Silk Road forums
Discussion => Security => Topic started by: genghar on June 11, 2012, 07:28 am
-
I recently had a nightmare of being arrested. Yes, I'm a grown ass man and I'm having nightmares now.
Is there any way to use Truecrpyt and Tails together? Something like, to even look at the Tails OS you need to enter a password? While using plausible deniability, of course - one bogus password that reveals nothing and one password that lets you in. I've done a tiny bit of research and have found extensive guides on how to use them. But only individually.
-
I recently had a nightmare of being arrested. Yes, I'm a grown ass man and I'm having nightmares now.
Is there any way to use Truecrpyt and Tails together? Something like, to even look at the Tails OS you need to enter a password? While using plausible deniability, of course - one bogus password that reveals nothing and one password that lets you in. I've done a tiny bit of research and have found extensive guides on how to use them. But only individually.
Hi Genghar - TAILS seem to distrust Truecrypt due to the fact the source code isn't reviewed as regularly as they would like.
It is possible to use the built in disk utility in TAILS to encrypt an external drive (https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html) However this will not give you plausible denial.
V.
-
I recently had a nightmare of being arrested. Yes, I'm a grown ass man and I'm having nightmares now.
Is there any way to use Truecrpyt and Tails together? Something like, to even look at the Tails OS you need to enter a password? While using plausible deniability, of course - one bogus password that reveals nothing and one password that lets you in. I've done a tiny bit of research and have found extensive guides on how to use them. But only individually.
Hi Genghar - TAILS seem to distrust Truecrypt due to the fact the source code isn't reviewed as regularly as they would like.
It is possible to use the built in disk utility in TAILS to encrypt an external drive (https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html) However this will not give you plausible denial.
V.
Nearly all of your posts have me wanting to +1. This is another one of them.
Can you point me in the right direction for the safest layman route of plausible deniability? I know a million guides have been written on this. Just a nudge is all I need.
-
I recently had a nightmare of being arrested. Yes, I'm a grown ass man and I'm having nightmares now.
Is there any way to use Truecrpyt and Tails together? Something like, to even look at the Tails OS you need to enter a password? While using plausible deniability, of course - one bogus password that reveals nothing and one password that lets you in. I've done a tiny bit of research and have found extensive guides on how to use them. But only individually.
Hi Genghar - TAILS seem to distrust Truecrypt due to the fact the source code isn't reviewed as regularly as they would like.
It is possible to use the built in disk utility in TAILS to encrypt an external drive (https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html) However this will not give you plausible denial.
V.
Nearly all of your posts have me wanting to +1. This is another one of them.
Can you point me in the right direction for the safest layman route of plausible deniability? I know a million guides have been written on this. Just a nudge is all I need.
Hi buddy,
The best way to have plausible denial is to encrypt a USB stick. Encrypting your hard drive with Truecrypt would reduce the likelihood of data being seized but a forensic analysis could still reveal the "bootloader" i.e the program which asks for your password and actually decrypts the drive which means you'd have no way of denying the machine's encrypted.
If you really want to use Truecrypt with TAILS it is possible to install it each time you fire it up:
- Put in the CD and boot your computer into TAILS.
- Select the "more options" button before logging in to set an admin password.
- Open up the IceWeasel browser and go to www.truecrypt.org/downloads
- Scroll down to Linux and select "standard" (32 or 64 bit depending on your machine - if unsure choose 32).
- Save the tar.gz file to your home folder or similar
- Exit Iceweasal and open the folder where the Truecrypt tar.gz file is stored.
- Right click the file and select "Extract Here." The tar file will extract a setup file alongside itself.
- Right click this new file and click "Properties". Click the "Permissions" tab and make sure the tick box is checked next to where it says "Allow executing this file as a program."
- Close the window and double click the file.
- A terminal window will open. Choose Option 1.
- Press enter to view the licence. Press and hold enter again to scroll down. When given the chance type "yes" to say you agree to the terms.
- Enter the admin password you set up when logging in before to begin installation.
- Go to Applications at the top left > Accessories > Terminal
- Type "truecrypt" without the quotes and hit return.
Congratulations you now have Truecrypt until you power off the machine at least...
Watch this video to see how to use Truecrypt to create a USB stick with a hidden partition:
http://www.youtube.com/watch?v=eJ_RBR9jVLQ
Please bear in mind that you won't be able to use a USB with a hidden partition on Windows - not that you'll need to if you're using TAILS!
Also take a peek at http://www.truecrypt.org/docs/?s=hidden-volume-precautions - to see how you can make sure your hidden volume stays that way.
Remember your first defence when it comes to your encrypted USB stick being seized should be to claim that it's not encrypted but has been wiped using a secure erasure program. It's nearly impossible to tell the difference between a USB that's been erased in this way i.e by overlaying it with random data and an encrypted stick.
Hope this helps.
V.
-
I recently had a nightmare of being arrested. Yes, I'm a grown ass man and I'm having nightmares now.
Is there any way to use Truecrpyt and Tails together? Something like, to even look at the Tails OS you need to enter a password? While using plausible deniability, of course - one bogus password that reveals nothing and one password that lets you in. I've done a tiny bit of research and have found extensive guides on how to use them. But only individually.
Hi Genghar - TAILS seem to distrust Truecrypt due to the fact the source code isn't reviewed as regularly as they would like.
It is possible to use the built in disk utility in TAILS to encrypt an external drive (https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html) However this will not give you plausible denial.
V.
Nearly all of your posts have me wanting to +1. This is another one of them.
Can you point me in the right direction for the safest layman route of plausible deniability? I know a million guides have been written on this. Just a nudge is all I need.
