Silk Road forums

Discussion => Security => Topic started by: Hungry ghost on May 13, 2012, 12:45 pm

Title: running GNUPG4WIN from USB?
Post by: Hungry ghost on May 13, 2012, 12:45 pm
Hi, I had my Tor browser bundle and GNUPG on my laptop, but I want them set up on a removable USB Drive so I can use them and not leave much trace on laptop. Tor browser bundle works fine, as it is designed for this.
However, I uninstalled GnuPG and all components from :C and reinstalled it on my USB drive (an old phone for now, soon to be replaced with a thumb drive) When I launch GPA from the USB the keypair I had made on the earlier installation and some public keys I had been experimenting with, were still in evidence. Clearly some files are being saved on my laptop. How can I avoid this?
I basically want to run Tor and the GnuPG off a USB and not save anything on the laptop. My laptop BIOS cannot boot from USB so I cant do the separate OS thing. I'm not after perfect security, TBH I'd be fairly relaxed about ordering stuff with current set up but I would like to do the best I can, if only as an intellectual exercise.
Title: Re: running GNUPG4WIN from USB?
Post by: Chuck Schumer - Democrat on May 13, 2012, 02:38 pm
I think it is possible to run GPG (the command line version) from USB (but I'm not sure), but not GPG for windows, because that installs system files. 

There used to be a pgp app on the portable apps site, but it's not there anymore.

However, I did find this (requires java) open source port

http://ppgp.sourceforge.net/

and this, the commercial version:

http://www.symantec.com/portable

I can't help you anymore than that.
Title: Re: running GNUPG4WIN from USB?
Post by: tootiefruitie on May 13, 2012, 02:41 pm
run TAILS or Liberte from usb.  both include pgp encryption, and are more secure than windows!  NOTHING is saved to your hard drive while using  ;)
Title: Re: running GNUPG4WIN from USB?
Post by: Chuck Schumer - Democrat on May 13, 2012, 02:50 pm
run TAILS or Liberte from usb.  both include pgp encryption, and are more secure than windows!  NOTHING is saved to your hard drive while using  ;)

I've skimmed over the Tails stuff, but is it really necessary if you are only running Tor browser from a USB stick?

I guess my question is, does running the tor browser from your USB stick leave any evidence on your OS?  I've always assumed no.
Title: Re: running GNUPG4WIN from USB?
Post by: QwertAnon on May 13, 2012, 03:02 pm
You have to change the home directory of GPG to a path on your USB drive.
On windows it's stored in an environment variable. I managed to change it to my truecrypt drive, but I can't remember how. Looking into it though :)

Edit: woah, i found it.

the environment variable GNUPGHOME stores GPGs home path (if it doesn't exist gpg will use %appdata%\gnupg\ on windows 7)

To change it from control panel:
Quote from: some guy named Robert
Control Panel --> System --> Advanced --> 'Environment Variables' button --> System Variables list at bottom--> New Button.
Then enter (case sensitive):
Variable Name = GNUPGHOME
Variable Value = T:\SUPERSECRETSTUFFFBIPLZDONTLOOKINHERE\appdata\gnupg
actually I'm pretty sure it's NOT case sensitive, but w/e

To change it from the command line (does NOT require admin rights (at least not to change it temporarily)):
open the command prompt (cmd.exe duh)
Code: [Select]
setx GNUPGHOME T:\SUPERSECRETSTUFFFBIPLZDONTLOOKINHERE\appdata\gnupgYou can write that in a batch file and run it on other computers if you want to use your flash drive there.
setx might not be preinstalled on windows xp machines.

Edit #2: Move everything from %appdata%\gnupg\ to wherever you want it to be if you want to keep your keys and settings.

I think everyone should do that. I wouldn't want anyone to find keys of people with Dealer, Weed or Dope in their names on my machine, nor my private key, for that would link me to my silkroad account :P
Title: Re: running GNUPG4WIN from USB?
Post by: HC on May 13, 2012, 07:16 pm
Or just use gpg4usb. That's the easy way.


http://gpg4usb.cpunk.de/
Title: Re: running GNUPG4WIN from USB?
Post by: Hungry ghost on May 13, 2012, 07:34 pm
Ok thanks everyone for your replys. Gpg4usb sounds exactly what I need
Title: Re: running GNUPG4WIN from USB?
Post by: Hungry ghost on May 13, 2012, 08:12 pm
Yep, just been checking it out, that is exactly what I'm looking for. I'm thinking if I have TOR browser and GPG4USB on a thumbdrive and encrypt it with truecrypt, I can stick it down back of couch and if asked say "oh yeah I found that in the street but it seems to be encrypted, I don't know the password".
Also just burned TAILS to a disc. As I said, my laptop won't boot from USB so I need to boot from disc. This means I cant save anything ie keys and so will have to save them somewhere anyway; which brings me back to the same problem. I could just store them as text files on the encrypted USB...or just write em down somewhere. But now I can use GPG4USB with TAILS I think and problem solved. (if I encrypt USB with the TAILS onboard encryption, LUKS is it?
Title: Re: running GNUPG4WIN from USB?
Post by: HC on May 13, 2012, 09:00 pm
I never used tails, but if i remember right....

You can also activate truecrypt during the tails boot process.

