? There's no shame in admitting you've made a mistake, I forgive, so will Jesus! (Or at least he would if he existed!)
This sort of nonsense is confusing people newer to the forums and needs to stop right away - if you use a third party to store your encryption keys and other personal information online you're gambling with your own safety which is fine. Encouraging others to do the same is plain irresponsible.
V.
-
Can you show me what information is leaked to my OS after I have closed down TOR browser bundle?
As far as hush goes I'm not even going to elaborate your right I'm a lemon.....
All you have done is gone "technical" a few times and posted nothing but unrelated nonsense and a whole bug report of Tor Browser that applies even when your in a hidden volume. If you don't understand that what you post is also applicable when your mounted in your hidden volume then where do I have to start?
To be honest I actually thought for a second you knew what you were talking about but I am kind of disappointed.
Actually i should not be surprised because by your postcount it appears you spend way to much time on these forums and not enough time studying security measures.
As a matter of fact I'm actually willing to admit I was completely wrong If you show me;
Can you show me what information is leaked to my OS after I have closed down TOR browser bundle?
.....................with source that is ;)
Comprendes amigo??
I've already answered your question - no please show me a security expert who agrees you should store your GPG secret keys via Cloud Computing.
I'm touched you've been reading my post count - perhaps if you'd taken the time to read a few you'd know a little more about taking your security and others more seriously. :-)
V.
-
A few more string to add to the proverbial bow:
This c/o the OS Forensics website:
A detailed list of registry keys which can be examined on an unencrypted OS to show that the Tor Browser was present on the system even after uninstallation:
http://www.osforensics.com/faqs-and-tutorials/identifying_uninstalled_software.html
This one care of Andrew Case of Digital Forensic Solutions who was investigating ways to de anonymise use of the TAILS Live CD:
“Memory analysis of Tor revealed that it makes minimal effort to securely erase memory after it has been used and this allows recovery of historical data such as HTTP headers and requests, downloaded files, visited URLs, and Tor-specific data such as the identity of other Tor network nodes. We also show that the research performed and tools developed during this project are applicable against a number of other live CD distributions and not just TAILS.”
Another extract:
“4 Memory Analysis of Tor
In order to fully deconstruct the defensive systems of the TAILS distribution, we also chose to perform memory analysis of Tor.
...
The combination of filesystem and Tor memory analysis attacks the two key components that TAILS and other live CD offer for anti-forensics.
...
Before deep analysis of Tor was performed, the classic forensics technique of using strings and grep to find interesting information was performed on memory dumps of the Tor process to ensure that useful information is indeed not overwritten on deallocation.
To test this we installed the privoxy proxy server, configured it to send requests through Tor, and then set the http_proxy environment variable to the address of the prixovy server. Once this was completed, we then used wget to recursively download information from a number of websites, all of which contained tens of web pages, downloads (doc, pdf, etc), and other information.
To verify that this information was still in Tor’s memory after the requests were completed, we used Michal Zalewski’s memfetch [11] utility to
download memory regions of the Tor process such as the heap, .data segment, and .bss segment. strings and grep were then run across the extracted memory regions and it was confirmed that information such as the HTTP headers,file and web pages contents, virtual hosts of requested pages, and more were contained in clear text in memory."
(Source : http://media.blackhat.com/bh-dc-11/Case/BlackHat_DC_2011_Case_De-Anonymizing_Live_CDs-wp.pdf)
TLDR : Using a Live CD will not protect you from forensic analysis of your machine and it is inadvisable to store your private key anywhere except on a machine to which you have physical access - all of the above forensic analysis of Tor could not have been done on a system with an encrypted drive.
While disk encryption is only a layer of defence and not 100% immune from attacks, as I've said already it's a vital one. At the very least you should have your Tor Browser and GPG keyring stored on an encrypted USB.
V.
-
I actually know that paper funny though how it was written in early 2011 and the problem was fixed promptly after that.
(https://tails.boum.org/security/audits/Blackhat_De-Anonymizing_Live_CDs/)
As far as seeing that I have had Tor installed in the past even after uninstalling it; I never claimed that was not possible I said that what you see in your browser remains in your browser in is not retrievable from your OS.
