Silk Road forums
Discussion => Security => Topic started by: Soma007 on September 10, 2011, 01:09 am
-
Hey Guys,
I have been looking for a complete guide to setting up a secure OS, Truecrypt, PGP email on a USB stick. I would like to be able to store files, bitcoin wallet, PGP keys and messages on the encrypted USB.
Can anyone give me a good easy to follow guide? I am sure this would be useful to all members and help us all with security.
Thanks!
Soma
-
TrueCrypt is quite user friendly. We have successfully encrypted all our computers and a USB secure drive. A guide may be useful, this could be a niche in the market :) if anyone can be bothered writing it.
-
I agree TC is pretty easy. That part I got down... I think the linux bootable USB is what I have trouble with... I know about TAILS but I want encrypted storage, bitcoin wallet and GPG.....
I know I have seem some postings but need kind of a walkthrough or guide...
Thailand huh? Yeah know that... a drug of another kind....
-
Let me guide you for a moment, in a logical / strategic sense (no specific steps).
For Windows XP/Vista/7 all you do is:
(i)Disable your PC HDD's in bios (Important to protect the MBR)
(ii)Plug in USB
(iii)Put Windows CD in tray
(iv)Switch on PC and install Windows to the USB
(v)Re-enable your normal HDD in bios
(vi)Boot to your USB Windows and install truecrypt
(vii)Follow the truecrypt instructions.
thats 1 of *many* ways to achieve the goal. I took a few extra steps to preserve the integrity of you existing HDD. Expert users dont need to do those steps (bios etc).
If Linux:
Very easy, just install Ubuntu or Debian. They have their own full encrytion options when you install. AES 256, same as truecrypt. The linux option is much easier.
*Also* you can install Linux on a USB from within Windows using a program called 'Unetbootin'.
-
Liberte Linux uses OTFE, but is too lightweight for TrueCrypt.
But, it's a fortress. The security measures used in it will blow your effing mind! It's worth learning how to use.
-
Liberte looks awesome. If you can install it encrypted that will be the way to go.
OP: If Linux is your thing, get Ubuntu. Boot computer with Ubuntu in drive and install to the USB. Use the LVM & encrypted option (Option 4) when you get to it on the partitioning options. This will install the OS on your USB and Encrypt it fully. None of your other HDDs or OSs will be affected. The encryption is the same level as truecrypt.
I don't see any guides for this method, I think maybe because already its too easy.
-
What size USB drive would you need for this?
-
What size USB drive would you need for this?
Depends what OS you intent to install.
1GB: Maybe a small Linux (eg: Damn Small Linux)
4GB: Some older/slimmer/refined Linux Distros
8GB: Windows XP, Maybe Debian 6 Linux
16GB: Almost any Linux
32GB: Windows 7 (I guess, never tried it)
-
I have a 4GB USB flash drive.
I installed tails to it using unetbootin.
I then used Gparted to shrink the tails partition on the drive leaving 3GB+ of un allocated space.
I then created a 50mb partition ext3 and put truecrypt portable on it.
I boot to tails, mount the 50mb partition and use truecrypt to create an encrypted partition.
The encrypted partition has keepass database, gpg stuff, documents etc.
Really simple.
-
Liberte doesn't 'install' per-se. You jsut copy it and dump a boot laoder. You can use a USB drive as small as 512MB, but your persistent, encrypted storage would be tiny.
Liberte is more like a live iso, but with persistent storage and settings. It's stupdily easy to set up and run. If you can copy, paste, and read 3 sentences, you've got it covered.
-
I really want to give the TAILS system a go but the problem I have is the wireless doesn't work on any of the computers that I use it on. No drivers I guess. How can in install on the Tails USB? What am I doing wrong?
-
I had no luck with TAILS either. I went with Liberte because it's based on Gentoo and you can build-rebuild if you need to. Fully customisable build system. Not for the inexperienced, tho... The 'stock' verson is very lightweight and does not support the Bitcoin Wallet or TrueCrypt. It does use OTFE for encryption,and if you have an online wallet, this issue doesn't apply. If you're feeling really special you can include the dependencies for TrueCrypt and the Bitcoin Wallet in a custom build.
