Silk Road forums
Discussion => Security => Topic started by: gavrilov on March 07, 2012, 12:15 am
-
For situations where plausible deniability is a top priority - e.g. if there is a risk of rubberhose cryptoanalysis if they find any encrypted data on you, no matter how hard you insist on it being just a filler rather than hidden partition - yet, there is a need to access persistent data, here is something I think could be used. Obviously, I invite comments and criticism.
Preparation stage:
1. Create a Truecrypt -encrypted file container, small enough to just hold your private data (keys, contacts, bookmarks, any non-standard software you need).
2. Move the data to the container.
3. Upload the container over Tor to some anonymous storage provider.
4. Remove all traces of the container and data from your system.
Now, to use:
1. Boot any live distro with Tor bundle and Truecrypt.
2. Start Tor.
3. Download the container
4. Work...
5. If private data were updated, dismount container and reupload it.
5. Clear memory & reboot.
For larger containers, step 3 could be replaced with mounting the file over nbd-http, with resulting read-only access to private data.
Benefits:
- no encrypted data on any of your media,
- you only need to remember the URL and password
- you can access your data even if you have to build stuff from scratch
Does it make sense?
Max
-
is a good technique
-
What's to stop LE from demanding the password and encryption keys of the anonymous storage site once they discover you're using it?
But on a positive note this is a really good idea. Are there any anonymous storage sites on the onion network now? I've used something called infoencrypt.com before, which acts as encryption/decryption without any installation, however you have to save the cyphertext to a physical state.
-
What's to stop LE from demanding the password and encryption keys of the anonymous storage site once they discover you're using it?
in the US the 5th amendment
-
What's to stop LE from demanding the password and encryption keys of the anonymous storage site once they discover you're using it?
How would they discover it? They can only see your Tor traffic, nothing more. BTW, it makes sense to have Tor installed on your main disk, and to keep some bookmarks to benign stuff, so that you have explanation for this traffic, too.
-
Sounds extremely secure and might be a good idea if you do any super illegal shit.
That said, it seems like a real hassle, especially since you'd have to download your info over the Tor network, which is really slow.
My idea would be to create hidden partition on a USB drive containing Liberte.
I'd then double bag the USB drive into small baggies, then place the outer-most baggie inside a realistic-looking small fake rock, then place the rock somewhere away from my home and property outside of plain sight.
-
What's to stop LE from demanding the password and encryption keys of the anonymous storage site once they discover you're using it?
in the US the 5th amendment
Lol. --->
"Courts have consistently held that defendants cannot be forced to divulge passwords. However, and more practically with respect to the end result, a defendant can sometimes be forced to use a decryption password—without divulging it—and then to provide the files in readable form. Whether the government can compel decryption in this manner depends on a legal doctrine called “foregone conclusion” that was first articulated in a 1976 Supreme Court ruling relating to paper documents in a tax fraud case.
Under the “foregone conclusion” doctrine as applied to digital documents, handing over files is not considered testimony if the government already knows that the files exist and what machines they live on. And when there is no testimony, the protection of the Fifth Amendment’s self-incrimination clause is not available."
If you haven't noticed, our rights have been slowly but steadily taken away over the last decade.
-
o rly? http://blogs.wsj.com/law/2012/02/23/court-fifth-amendment-protects-suspects-from-decrypting-computers/
-
It will eventually get to the supreme court. Lower courts have held people in contempt for not giving up password to hidden truecrypt volumes, even when their own experts admited they couldn't even prove there were hidden volumes. Essentially they ordered people to make ciphertext decrypt into things that would incriminate them, when they were not pleased with it decrypting into non incriminating things.
-
o rly? http://blogs.wsj.com/law/2012/02/23/court-fifth-amendment-protects-suspects-from-decrypting-computers/
That article doesn't elaborate on the situation very well... The issue is not directly one of incriminating yourself but rather whether or not law enforcement officials had a basis to suspect there was incriminating evidence on an encrypted drive. Courts have already ruled that a person can be forced to provide encryption passwords if there is a substantial enough basis. As quoted before, "handing over files is not considered testimony if the government already knows that the files exist and what machines they live on."
"In another child pornography case, officials at a Vermont border crossing inspected a laptop in a car entering the United States from Canada. Upon seeing filenames suggesting illegal images, they seized the computer and arrested its owner. The laptop turned out to be encrypted, and in February 2009 a federal district court judge ordered the defendant to reveal its contents, largely on the grounds that the government already knew it contained incriminating files."
Here officials had a basis to suspect criminal activity. In your example they did not. It's a subtle difference, but a substantial one.
-
i've often considered only keeping any sensitive data stored on a hidden remote server in some way, and places tormail take care of the email aspect, but any recommended file-storage sites would be good..?
but i gotta say there is "something" to be said for having 100% control of your information, stored, well-hidden at your discretion in your prefered format, at any given point in time....
-
i've often considered only keeping any sensitive data stored on a hidden remote server in some way, and places tormail take care of the email aspect, but any recommended file-storage sites would be good..?
Not sure how easy it is to get some space on freedomhosting these days, but if your data is not very large you could store it as an email attachment on tormail.
-
Do NOT store anything remotely - -this is asking to get man-in-the-middle attacked and have your data replaced with a trojan.