Persistence is the old way of doing things....if you don't believe me see what the guys at TAILS have to say:
https://tails.boum.org/doc/first_steps/persistence/index.en.html
Just generate a secret key with a good strong password send that key to your SR inbox and if you need it download it
and put it in TAILS :) (Note: this is just an example of using the cloud there are many better/safer ways)
There are plenty of ways to have everything in the cloud and the beauty of it all is.........It's all in your mind as far as I know they
have not found an exploit yet to the human brain or I could be wrong vlad1m1r?
That way your virtual identity remains private no matter what.
vlad1m1r you and I know exactly what YOU have been doing all along ..... you twist the words in the sources you post, only post bits
and pieces that have to be seen in context, and post outdated sources.
You proclaim you are technical yet you fail to understand so many things.....I am dead serious here not trying to be condescending but
try to study the subject a little more.
I actually wanted to be proved wrong, because that would mean I had done my research wrong and could've learned something, in the end this
appears to be one big waste of time.
I am done my last post here :) go back to give basic security tips to noobs when your ready to play with the big boys answer my question or admit that it's not possible and you were wrong.
-
I find it ironic that each time I've proven you wrong, you've accused me of quoting out of context, now let's take a gander at the single link you've provided, particularly as the supposed warnings have to do with making sure your partition remains encrypted:
"The persistent volume is not hidden. An attacker in possession of the USB stick can know that there is a persistent volume on it. Take into consideration that you can be forced or tricked to give out its passphrase."
Of course I never denied the above was the case but having an encrypted drive means that the information cannot simply be taken from you.
Out of context much? :-)
I am sure that whatever high school you were dragged up in may well have patted you on the back in the past and congratulated you for whatever Powerpoint Presentation you managed to knock together but if you want to have a reasoned discussion about the merits of respective methods of recovering deleted data, I'd be happy to go toe to toe with you (and have done!)
I never doubted that there are plenty of ways to "do everything" (whatever that means!) in the cloud - what I said was that giving out your PGP secret key and storing it online was unsafe - as you can see I have Microsoft, Cambridge University and Harvard on my side in so saying - what you have on your side is a rather piecemeal assertion that if you use a live CD and trust your personal files to others, hopefully nothing bad will happen.
Perhaps once you've taken a little more time to understand these issues in a little more depth rather than simply post a link from the TAILS project page, we could have a discussion on a more equal footing.
Keep going, you'll get there in the end. :-)
V.
I actually know that paper funny though how it was written in early 2011 and the problem was fixed promptly after that.
(https://tails.boum.org/security/audits/Blackhat_De-Anonymizing_Live_CDs/)
As far as seeing that I have had Tor installed in the past even after uninstalling it; I never claimed that was not possible I said that what you see in your browser remains in your browser in is not retrievable from your OS.
Persistence is the old way of doing things....if you don't believe me see what the guys at TAILS have to say:
https://tails.boum.org/doc/first_steps/persistence/index.en.html
Just generate a secret key with a good strong password send that key to your SR inbox and if you need it download it
and put it in TAILS :) (Note: this is just an example of using the cloud there are many better/safer ways)
There are plenty of ways to have everything in the cloud and the beauty of it all is.........It's all in your mind as far as I know they
have not found an exploit yet to the human brain or I could be wrong vlad1m1r?
That way your virtual identity remains private no matter what.
vlad1m1r you and I know exactly what YOU have been doing all along ..... you twist the words in the sources you post, only post bits
and pieces that have to be seen in context, and post outdated sources.
You proclaim you are technical yet you fail to understand so many things.....I am dead serious here not trying to be condescending but
try to study the subject a little more.
I actually wanted to be proved wrong, because that would mean I had done my research wrong and could've learned something, in the end this
appears to be one big waste of time.
I am done my last post here :) go back to give basic security tips to noobs when your ready to play with the big boys answer my question or admit that it's not possible and you were wrong.
-
Full disk encryption is a layer of security and indeed could end up being your last one.