Hi buddy,
The best way to have plausible denial is to encrypt a USB stick. Encrypting your hard drive with Truecrypt would reduce the likelihood of data being seized but a forensic analysis could still reveal the "bootloader" i.e the program which asks for your password and actually decrypts the drive which means you'd have no way of denying the machine's encrypted.
If you really want to use Truecrypt with TAILS it is possible to install it each time you fire it up:
- Put in the CD and boot your computer into TAILS.
- Select the "more options" button before logging in to set an admin password.
- Open up the IceWeasel browser and go to www.truecrypt.org/downloads
- Scroll down to Linux and select "standard" (32 or 64 bit depending on your machine - if unsure choose 32).
- Save the tar.gz file to your home folder or similar
- Exit Iceweasal and open the folder where the Truecrypt tar.gz file is stored.
- Right click the file and select "Extract Here." The tar file will extract a setup file alongside itself.
- Right click this new file and click "Properties". Click the "Permissions" tab and make sure the tick box is checked next to where it says "Allow executing this file as a program."
- Close the window and double click the file.
- A terminal window will open. Choose Option 1.
- Press enter to view the licence. Press and hold enter again to scroll down. When given the chance type "yes" to say you agree to the terms.
- Enter the admin password you set up when logging in before to begin installation.
- Go to Applications at the top left > Accessories > Terminal
- Type "truecrypt" without the quotes and hit return.
Congratulations you now have Truecrypt until you power off the machine at least...
Watch this video to see how to use Truecrypt to create a USB stick with a hidden partition:
http://www.youtube.com/watch?v=eJ_RBR9jVLQ
Please bear in mind that you won't be able to use a USB with a hidden partition on Windows - not that you'll need to if you're using TAILS!
Also take a peek at http://www.truecrypt.org/docs/?s=hidden-volume-precautions - to see how you can make sure your hidden volume stays that way.
Remember your first defence when it comes to your encrypted USB stick being seized should be to claim that it's not encrypted but has been wiped using a secure erasure program. It's nearly impossible to tell the difference between a USB that's been erased in this way i.e by overlaying it with random data and an encrypted stick.
Hope this helps.
V.
I've suddenly decided that the risk of buying a couple g's of weed here and there is way too fucking much for me. This helps a lot. I'll just frequent the road only when I need to - the hassle is definitely a currency for time in my case of paranoia.
-
Purchasing from Silk Road is far safer than in real life, even if you don't use any of the available protections.
-
It's actually possible to start Tails with Truecrypt already installed, even with the Live CD, so no persistence is required.
Using TrueCrypt in Tails
TrueCrypt is not enabled by default when Tails starts. In order to use TrueCrypt, the following needs to be done:
on the language selection menu, right after booting Tails, use the arrow keys to select the desired system language,
press the tab key (often labeled ↹), press space, type truecrypt and press enter,
when Tails desktop is ready, you should find TrueCrypt in the Applications menu, under Accessories.
https://tails.boum.org/doc/encryption_and_privacy/truecrypt/
*Update
The "language selection menu" is the "boot menu" now, with black background, where you can choose between Live and Live (failsafe) mode, this is where Tab needs to be pressed before the countdown runs down.
XP Camouflage mode can be reached from the Tails Greeter menu now (Welcome to Tails - More Options - Yes - Activate Microsoft Windows XP Camouflage)
https://tails.boum.org/doc/first_steps/startup_options/index.en.html
-
was about to post the same thing, mooshroom :)
also, on the same menu you can type winxp for a winxp lookalike screen (if using a public computer) and bridge (might be bridges) to prevent connection to tor until you have entered a bridge ip
-
I have a question. For people like me who just buy and who only buy MJ and in relatively small quantities (say some brownies), is it really necessary to TrueCrypt and all that jazz? I understand why PGP is so important when communicating with the seller, but what are the chances of them actually seizing and searching my computer for SR type stuff.
I mean, I intend to just hide my laptop anyway (while waiting for my order, so they'd have to tear down my house to find even that. Since no one has been known to have been arrested or even set up with a "controlled delivery" using SR, I just wonder if TrueCrypt and Tails would be necessary for me since at most I'd face a misdemeanor, and that's only if I was stupid enough to sign for the delivery, and that's only if the cops did one of these "controlled deliveries", which has yet to even happen to one person via SR.
I don't think little fry like me needs to sweat these deeper security issues. Right? lOL
-
Entirely depends on you, you pretty much summed it up.
-
I have a question. For people like me who just buy and who only buy MJ and in relatively small quantities (say some brownies), is it really necessary to TrueCrypt and all that jazz? I understand why PGP is so important when communicating with the seller, but what are the chances of them actually seizing and searching my computer for SR type stuff.
I mean, I intend to just hide my laptop anyway (while waiting for my order, so they'd have to tear down my house to find even that. Since no one has been known to have been arrested or even set up with a "controlled delivery" using SR, I just wonder if TrueCrypt and Tails would be necessary for me since at most I'd face a misdemeanor, and that's only if I was stupid enough to sign for the delivery, and that's only if the cops did one of these "controlled deliveries", which has yet to even happen to one person via SR.
I don't think little fry like me needs to sweat these deeper security issues. Right? lOL
[/quote
If you're busted, the Police won't care how you obtained personal quantities of drugs, possession will be enough. If you don't have anything illegal on the premises however they may well seize your equipment to try to prove you had placed an order for illegal goods - encrypting your data makes sure they won't succeed. It really doesn't take long to do (around 10 minutes for a USB stick) and could save you a lot of trouble later on so I'd suggest you take the time to learn about it, it really is quite simple.
V.