Silk Road forums
Discussion => Security => Topic started by: twooten1105 on March 15, 2012, 09:52 am
-
Hey guys
I have been looking at these forums for a couple of months now and I am starting to up my security so I can start buying on SR.
I have put Liberte on a flashdrive and have it working properly. My problem is that I do not really understand what it does?
From what I understand liberte makes it so all the transactions you make and stuff you do on SR is stored on the flash drive instead of on your hard drive.
So would that mean that if I made a couple transactions from my liberte and then logged in to SR through the tor on my regular computer that I would not see my transaction history?
Also, will the flash drive with liberte on it work on any computer?
Sorry if I seem stupid, I just want to make sure that I have a solid understanding of security before ordering on SR instead of just blindly going at it.
-
I have been looking at these forums for a couple of months now and I am starting to up my security so I can start buying on SR.
I have put Liberte on a flashdrive and have it working properly. My problem is that I do not really understand what it does?
it boot your computer, load encrypted storage, initialize TOR, now you can start Midori and go where you want to go.
From what I understand liberte makes it so all the transactions you make and stuff you do on SR is stored on the flash drive instead of on your hard drive.
LIberte do not store and do not write any data anywhere not in encrypted storage on pen drive, not on hard disk. Computer hard disk even not mounted. unless you want to save some files, nothing will be stored.
So would that mean that if I made a couple transactions from my liberte and then logged in to SR through the tor on my regular computer that I would not see my transaction history?
all your transactions stored on SR server, so you can access it from any computer with TOR. but dont do it. security require discipline. keeping your activities on TOR to Liberte only will give you piece of mind. save any info you want to safe on Liberte in Douments folder or on Desktop, unless Liderte booted with your password this info cannot be accessed..
Also, will the flash drive with liberte on it work on any computer?
previous version of LIberte has had some issues with booting. it boot well on one computer and did not on other. It fixed now, you can boot LIberte from almost any notebook, or desktop and keep your work as it was before, all will be the same. also previous version had some issues with old version of Midori browser, now it is fixed too.
Sorry if I seem stupid, I just want to make sure that I have a solid understanding of security before ordering on SR instead of just blindly going at it.
if you use TOR and Liberte then there is only one security issue that is really matter, physical security of your pen drive with Liberte. Be save at any time, you computer clean, your Liberte in save place, your mind free of tension. If you will adopt that kind of discipline from beginning, your life remains normal. In most cases when people trying to implement workable security, solution in daily life, they creating enormous mess, as issue it self appears to be very complicated. Encrypted disks, virtual machines, routers, VPN servers ... that kind of hell, but at the end what matter most is where your LIberte pen drive stored physically.
-
I'd be careful about loading it on a laptop that probably has wifi. Or even a Desktop that has wifi. I wouldn't trust wifi. Unless your wireless is locked down extremely well (you really know what your doing) I'd use only a landline.
-
I'd be careful about loading it on a laptop that probably has wifi. Or even a Desktop that has wifi. I wouldn't trust wifi. Unless your wireless is locked down extremely well (you really know what your doing) I'd use only a landline.
that is good point, any wifi can be hacked and it cost about usd 5 to submit handshake dump to some WPA cracker web site and here is your WPA key. but in case if your key longer then 65 letters, then you are OK with WIFI. But suppose your key been hacked, then this key can be used to decrypt wifi traffic, but traffic dump still be encrypted by TOR. and sensitive info still can be encrypted with PGP.
WiFi still can be usefull and Liberte can recognize most of wifi cards, if it cannot work with your card, I would recommend ALFA RTL8187 usb card
http://www.data-alliance.net/-strse-73/Alfa-AWUS036H-1000mW-USB/Detail.bok
this card can be used to hack any wifi, WPE encryption cracked in 5-10 minutes, WPA will take more time and WPA cracker service. then you have a choice of connections in case of emergency. hacked wifi not bad thing to have, because your ISP can see you using TOR a lot.
