What measures should be taken if LE are about to seize your PC??

Hello everyone,

Please share your thoughts by personal experience or speculations.

So I was just interrogated for ordering / importing drugs via mail for the second time and they asked if I would mind giving them my PC for a lab inspection, I disagreed since I had the option to...

I am now trying to prepare as much as possible to the moment they will seize it by warrant. Here are my properties of use :

1.I do everything related to DNM's on a TAILS USB, nothing on my windows.

2.I use another USB stick as a delicate information storage - all passwords and usernames to all markets (it is highly encrypted with 140+ bits passwords that are kept on a separate USB..) - Both the TAILS USB and the Password USB are now kept perfectly safe out of LE arms.

3.Using Electrum as my wallet for bitcoins, while buying only In-Person cash-trade bitcoins.

4.Electrum runs from the Persistance on my TAILS USB stick.

5.I just manually deleted the TAILS I downloaded from windows "shift+delete" in hope there is nothing else related left on there (any other deeper cleaning methods are welcomed!)

6.80% of the time I'm with TAILS is when I'm at my work wifi which is a sign in wifi that requires opening the unsafe browser.. I also send all orders through this network using PGP.

I think I got it all covered with the network safety, although I am concerned they might be able to recover some infromation from my hardware that reveals the fact I'm running TAILS on this machine.

I am willing to do as much as possible to reduce their abillity to find anything related to me using TAILS and especially the DNM'S.. What could be done extra to ensure that???

"I never do drugs, Never... so that when I do.. theyr'e way more fun" - Louis CK

Thanks in advance,

Peace


Comments


[77 Points] KartelKing:

Put everything in a microwave and press popcorn...


[73 Points] newprofile15:

Pretty funny to drop by and see threads that will later be used as evidence in your prosecution for obstruction of justice and destruction or evidence.


[44 Points] CocaineNose:

80% of the time I'm with TAILS is when I'm at my work wifi which is a sign in wifi that requires opening the unsafe browser.. I also send all orders through this network using PGP.

wtf? why would you do anything at work?


[43 Points] tpsmc:

DBAN the shit outta everything including USBs. http://www.dban.org/

Reload with windows, Fill it with christian websites and gay porn. If they ask why you wouldnt let them search your computer.tell them you didnt want them to find out your "secret"


[32 Points] None:

I would DBAN, and even throw the computer \ hard drive out if I don't have the time . DBAN your HDD if you can , your SSD won't be erased though so take it out if you can and throw it in a big body of water lol


[36 Points] GMU_TheHulk:

Delete everything, fill your hard drive back up with as much shit as you can. Rinse and repeat. Dban. Then tear that shit out of your computer and throw it in a blender. Throw the smashed hard drive out somewhere public where the trash is taken to a dumpster daily. Get a new hars drive and download a bunch of games, buy a movie or two. Do this immediately. Give them the computer when they have a warrent for it.


[24 Points] None:

[deleted]


[19 Points] hdheuud:

Fuck your hard drive up as quickly, and as bad, as possible. I don't care if this means pouring your Starbucks on your new i-laptop or whatever you call them, and then furiously bashing it against the wall while your door is being broken in. Just fuck your shit up hard and fast so nonone can recover anything


[13 Points] None:

Time Sensitive:

Go across town and make sure you aren't followed, and toss the hard-drive.

Time OK:

Hide your laptop with it plugged into the charger. Boot up DBAN and run it. I've run it and it took 24 full hours of constantly running on a 500GB hard drive.

I used the 7 pass DOD standard.


[11 Points] mindfulmu:

You gotta remember a few things about police forensics. They don't need all the pieces, just enough to tell a story in court. So long as your not dealing or consuming sizable amounts you'll be under the radar. Be mindful of any sizable amounts of cash on site, have no professional scales, baggies, fuck don't even have a food saver. Have nothing on site that says "I could be dealing drugs", as an added precaution I would buy a nice metal flash drive and see about disguising it as an old usb charging cable.


[5 Points] Purpleducksss:

Start by clearing the data on your ram.. You can do this by going into task manager. Google it.

Run dban from a disk on your HDD and SSD (if you have one). Go to a pawn shop and sell those HDD(s) and SSD(s). If there isn't a pawn shop in your area or they won't accept them, then goto a a recycling center and drop them off. If you still can't do that, remove labels from the SSD/HDD(s) and file of any serial numbers. Then proceed to throw them in a dumpster.

