Silk Road forums

Discussion => Security => Topic started by: vendor69 on June 20, 2012, 08:50 am

Title: Some security questions
Post by: vendor69 on June 20, 2012, 08:50 am
hello

i have set this account up as i dont want people to worry about there purchases with me. i am protected in many ways at the moment but i feel i could do better.

right now i have, TOR (obviously), GPG keychain access for storing my keys, Truecrypt for a file on my computer that i store sensitive info, product photos, etc etc (not addresses!!!)

i would like to be more secure and this is what i imagine. i would like to have a USB drive that i plug into my computer that holds all the things i need to run my business. , i would like my computer to not have the GPG keychain access application and maybe not even firefox (with tor bundle on it) on it.

i would then like the USB to have all the things i want to use in a hidden file so if LE found my USB i could give them a password that would reveal some big black mama porn or something like that, i would be using truecrypt because i wouldn't want my partner to find it.

how do i go about starting to do this. I don't want to have to reformat my computer, unless i have to, and i could really do with some help.

thanks in advance to those that took the time to read this.

Title: Re: Some security questions
Post by: mooshroom on June 20, 2012, 11:57 am
Would be much better to format your present system, reinstall and secure erase to be sure that nothing remains of the last system even after you formatted the drive.

Regarding your new system, look into Tails.

Truecrypt used this way is not necessarily secure, for example if you use Word to open a document which is in the encrypted truecrypt container, word will make autosaves and who knows what else on your unencrypted drive, clear to read. Other editors might delete the copy they make, but it can be still revived.
There might be trails left like the name of the file, size of the file etc, so it's not secure to use Truecrypt with your regular system this way.
Title: Re: Some security questions
Post by: cache on June 20, 2012, 03:05 pm
Your best bet is to (unfortunately) format your hard drive and secure erase it as previously suggested. I would then install your favourite operating system and use it for day to day stuff.
For dodgy shit, get a big MicroSD card and download Liberte Linux, install that to the MicroSD and boot your computer from it. Liberte comes preconfigured so all internet traffic runs through Tor and it based on a hardened kernel. It is almost as secure as you can get and was originally designed for purposes very similar to ours.
Configure Tor to run through bridges and you should be set.
When you install Liberte to the card you should choose LVM and full disk encryption, that way the whole thing is secured with 256 bit encryption and is essentially uncrackable. You do have the problem of hiding it, but MicroSD cards are so small that it would take a very thorough search team to find one if you hide it well.
Title: Re: Some security questions
Post by: vendor69 on June 21, 2012, 01:48 am
Thanks for the advice :) I think i forgot to mention something important though, I;m on a Mac.  ::)

Does Liberte still work?
Title: Re: Some security questions
Post by: cache on June 22, 2012, 11:27 am
Dunno mate, I have never used Mac.