When you consider how trivial it is for your ISP to see you are using Tor and the fact if you're arrested your computer can be seized it becomes a matter of common sense to make sure that no further evidence ends up in the hands of LEO.
Truecrypt is by no means the only FDE program - the alternate install of Ubuntu for instance allows you to encrypt your entire OS. Liberte linux is also encrypted by its very nature and can be fitted onto a USB stick.
I have some experience with digital forensics. Although the Tor browser bundle is designed to resist data recovery in this way a detailed analysis of your hard drive may reveal clues as to your browsing activity - indeed if you're worried about seeming suspicious its very presence on your machine seems more compelling to me than an encrypted HDD, particularly if you have any book marks to SR or these forums saved in the browser!
In addition if your PGP keys are stored on the machine, your private key would be compromised. Admittedly the key itself is encrypted but asymmetric encryption is a lot easier to break than symmetric encryption.
For anyone worried about being compelled to hand over their password, Plausible Deniability allows you to have two passwords - analysis of a TC partition in itself will not reveal a hidden volume.
V.
Asymmetric keys are symmetrically encrypted. Of course people should use FDE, it is just really easy for a non-retarded attacker to counter it. Most LE are retarded though so it is still very helpful in practice, although easily defeated in theory.
-
A. Tor browser can and almost certainly will leave recoverable traces on your drive, if you don't encrypt SWAP this is even more likely to happen
B. FDE can save the day and has many times....
C. If the person after you knows or suspects you are using FDE they will with high probability be able to get around it, there are plenty of cases of LE carrying out cold boot attacks and using other passphrase stealing tactics against targets they know to be using FDE.
It really boils down to yes of course use FDE, but also be aware that is is a very limited technology. IMO FDEs primary threat model is to keep your information safe if a thief steals your corporate laptop, it is not really meant by itself to keep you safe if some highly trained LE forensics people are after you. However, if some unskilled LE agency is after you it could very well save your ass because they just shut down computers and send them off to the lab, they don't have forensics specialists on site for every raid. They don't have enough computer forensics specialists to send one to every raid and their average door kicker agent isn't going to be trained to properly deal with FDE. Pwning a target with FDE requires serious tactical planning and computer forensic / technical knowledge (at least enough to install a key logger, at most enough to analyze transient electromagnetic information leakage), not everyone who gets raided has these sort of resources aimed against them, but if you do chances are high your FDE will be bypassed unless you take exceptional counter measures.
-
More on hushmail:
http://www.wired.com/threatlevel/2007/11/encrypted-e-mai/
-
I just discovered this post and it is a great read. I think we all need to take the time to educate ourselves to prevent problems. With all the tutorials out there, it only takes a little time to ensure protection for buyers and sellers.
-
All this convo went over my head.
So, what should your average joe buyer do then?
Wipe out the hard drive and run Tor and GPG only from a encrypted USB drive?
-
I'm not sure how much this applies to the topic, but I thought it did somewhat....for Americans anyway. I thought the article was interesting, although alarming for those living in the US. A mortgage fraud defendant looking at possibly decades in prison if convicted was ordered by a US district court judge to decrypt her laptop within the month.
(I hope I'm understanding correctly that with a link posted here, as long as a person cuts and pastes the link into their browser, it's safe. Whereas clicking on it right from this site is not even when using TOR. Hope I'm correct on that. If I'm not please correct me)
http://www.wired.com/threatlevel/2012/02/laptop-decryption-appeal-rejected/
So in the US anyway, if they really want you, especially if it's a federal rap, it seems they'll really turn on the heat. I'm assuming for someone buying small amounts though they wouldn't spend the money to go whole hog on prosecuting. For sellers it might be a different story though. Seems encryption possibly isn't going to be enough
The next month the judges order was basically a moot point as the Feds got into the laptop as explained in the report in the next link. It's presumed her co-accused provided the passwords. Figures!!! Nine times out of ten it seems that's the case...someone talks
http://www.wired.com/threatlevel/2012/02/decryption-flap-mooted/?utm_source=Contextly&utm_medium=RelatedLinks&utm_campaign=MoreRecently
Oops! Didn't realize this thread was so old. Sorry. Still might be prudent info though