Proceed to remove the bois battery and ram. Let them sit for awhile to ensure any cached data is gone.

Afterwards buy a cheep 500gb HDD. If your buying one online use a prepaid gift card and send it to a buddies house. Best if you can do this via public wifi. (Eg. Library). If buying from a retail store buy in cash.

Before installing windows, change this bois date and time to sometime before this investigation started. I'd say 6 months before is a good time. Make sure this time is after the computer was manufactured though.

Install windows. Windows 7 or 8 would be best, but again - it should match the date of manufacture. If your using windows 8, don't connect it to a Microsoft account use a local account. Set the system time/date manually, don't use time servers. Once again this time should match the bois timeframe.

Visit shady sites - but nothing illegal. R/trees and other reddit sites are okay but stay away from this subreddit. Install and uninstall programs. Every once and awhile skip the system time and date a day or to. Every once and awhile you can skip a week or five days or so, but keep usage consistent.

Keep skipping the date and using it. Reboot the computer. Simulate regular usage don't forget to skip the bois time along with your system time.

Keep your USBs out of your house.

Best of luck.


[8 Points] KimJongUntouchable:

5.I just manually deleted the TAILS I downloaded from windows "shift+delete" in hope there is nothing else related left on there (any other deeper cleaning methods are welcomed!)

Do you have an SSD or HDD? If you want to engage in destruction of evidence you could use the program "Eraser" [1] to run a three to five pass free space wipe. Shift delete only says to remove the files from the allocation table, it doesn't actually erase the underlying data. Eraser will erase the "free space," which is where the remnants of your files now are.

[1] http://eraser.heidi.ie


[3 Points] Trashthisshit01:

Destroy that fucking thing. Better to have an "obstruction of justice" charge then to be hooked for fucking money laundering and drug sales.

LE can't charge you with destroying your own property either if it wasn't ever admitted into evidence :)


[3 Points] None:

Three answers: Thermite, ANFO, or a sledgehammer


[5 Points] rogueXleader:

Have a "robber"(friend) "steal" it and see how much further they pursue it. Even if you file a police report over something stolen, they almost never find it


[3 Points] BicycleBitch:

How'd you get yourself in this jam Buddy?


[3 Points] iamdnm:

you seem to know what you are doing and why, thats the most important thing.

also, stopped using tails and started using VM, mostly because if you persist your Tails.usb, you will remove the amnezic features that tails offer, it is why its not recommanded to persist tails, but rather have an encrypted usb and use it as storing for data. this way, whenever you start up tails its fresh no history!

thats the way tails is supposed to be used and the safest way.


[3 Points] None:

Be honest, did you get caught with a dime in the mail?


[3 Points] Wikdd:

Woah,

So how this works is, "I'm not sure what this is all about, but I would like to seek counsel before this goes any further"

LE: So why are you... <--- Cut them off "I'm not sure what this is all about, but I would like to seek counsel before this goes any further"

Of course you have an OS on a stick that gets around your companies filtered network, it also keeps your private info secure when you're using the public Wifi @ Starbucks...most of us tech savvy folks do.

We have all heard the horror stories of people abusing the TOR network (not the dark web)...but not you, man!

Now if someone advises you to cooperate, I don't think a microwaved laptop or vanilla install of Windows is going to help. But now would be a good time to start using that new USB 3.0 thumb drive you got since the your TAILS upgrade got so corrupted. ...I'm also sorry you never got that persistent feature working, but since you never needed it anyway, who cares, right?

Can you semi-share why this is the second time you're being harassed for using the TOR network? Also, don't forget, pretty much every attorney does a free consultation. If you work in IT and deal with new vendors wanting your business, we call this "free consulting". Only in IT you usually get lunch and a t-shirt too :P

Good luck.


[3 Points] xxam925:

Call a fucking lawyer.


[3 Points] Macboogie:

Why even have a HD in the system you DEDICATE to TAILS?


[3 Points] TotesMessenger:

I'm a bot, bleep, bloop. Someone has linked to this thread from another place on reddit:

If you follow any of the above links, please respect the rules of reddit and don't vote in the other threads. (Info / Contact)


[2 Points] shortbitcoin:

Magnets, bitch!


[2 Points] EVILEMU:

Shift delete does nothing to delete a file. It's like ripping out a page of the index of a book instead of going to the page the actual data is on. Unallocated memory is just flagged to be written over in the future. When you delete, you aren't really deleting it. You need a program to write 0's into your harddrive like 10 times. Or.. Just destroy it? There are logs on your computer that show when USB devices are connected. If they find those, they'll come after them.