-choose your language with the arrow keys..
-press tab, then space, type truecrypt, then press enter


oh, and if tails is a 64bit version of linux, then it might be necessary to install ia32-libs after every boot up to start gpg4usb. (sudo apt-get install ia32-libs)

But afaik Tor browser bundle shouldn't leave any traces on your system when you use it.
Title: Re: running GNUPG4WIN from USB?
Post by: Hungry ghost on May 14, 2012, 05:21 am
Well, my old laptop apparently won't boot from DVD either so no TAILS live CD for me. However, Tor bundle and GPG4usb on an encrypted USB seems pretty good to me.  Thanks again.
Title: Re: running GNUPG4WIN from USB?
Post by: phubaiblues on May 14, 2012, 07:26 am
Well, my old laptop apparently won't boot from DVD either so no TAILS live CD for me. However, Tor bundle and GPG4usb on an encrypted USB seems pretty good to me.  Thanks again.

It all depends on how paranoid I get, I mean, do I really think they are going to have hotshot hackers digging thru my shit?  Well, yeah, sometimes...

For me, I keep all my pgp keys and passwords and shit on one folder in the cloud.  Several good sites, like swssdisk.com where I can put it all.  Then I just use Tails, or since you can't boot from cd or usb, u might take a gander at this site here: https://www.privacy-cd.org/en as they mention some great dual boot issues. 

I usually run xpud or tails, I like trying different things tho, privatix or liberte linux...shit's happening in this area....lots of people on SR with good knowledge in this area...but running what you are running, I'd probably go with the privacy remix...o shit, u say u can't boot from cd either?  man, how old is that thing...man that would be pretty ancient...good luck...
Title: Re: running GNUPG4WIN from USB?
Post by: Hungry ghost on May 14, 2012, 09:28 am
Yep it's got 512 ram and a 37GB HD it's fairly old. It will boot from CD just not from DVD, it can play DVDs but not burn them. I may have done sonething wrong but I don't think so. I'm not like a tech expert but I have created live CD s before, I was playing around with a Ubuntu dual boot in the past. My BIOS has three options: floppy CD or HD. Strange as it doesn't have a floppy drive. If there's one of these OS that can boot from CD that might be good.
I'm not that concerned as I'll only be ordering small personal amounts. A few years ago me and my brother used to order stuff openly from online pharmacy in the phillipines., never had any problems. It's more just like a challenge now to get it set up stealthily. I liked the idea of the true crypt hidden OS behind a decoy so that if pushed to reveal your password you just give them the decoy with gay porn on it. But it seems like too much trouble to be honest.
     Im just researching now if there's a portable version of true crypt, so I can have a thumbbdrive with that on and an encrypted volume with Tor and GpgUsb on. Then if it's found I can say " I found it in the street but it seems to be encrypted and I don't know password" This seems to me a fairly elegant and self contained solution. My laptop then needs to have nothing on it. I was thinking otherwise it might seem suspicious that I have encryption software on my laptop and an encrypted USB stick.
Anyway if anyone would care to point out any flaws in my plan I will be grateful. Also, how do I give karma points, if that's the thanking system here?
Title: Re: running GNUPG4WIN from USB?
Post by: phubaiblues on May 14, 2012, 05:22 pm
Yep it's got 512 ram and a 37GB HD it's fairly old. It will boot from CD just not from DVD, it can play DVDs but not burn them. I may have done sonething wrong but I don't think so. I'm not like a tech expert but I have created live CD s before, I was playing around with a Ubuntu dual boot in the past. My BIOS has three options: floppy CD or HD. Strange as it doesn't have a floppy drive. If there's one of these OS that can boot from CD that might be good.
I'm not that concerned as I'll only be ordering small personal amounts. A few years ago me and my brother used to order stuff openly from online pharmacy in the phillipines., never had any problems. It's more just like a challenge now to get it set up stealthily. I liked the idea of the true crypt hidden OS behind a decoy so that if pushed to reveal your password you just give them the decoy with gay porn on it. But it seems like too much trouble to be honest.
     Im just researching now if there's a portable version of true crypt, so I can have a thumbbdrive with that on and an encrypted volume with Tor and GpgUsb on. Then if it's found I can say " I found it in the street but it seems to be encrypted and I don't know password" This seems to me a fairly elegant and self contained solution. My laptop then needs to have nothing on it. I was thinking otherwise it might seem suspicious that I have encryption software on my laptop and an encrypted USB stick.
Anyway if anyone would care to point out any flaws in my plan I will be grateful. Also, how do I give karma points, if that's the thanking system here?

Fair enough, and I'll let others point out any flaws, but I wanted to say that your thinking runs parallel to my own, which is that main secondary reason I come here, is for the "It's more just like a challenge now to get it set up stealthily." and you will find some really bright and quirky geniuses here.  I have a backup laptop, that I'm always changing around, going from dual boot, to a privatix cd boot up, to all kinds of different flash drive (USB) tails and liberte and others....

....my favorite *dual* boot that I;ve set up on most of them anyway, is xPud...but I also have a google chromeos netbook.  So here, if you do a little searching, hell I used to not miss a post in the 'Security' and 'Technical Support' threads...I first found out about Tails on here, and from there I found other forms of Virtual Machines and Dual Booting that I'd never even thought of before...it's a great crew here, and one of the best 'security' schools I've ever attended...

Anyway, way off topic, and I've got some of Opi's good shit, so have to go, check back later :)