-
+1 for anyone who sets up a live-distro that will run from a flash disk.
I'd even pay a decent price everything just worked and i didn't have to fuck with it
-
+1 for anyone who sets up a live-distro that will run from a flash disk.
I'd even pay a decent price everything just worked and i didn't have to fuck with it
Err... Did you read the thread? It already exists.
-
Truecrypt can be cracked within 15 minutes using evilmaid so why do you think it is the answer to all problems...
-
I use bestcrypt software.
Its good and simple. There are many other security feature enabled; dod wipe, encrypt/wipe win swap and temp files/schedule to wipe tmp files from all software installed, Pgp keys etc etc
edit
It create container where you place your files. Its mounted like any drive and can be copy to usb, cd, dvd or any media. That drive is a file actually big like your container.
You mount this file/container and that is! All exchange between bestcrypt engine and OS e.g. temp,swap files are encrypted in real time. You can run programs from it because its behave like drive. New container can be encrypted with many cyphers (blowfish,idea,triple des,gost,cast,rijandel,serpent) Have a crypt maneger and key manger where you can import/update new cypher or key.
-
Truecrypt can be cracked within 15 minutes using evilmaid so why do you think it is the answer to all problems...
What is this :D It can't "crack truecrypt". This 'Evil Maid' thing is nothing more but a variation of a hardware key-logger, and TrueCrypt users usually take certain measures to protect against that.
-
+1 for anyone who sets up a live-distro that will run from a flash disk.
I'd even pay a decent price everything just worked and i didn't have to fuck with it
Err... Did you read the thread? It already exists.
Bitcoin and PGP and everything? I recently had someone set me up with an encrypted a puppy distro, but I still can't get my wireless card to work with it. I was wishing for plug and play
-
Truecrypt can be cracked within 15 minutes using evilmaid so why do you think it is the answer to all problems...
I can crack any encryption by knowing the password...
-
Bitcoin and PGP and everything? I recently had someone set me up with an encrypted a puppy distro, but I still can't get my wireless card to work with it. I was wishing for plug and play
PGP yes.
Bitcoing and TrueCrypt, no.
But, I explained why Bitcon and TrueCrypt aren't needed.
It's also got that handy 'srm' command...
Plug and Play is a wish, for sure. ;-) How much you wanna pay me for a custom build?
-
Would appreciate some tips for a 64 bit machine. I remember that when i first started looking into creating a bootable USB drive with everything on it i had some problems with installing Ubuntu and making PGP etc. work on it.
-
Bitcoin and PGP and everything? I recently had someone set me up with an encrypted a puppy distro, but I still can't get my wireless card to work with it. I was wishing for plug and play
PGP yes.
Bitcoing and TrueCrypt, no.
But, I explained why Bitcon and TrueCrypt aren't needed.
It's also got that handy 'srm' command...
Plug and Play is a wish, for sure. ;-) How much you wanna pay me for a custom build?
Part of the whole reason I'm trying to get this system setup is so that I can stop relying on online wallets. I'd also want a back-up of all my sensitive information online somewhere, just in case I ever lost/broke my flash drive.
If you put together a build that had the bitcoin client configured to work through tor, had a decent password/keyring manager, had an easy way to back-up my permanent storage online, and worked fine with my netbook, I'd throw down at least 20btn.
Of course I'd want at least 1 month of customer support service.. and I'd have to figure out a way to be sure that you didn't hide any spyware/zombie net software on it..
ahh pipe dreams.
-
I'd have to figure out a way to be sure that you didn't hide any spyware/zombie net software on it.
If you don't know how to do this task yourself, you don't have the skills needed to sate that paranoia. It becomes a "smart people can't be trusted" game.
I've pointed at Liberte enough. It has a great custom build system. If you've ever used Gentoo you'll be right at home. What you want and more is within reach, you'll just have to stretch yourself a bit. Learn something new, it'll be fun! :-p Liberte even explains why the used Gentoo and security proofs of their method.
It's all on the website... All ya gotta do is read it. I'm going to stop answering in this thread because it's people asking for something that already exists, it just takes a little work. I did it...