[2 Points] deepdot:

they asked if I would mind giving them my PC for a lab inspection

Ohh wow thats nice of them... usually it will be the first thing they will grab.


[2 Points] GreatSince86:

I've been involved in two computer crime based cases. One being international. The best tip I can give is to completely remove these items and everything related to the Internet from your home. Depending on your state, an IP address does not equal a person. If they come in your house, find nothing to do with the Internet, it doesn't look good. A judge will not reissue a warrant usually. However, Based on what you you've said, they may be trying to trip you up into making such a mistake. If you destroy the data, they can tell and will charge you with hindering prosecution.

Edit: if you're really paranoid, create a craigslist post selling your shit. Create an anonymous Email and have a fake conversation with yourself involving buying the items. Fake meet, etc etc claim you blew the money at the bar.


[2 Points] None:

LE usually tips me off right before they're about to check mah shit out.


[2 Points] Neurbles:

There is an order to take this is, and the steps are not as obviosu as they sound.

First work out what has happened. Second, work out why the police have done what they've done. Then work out what you can do about it.

What's happened? You've been caught with drugs in the mail. Twice. And the police have requested, but not taken, your computer.

OK, so how did you get caught twice? Do you know how you got caught? Is this random? If you're fairly sure that this was random, then the next stages will involve more chilling. If there is an unanswered question how you got caught, then you're gonna need to take a lot more precautions. After you were caught, did they look like they were taking it less seriously than you would expect? Or more seriously? Or just about what would be normal if a minor crime came to their attention by accident?

Why? Asking you for your computer? That seems pretty lax, right? so what the hell's going on? - are they trying to set you up by getting you to destory evidence? Well there would only be a point in that if they knew they wouldn't lose anything if you destroyed evidence and if they needed an extra charge to get you on. - Maybe it's a shakedown - they want to see if you behave unusually now that you know they're after you. Well, of course you're not going to connect to the DNMs and buy more drugs, but maybe they're expecting you to phone your Mr. Big and tell him the game's up. So, uh, don't do that! - Maybe they just really don't give a fuck and if you're not gonna just give them the computer, perhaps they'll get round to a warrant one day, but will prioritise looking at it well below coffee and donuts...

OK, you're coming out of this pretty well so far - the only way this would make sense if you were in serious shit was if they had some Ulbricht level survelliance on you and are waiting to see what you do next (or if you're up to some shit IRL and the postals are just what you're asking us about).

What can you do? Well number one, you lose nothing by getting rid of any external storage. Covering your tracks with your PC is pretty difficult after the event. Yah, you can do a disk wipe and full reinstall (copy as many settings, files, cookies, etc. over to the new install as you can, though obviously not those from reddit, google, etc.), but do you need to? If all you have to hide is that you once had a Tails iso on your machine, that doesn't mean much in a prosecution. But if you've been lazy with opsec, then your google searches, your own notes and evidence of broswing forums and using disposable emails is probably what would come up to bite you (Your BTC are not linked to anything, right?). If you may have been lazy - reinstall. If you haven't been lazy, then they still may be tying together all your online traces, may have 'stained' your computer (probably reinstall-persistent) using zero-days in TorBrowser and malicious code on the DNMs, but that would mean there's a much bigger operation afoot than just trying to catch you, and so why would they let you know that anything's up?

I think you need to worry less about your PC and more about your daily behaviour - is there anyone around you who knows enoguh to snitch? Have you phoned anybody at key times that might give them clues (or might have led them to you) and, most importantly, is there any shit in your house, no not drugs, but anything weird - lots of burners, piles of cash, fake IDs?

But it all starts with the first question - what is actually happening here - random, or are you part of an operation?


[2 Points] therealjohnmadden3:

You should first encrypt your hard drive, then put a magnet on it, then dunk it in the toilet. Take a shower with it. Fuck it in its ass. Then smash it up, get the disks inside and light them on fire (with gasoline can't use anything else, this is called "safe erase") . Then throw it away in your girlfriends moms friends neighbors kids friends cousins trash... Go on amazon and buy a new hard drive.

Repeat with router, modem, networking equipment at work. For safe measure destroy the Ethernet cables too.

If you read between the lines simply destroy your disk (i mean really destroy it) and get a new one. You could just destroy the whole computer and get a new one but this isn't necessary BC the hard drive is the only form of non-volatile storage in the case (your BIOS/CMOS doesn't know you're using Tor).