-
Alright thanks guys.
So it seems that I dont want to use Liberte on a wifi connection and that I should just do all of my SR buisness on Liberte.
But since I already have tor on my computer, what is a good way to make sure I have completely wiped off all the data on my computer concerning tor and SR?
Any advice or tut would be very helpful.
-
One of the things that I don't like about Liberte is that it does not allow you to store data. I realize, for security purposes, that is suppose to be a good idea but, it's also a weakness in my opinion.
You need to maintain certain bookmarks on your browser. You have numerous passwords for your different sites, Silk Road, Silk Forum, Exchanges, Mixers, etc. That's a lot of info to memorize. Most people are going to give up even trying and write the info down somewhere. That's what's dangerous about it. I would much rather be able to save the data to an encrypted partition. Even my passwords I keep in a specially encrypted file. I also store the passwords in that file using an abbreviation system that only I know.
It's just too easy to get sloppy when you cannot store data on the Flash Drive. And I think that is a bigger security risk than someone or some agency cracking a True Crypt container.
I really like the idea of the Flash Drives that have a PIN that you must physically enter on the outside of the Flash Drive before the computer can even recognize it. All you have to do is pull the flash drive out of the USB (once pulled out you must re-enter the pin) and no one will ever get to your data unless you give them the pin. Here's a link to one of 'em: www.everythingusb.com/corsair-flash-padlock-2-flash-drive-18671.htm
I know if I were a Vendor this is what I would have. Pull it out at the end of the day and hide it. If the cops bust down your door just pull it out of your computer. Simple.
-
One of the things that I don't like about Liberte is that it does not allow you to store data. I realize, for security purposes, that is suppose to be a good idea but, it's also a weakness in my opinion.
you are wrong here. LIberte can store any kind on data, in fact sensitive data better be stored on Liberte only. you can store movies if you want. bookmarks and text files, pdf files. all your data stored here /home/anon/persist/
You need to maintain certain bookmarks on your browser. You have numerous passwords for your different sites, Silk Road, Silk Forum, Exchanges, Mixers, etc. That's a lot of info to memorize. Most people are going to give up even trying and write the info down somewhere. That's what's dangerous about it. I would much rather be able to save the data to an encrypted partition. Even my passwords I keep in a specially encrypted file. I also store the passwords in that file using an abbreviation system that only I know.
you can store your passwords in simple text file and it will be encrypted on Liberte pen drive and accessible only when you boot Liberte
It's just too easy to get sloppy when you cannot store data on the Flash Drive. And I think that is a bigger security risk than someone or some agency cracking a True Crypt container.
dont complicate things when there is no need to complicate it, I understand the need for testing different encryption programs in search for workable solution. for me this search ended with Liberte.
I really like the idea of the Flash Drives that have a PIN that you must physically enter on the outside of the Flash Drive before the computer can even recognize it. All you have to do is pull the flash drive out of the USB (once pulled out you must re-enter the pin) and no one will ever get to your data unless you give them the pin. Here's a link to one of 'em: www.everythingusb.com/corsair-flash-padlock-2-flash-drive-18671.htm
there is no need in such flash drive with Liberte as your data already encrypted with PGP, all keys automatically generated once you start Liberte first time.
I know if I were a Vendor this is what I would have. Pull it out at the end of the day and hide it. If the cops bust down your door just pull it out of your computer. Simple.
word of wisdom!!
-
I don't know, perhaps I have a good system for remembering passphrases, but I've been using Liberte for months now and I don't have persistence set up. I just boot it from CD ROM. Everytime I power down, everything is gone. I'm not able to store anything in Liberte, and frankly I don't see the need to for being able to operate here. There are a few creative solutions necessary to having your PGP keys accessible to import, but I'm pretty confident that it can be done securely :). This way I don't sweat anything besides being caught red-handed using my computer or perhaps the brief period of time in which they could freeze-preserve my RAM. But frankly that's a negligible risk unless you're big fry IMO.