Silk Road forums
Discussion => Security => Topic started by: Heyenezz on March 16, 2012, 09:10 pm
-
I'm now using Tails to post here and now keep my private info inside an encrypted container as a Tormail attachment.
1. My clock is off by several hours. How concerned if, at all, should I be?
2. Can incriminating data be recovered from a USB containing Tails?
3. Tails lacks "persistent entry guards," whatever those are. Why should I care and what can I do about that to be more secure while using Tails?
4. Will HDD erase render incriminating data on my HDD irrecoverable?
Thanks for any assistance!
-
I'm not a tech expert myself, far from it, but I've been using TAILS for a fair while and can answer a couple of your questions (although you should probably get a second opinion just to be safe)...
1. A message comes up when the OS boots telling you that Tor requires a synchronised clock to work properly. I'm not sure of the implications of that, though.
2. No idea, I'd very much like an answer to this question as well! Does it write to any storage media attached to the computer, anything at all?
3. No idea.
4. Yes. You can download a boot disk called Darik's Boot and Nuke (DBAN), which will repeatedly overwrite all sectors on your hard drive, making all data on it completely unrecoverable by any means (unless, of course, the CIA, MI6, Mossad etc have some way of doing it, but that info wouldn't get into the public domain, and I doubt they're concerned with Silk Road). Once you've got all the data you want to keep and put it somewhere safe like a DVD or flash drive, boot up the computer from the DBAN boot disk, and wipe the hard disk using the 3-pass option (one would probably be enough, but always best to be safe, less chance of an error leaving data remnance). There's always the 35-pass Gutmann method if you're ultra-paranoid or have a really old HDD (in general, HDDs built after 2001 are generally safe) but be prepared for a very, very long wait if you choose this option. Don't use ANY other method or software, AFAIK none of them are confirmed to be 100% safe. Plenty more info about this on the internet if you want to learn more.
Hope this helps :)
P.S. Although you may have an encrypted volume, if the volume was unencrypted at any point then it will leave unencrypted data on your HDD. It has to be encrypted from the start. It's safe to unencrypt it using a Live USB system like TAILS, though. If you had it unencrypted on your HDD at any point, I suggest you wipe it using the above method.
-
1) I'm not sure why they give the warning on the setting of the time. I'm not sure why that is required.
2) Supposedly not. It does not even save bookmarks unless you specifically made changes to it. The only way it saves data is if you set up a persistent directory using an encrypted container. It even wipes the ram memory when shutting down.
3) Not sure exactly what they mean by persistent entry guards but, Tails works as if it is a new installation each and every time it boots up.
4) Try this. It's free and DOD approved. http://pcwin.com/downloads/Dod-Disk-Eraser.htm
-
1. My clock is off by several hours. How concerned if, at all, should I be?
Tor will not work unless your clock is correct.
2. Can incriminating data be recovered from a USB containing Tails?
you will need to tell us more about your setup
3. Tails lacks "persistent entry guards," whatever those are. Why should I care and what can I do about that to be more secure while using Tails?
Entry guards make it so if an attacker is trying to locate you they can only get as far as the entry guards you're using (unless they also control the entry guard). If you're not using persistent entry guard nodes then you may randomly select one that's controlled by the feds and has a pen register or trap and trace in effect on it. I have been told by someone that you can make amnesia use persistent entry guards if you commit your guard nodes' IP addresses to memory but that is a huge pain in the ass. I suppose the next best thing to do is use random public wifi hotspots in addition to Tor.
4) Try this. It's free and DOD approved. http://pcwin.com/downloads/Dod-Disk-Eraser.htm
not sure where you got that from but DoD recommends degaussing and incineration: http://www.oregon.gov/DAS/OP/docs/policy/state/107-009-005_Exhibit_B.pdf
-
1. My clock is off by several hours. How concerned if, at all, should I be?
Tor will not work unless your clock is correct.
2. Can incriminating data be recovered from a USB containing Tails?
you will need to tell us more about your setup
3. Tails lacks "persistent entry guards," whatever those are. Why should I care and what can I do about that to be more secure while using Tails?
Entry guards make it so if an attacker is trying to locate you they can only get as far as the entry guards you're using (unless they also control the entry guard). If you're not using persistent entry guard nodes then you may randomly select one that's controlled by the feds and has a pen register or trap and trace in effect on it. I have been told by someone that you can make amnesia use persistent entry guards if you commit your guard nodes' IP addresses to memory but that is a huge pain in the ass. I suppose the next best thing to do is use random public wifi hotspots in addition to Tor.
4) Try this. It's free and DOD approved. http://pcwin.com/downloads/Dod-Disk-Eraser.htm
not sure where you got that from but DoD recommends degaussing and incineration: http://www.oregon.gov/DAS/OP/docs/policy/state/107-009-005_Exhibit_B.pdf
1. K, thanks
2. Tails is the only thing on my USB. My C drive's encrypted with Truecrypt. In the bios page, USB is set to boot before the HDD.
3. Sounds complicated. Doesn't sound like a huge security risk though I'd like to avoid it. Has anyone been traced using persistent entry guards?
4. I'm specifically referring to the programm HDDerase. More info is here: https://en.wikipedia.org/wiki/HDDerase
I'm in no position to physically destroy my HDD. I just want to know if it renders all erased data irrecoverable. DBAN wouldn't do because it won't erase data that can't be accessed using block writes.
-
Clock needs to be set correctly so authority consensus can be validated