Do you have onboard NIC? If so, and if you really want to go all tinfoil hat you should just smash the motherboard to bits with the hard drive - not that they have your MAC address but, you know, just so they can't have it. Otherwise get a new NIC


[2 Points] theglarbh:

DBAN your hard drive, reinstall Windows etc., but don't give them the drive! They'll see that it's been freshly erased and a fresh copy of Windows has been put on it.

Just remove the hard drive before you give them the laptop. Store hard drive in a secure place away from your property / with a friend. Fully encrypt and securely erase a USB stick, then format it. Create a pendrive linux OS on it (Google 'pendrive linux'). When they ask why there's no hard drive just tell them you run a pendrive OS for portability because it means you can take it anywhere with you.


[2 Points] funhooawayyboy:

SOOoooo ... why don't you buy a virus that destroys your HD??? Getting a virus is definitely not the OP's fault, and the right one would fuck up the HD.

You kids are getting caught up in the damn weeds too much. Too smart for your own good.


[2 Points] J0NJ0NES:

So much bad advice being given here, it's amazing. Don't put a magnet to your computer. I'll give you the quick and dirty, since it seems that no one else is able to.

Firstly, it sounds as though from your description, that your hard drive doesn't have any trace of Tails (not that it matters, as Tails is not illegal). Keep in mind that Tails was designed to function like this.

Secondly, your persistent volume (you say on a USB stick) is as safe as the strength of your encryption. Really, you shouldn't turn this USB stick over, but regardless you should have an encrypted backup of this data in a safe place.

Third, common sense dictates that you should probably lay low now that LE is on to you in a sense.

That's it. It looks to me as if you need to do nothing. Also consider that if they're serious about coming after you, they're probably watching all your communications. The fact that they told you that they were onto you tells me they were fishing, and have no inclination to go any farther than they already have. Just a scare tactic IMO. Make sure you don't come up on their radar, and they're probably going to leave you alone.


[1 Points] None:

DELETE FUCKING EVERYTHING


[1 Points] Kixzoh:

If you want to make sure that everything you deleted cannot be recovered, download tons of shit to completely fill up your hard drive. Delete it all and do it again. Nothing is really ever deleted until it is overwritten.


[1 Points] procowtipper:

Burn your house down?


[1 Points] Gomba1:

It all comes down to a very simple situation - if they got your computer open and grabber your habds before you were able to shut it down you are done (See Ulbrichts case). if it was shut down and encrypted you should be fine.


[1 Points] Njsamora:

Get a large magnet and put it all over your computer, then delicately insert a sledgehammer to the motherboard or some 223 rounds at a distance.


[1 Points] jrhiggin:

Try to get appointed high up in government and run for president.


[1 Points] Jaymacmac:

Disassemble your pc, i wouldn't bet on you getting it back if it's taken, that's what i'd do anyway. The police are assholes.


[1 Points] None:

FRY THE DRIVE FRY THE DRIVE FRY THE DRIVE


[1 Points] _GordonBombay:

Why would LE just leave your computer? They'd take everything if they had a warrant. Call a lawyer.


[1 Points] None:

First flight to Russia.


[1 Points] MrArchibaldMeatpants:

Here's an idea...damage Your HD beyond recognition ASAP If you have something to hide .

Or lose the computer before they come back.


[1 Points] Profesco:

I interned in computer forensics. The only thing that you can do is dump your hard drive in saltwater for a guaranteed non-readable hard drive . Shift delete does nothing when it's given to law enforcement with the proper equipment.


[1 Points] None:

Throw out the laptop, better yet burn that sucker. Buy a new one and hand them that to foresiclly analyze


[1 Points] young_k:

take a giant and very powerful magnet to the spindles of your HDD, if you have an SSD, well, wipe the shit outa it cause i think they can't recover it from SSD's, but if they can and i'm wrong someone say so!

SSD's can go under a car tire and run the bitch over, then hammer it to shit for good measure.


[1 Points] TheSwolestBro:

Nothing. Everything should already be 100% airtight. If you have to do anything in response to your computer being seized you've already lost.


[1 Points] None:

Personally I use a homemade thermite pack(Iron oxide and aluminum powder and a match) attached to the HDD itself. Pull the string on the pack and run like hell


[1 Points] LockandLoadLabs:

Encryption is the answer you're looking for. Even if they seized it they cannot compel you to give them the password unless they know exactly what they're going to find. This has held up in court time and time again. Encrypt the entire drive and you can use your computer normally.


