Silk Road forums
Discussion => Security => Topic started by: Elmo on July 30, 2012, 06:59 am
-
I basically want to delete the data and create a hidden volume for Linux, but the guides that I have looked really do not explain how to do it. CCleaner has the option to delete the system, but what are the steps I should take next? I guess I'll have the files for my OS, but how encryption with TrueCrypt after wipe?
Thank you!
Apologies for my English!!!
-
I am thinking of adding a public OS with most HD space, so the linux volume will not be a dummy OS.
-
Im no expert and I could be wrong but if you are installing truecrypt, then there is no need to wipe the system other than format the drive as truecrypt writes "data" to the whole drive and so anything else would be over written......
However if it was me, just for safety I would wipe the drives with a programme like acronis drive cleanser or something similar, and then do my install of OS and true crypt.
-
Im no expert and I could be wrong but if you are installing truecrypt, then there is no need to wipe the system other than format the drive as truecrypt writes "data" to the whole drive and so anything else would be over written......
However if it was me, just for safety I would wipe the drives with a programme like acronis drive cleanser or something similar, and then do my install of OS and true crypt.
Hi keysersoze,
Your understanding is correct. If you have full disk encryption in place then a forensic analysis of your hard drive after you've installed your Operating System over it would be of little use.
If you're feeling ultra paranoid OP and on the basis that you can never be too safe why not use Darik's Boot and Nuke (http://www.dban.org/) - just burn it to a CD and boot your computer up with it in the tray. The instructions are very easy to follow. The best method to use is Gutmann which overwrites data 35 times to prevent recovery.
If like me you have a solid state drive, this won't do you any good, so just encrypt the whole operating system, format the drive, install your new OS and hope for the best, I really have nothing more to add on that one - perhaps one of our security gurus could provide some more guidance? :-)
V.
-
use a live linux disc or usb distro like tails or liberte.
tails uses LUKS encryption...which is nicely integrated with Gnome.
wipe drive with dban DoD style.
reinstall your regular OS and avoid doing anything related to Tor/SR/encryption/etc. on that. it's just a nice, normal computer afterall.
keep everything contained to tails/liberte/live disc...keep sensitive files encrypted and the the usb stick or disc easily destroyed by physical means.
I connect to a handful of WEP networks that have no relation to me.
I have a baseball bat near my desk. I'm pretty sure I could destroy my USB stick entirely with one swing.
-
TC if you run from linux can't encrypt the entire drive like it does in windows to create 'plausible deniable OS'. So you'd have to install XP black edition or something else first, then run TC and stick in a debian disk or w/e you want to install and then create the hidden OS.
I would just install debian, full disc encrypt during install and use TC containers for really sensitive things. If worried about shadowy agents of doom modifying your boot loader when you're not around keep the bootloader on a usb and make your entire HDD encrypted storage only
-
use a live linux disc or usb distro like tails or liberte.
tails uses LUKS encryption...which is nicely integrated with Gnome.
wipe drive with dban DoD style.
reinstall your regular OS and avoid doing anything related to Tor/SR/encryption/etc. on that. it's just a nice, normal computer afterall.
keep everything contained to tails/liberte/live disc...keep sensitive files encrypted and the the usb stick or disc easily destroyed by physical means.
I connect to a handful of WEP networks that have no relation to me.
I have a baseball bat near my desk. I'm pretty sure I could destroy my USB stick entirely with one swing.
This is very similar to my setup, but can you point me in the direction of hacking into other wireless networks that likely have very minimal security?
-
If you're feeling ultra paranoid OP and on the basis that you can never be too safe why not use Darik's Boot and Nuke (http://www.dban.org/) - just burn it to a CD and boot your computer up with it in the tray. The instructions are very easy to follow. The best method to use is Gutmann which overwrites data 35 times to prevent recovery.
overwriting cannot touch track edges (and more than one pass is a waste of time anyway)
what's far better and faster is any software that uses the ata "secure erase" command, here's one http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml
Secure Erase only works on SSDs. Or are we assuming everyone is using an SSD by now ?
-
Seriously ? I know on SSDs it restores the blocks to their factory state and on encrypted SSDs it simply changes the encryption password, this only takes a few seconds.
I assume on a HDD it will have to overwrite each sector and although doing it at a firmware level would be faster than any software it should take alot of time, how long does it take ?
-
Im too paranoid to do a single pass but it wouldnt hurt to add this to the mix as well ;D