-
o rly? http://blogs.wsj.com/law/2012/02/23/court-fifth-amendment-protects-suspects-from-decrypting-computers/
That article doesn't elaborate on the situation very well... The issue is not directly one of incriminating yourself but rather whether or not law enforcement officials had a basis to suspect there was incriminating evidence on an encrypted drive. Courts have already ruled that a person can be forced to provide encryption passwords if there is a substantial enough basis. As quoted before, "handing over files is not considered testimony if the government already knows that the files exist and what machines they live on."
"In another child pornography case, officials at a Vermont border crossing inspected a laptop in a car entering the United States from Canada. Upon seeing filenames suggesting illegal images, they seized the computer and arrested its owner. The laptop turned out to be encrypted, and in February 2009 a federal district court judge ordered the defendant to reveal its contents, largely on the grounds that the government already knew it contained incriminating files."
Here officials had a basis to suspect criminal activity. In your example they did not. It's a subtle difference, but a substantial one.
This case was just ruled on on February 23 of this year stating that the fifth amendment does protect you against being forced to reveal your password due to incriminating yourself.
http://www.ca11.uscourts.gov/opinions/ops/201112268.pdf
Here's a link to a discussion going on about the subject:
http://forums.truecrypt.org/viewtopic.php?t=25929
-
Do NOT store anything remotely - -this is asking to get man-in-the-middle attacked and have your data replaced with a trojan.
Care to elaborate how you would put trojan on truecrypt container or replace it entirely without knowing the password?
-
Well I read that wrong ,and didn't notice the remote files were stored encrypted. If you store the remote files encrypted, you're probably okay.
But why store the container remotely? What's the advantage here? You have to download it every time, you now add a pattern to your network traffic (container is of fixed size), etc etc so exactly X bytes with a precisely uniform distribution will be transferred via TCP every time you retrieve it. I just don't see how the benefits outweigh the risk / annoyance but maybe I'm missing something.
How is storing it remotely better than locally stored hidden volume / outer volume ?
-
But why store the container remotely? What's the advantage here? You have to download it every time, you now add a pattern to your network traffic (container is of fixed size), etc etc so exactly X bytes with a precisely uniform distribution will be transferred via TCP every time you retrieve it. I just don't see how the benefits outweigh the risk / annoyance but maybe I'm missing something.
How is storing it remotely better than locally stored hidden volume / outer volume ?
Again, this is not for everyone, but for those of us who are endangered by the very fact of carrying encrypted data around, and who would trade some convenience for increase in plausible deniability. If you are a dissident in Syria operated upon with hot pliers, your hope of stopping the investigation by saying you have no idea what hidden partition is may be overly optimistic.
As for the network traffic, you could:
- use tools like nbd-http to mount the volume remotely,
- use a number of volumes - each dedicated to specific data - and only download ones you need during given session,
but generally - network traffic is transient and your adversary may or may not have access to it at the time of search/arrest, while he is almost certain to have a look at your media.
-
sshfs is worth looking into
http://linux.die.net/man/1/sshfs
Essentially it lets you treat a drive on a remote system like a local drive. Just encrypt the remote drive / container with Truecrypt or something and then you can decrypt it on your local machine do operations etc and it will all be persistent from the remote machine via sshfs.
SSHFS (Secure SHell FileSystem) is a file system for Linux (and other operating systems with a FUSE implementation, such as Mac OS X or FreeBSD) capable of operating on files on a remote computer using just a secure shell login on the remote computer. On the local computer where the SSHFS is mounted, the implementation makes use of the FUSE (Filesystem in Userspace) kernel module. The practical effect of this is that the end user can seamlessly interact with remote files being securely served over SSH just as if they were local files on his/her computer. On the remote computer the SFTP subsystem of SSH is used.
-
If you are a dissident in Syria operated upon with hot pliers, your hope of stopping the investigation by saying you have no idea what hidden partition is may be overly optimistic.
in such a situation, and equally if you were say, caught with drugs in the US, you would have a whole other set of problems on your hand at that point regardless. if you have been invesitgated to the point where they have seized your encrypted flash/hard drive, there's a very good chance they would also be aware of any files, with tor/encrypted or not, you may be accessing regularly online. just sayin'...
-
This case was just ruled on on February 23 of this year stating that the fifth amendment does protect you against being forced to reveal your password due to incriminating yourself.
http://www.ca11.uscourts.gov/opinions/ops/201112268.pdf
Here's a link to a discussion going on about the subject:
http://forums.truecrypt.org/viewtopic.php?t=25929
Did you not read my post...? I'm a case lawyer, I know what I'm talking about. The hidden but true legal question in those articles was whether or not the police had any basis to suspect criminal activity on the laptops, i.e. sufficient suspicion to instigate a search and seize (or in this case the other way around...). The 5th amendment protects you from providing testimony against yourself (i.e. providing decryption passwords). Being forced to give up a password has been ruled as not considered testifying against yourself if the police already know that you have the child porn on said laptop.
Do you get the difference? I hope I'm explaining this well.
But why store the container remotely? What's the advantage here? You have to download it every time, you now add a pattern to your network traffic (container is of fixed size), etc etc so exactly X bytes with a precisely uniform distribution will be transferred via TCP every time you retrieve it.
The encrypted storage of passwords, instawallet addresses, and pgp keys, etc, would take up very little room. The suggestion of storing it on tormail is fantastic really as the amount of traffic here would be miniscule. Sure one analyzing traffic could say, hmm he's downloading the same amount every time when he logs on to the network, but again this is so small that it could just be interpreted as e-mail.
-
You don't need persistence. It's convenient but unnecessary.