[1 Points] Hank_Vendor:

ok, so as everyone here has just gotten into a debate about what is and isnt stupid in your list of things you do... I'll actually attemp to answer the question.

I would copy things related to you onto a new usb stick, hard drive etc.

GO buy a gumtree pc/laptop/whatever the closest spec to what you have.

Dump your 'you files' on that.

The cops i imagine arent bothered about you possibly deleting shit from you own machine as nothing really gets deleted and they will still be able to recover loads of stuff.

So fuck them and switch the machine.

(if you have a stupidly expensive computer then just buy a new hdd and [as i dont know shit about this stuff] any other component that they might be able to link to thepackage)


[1 Points] Swansonisms:

By the sounds of things your about to get robbed. Fuckers are going to get your laptop and various other things around the house as well. Call the police, file a report, the whole 9 yards. You can't be responsible to provide evidence that has been stolen from you and documented as stolen. You might even go so far as to leave a note for any potential burglar asking them to wreck the computer for you. All hypothetical tho.


[1 Points] None:

What kind of resources do you think would be spent on finding stuff on your computer? National security guidelines specify that in order for secret data to be considered "gone", the medium on which the data is stored needs to either be pulverized or incinerated (or at least it did about a decade ago when I took computer security/forensics courses in grad school). But that's like, top-secret level stuff where they're considering the possibility of a foreign nation's intelligence apparatus attempting to recover the data.

For more routine stuff, there's no known (or at least declassified) method of recovering overwritten data, so the DBAN suggestions would work. Back when I took classes there were some theoretical methods using an electron microscope, but none had been proven and I don't think that's something you need to worry about.

DBAN takes a little bit to download and run. If you're scared that you need to destroy the data right now, I'd throw the drive in a fire (some suggested microwave - while that would instantly fry the drive controller, I'm not 100% sure it would destroy the platter before all the sparking messes up the microwave (and I've heard of people being able to recover data from a drive with a fried controller by transferring the platter to another drive with an identical controller); also this probably creates fumes that you don't want to breathe in), or disassemble it and smash the platter to bits, or both.


[1 Points] AussieCryptoCurrency:

I am now trying to prepare as much as possible to the moment they will seize it by warrant. Here are my properties of use :

Except not going on Reddit and posting this


[1 Points] Derkek:

Keep an axe at your desk and be prepared to render the hard disk platters inoperable, regardless of their location or status in that moment.

Be prepared to disable a platter even if it's still in the hard drive.. still in the computer.. turned on, even.

Point is, if you can't disable your data on a whim, you're living an unnecessarily stressful life.


[1 Points] None:

full drive encryption on all drives, if not many or not overly expensive, DBAN solution to erase but it is very time consuming to do many passes, it's actually faster to just fully encrypt the drive than erase them.


[1 Points] darmasus:

I don't think it would be a clever idea to get rid of the pc entirely because they will take you in and process you for messing with possible crime evidence. What I would do would be to go out and buy a new pc the same exact model and stash that one away somewhere else they will never get their hands on.


[1 Points] prisonsurhome:

You should maybe not ask this on Reddit?


[1 Points] Insanity_-_Wolf:

You don't need usb. Just creat trucrypt virtual container with atleast 25gb. Create false container within so you can enter different password and leads to different partition, but looks the same. On the "real" partition install vm file and use vmware or vitualbox. Fill the false container with a bunch of trap porn. Whenever you don't use, dismount. If you hit power on pc, that is also effective.


[1 Points] Mith8:

My suggestion is that when they've discovered you've tampered with evidence, you get on your hands and knees and beg them to forgive you.


[0 Points] neep6:

.


[0 Points] MaxSalt:

microwave your computer


[0 Points] DickClarkFive:

I'm more interested in how you got pulled into an investigation. Where do you live? What where you ordering? What stealth did the vendor use?

Was it domestic or international orders? Where did it get intercepted? At customs? At your local PO?

You've gotten some pretty solid tips on how to dispose of your HDD here, now share with us how you got intercepted and pulled into an investigation... that would help us.


[0 Points] None:

wouldn't taking a electro magnet to a HDD be the fastest way


[-5 Points] Retardeed:

Dont know much but I'm confused to why people are saying too destroy your hard drives just hide it somewhere else


[-7 Points] 1upped:

MICROWAVE EVERYTHING