Silk Road forums
Discussion => Security => Topic started by: yokes101 on June 19, 2012, 05:37 pm
-
Im getting prepared to make my first order here on the road, Im going to be sending the package to my home and so I need to make sure that my computer is 100% clean with no links to silk road. Whats the best way of doing that?
I know I can reinstall the OS but hard drives can be recovered, Is there any way I can make sure no one can ever recover my internet history (and get rid of any signs of TOR) with out replacing my hard drive?
-
You just delete Tor and the installer, it doesn't save history or cache. If you really want to wipe your hard drive then there are plenty of tools, you can use dban and nuke it but apparently this doesn't overwrite bad sectors of the drive so if that worries you then you can use something like SecureErase.
Either way, unless you're going to be raided I would recommend just deleting your Tor install and the installer itself, clear your clearnet browser histories/cache for when you went to download Tor or looked up SR or anything, then use CCleaner to clean the rest.
-
You just delete Tor and the installer, it doesn't save history or cache. If you really want to wipe your hard drive then there are plenty of tools, you can use dban and nuke it but apparently this doesn't overwrite bad sectors of the drive so if that worries you then you can use something like SecureErase.
Either way, unless you're going to be raided I would recommend just deleting your Tor install and the installer itself, clear your clearnet browser histories/cache for when you went to download Tor or looked up SR or anything, then use CCleaner to clean the rest.
Ok I will look into the software, I just want to make sure ever thing is clean and then I can just start using a USB key with Liberte from then on.
Well what is the chances off getting raided for importing lets say 10 ecstasy pills?
I just want to be safe rather then sorry! ;D
-
If you received them then your good, if they knew what was in the package you wouldn't have received it.
-
If you're just ordering small amounts of drugs and have no specific reason to think you're going to be raided, I would encrypt the entire hard drive first. Go to truecrypt.org and read up on how to fully encrypt the system partition. It's actually quite easy, and if you are that willing to wipe your HD, then I doubt you have much to worry about if the process goes wrong (never heard of that happening). Just be sure to use a very long, complex passPHRASE and leave the computer off whenever you aren't in the room.
The only weakness Full Disk Encryption has at the moment involves the feds catching you with your PC on and the encrypted partition mounted. If you turn the power off before they get to it, there isn't much they can do other than try and guess your password. Not that they'd bother using any of this for 10 pills of anything, though you never know. You can also run CCleaner--set to overwrite free space of course--on the encrypted partition to wipe any trace of the deleted tor browser bundle folder as well as a host of other juicy forensic artifacts. That way, even if they somehow gain access to your disk, they won't see much of anything unless they used some crazy, secret trojan to log your every move locally. Again, that's not something you have to worry about unless you're dealing in serious shit (or just competing with the Chinese hahaha).
If your HDD doesn't support the ATA secure erase command, you can use a program called DBAN (google for instant DL link) to create a boot cd that will wipe the hard drive on command.
OR, if you REALLY want to piss them off, wipe the HDD, reinstall the OS, and encrypt it with a relatively weak password. Now repeat for every hard drive in your possession, cause everyone has dozens of hard drive sitting around, right? Even if you don't have a bunch of physical drives, you can always make a bunch of large, empty truecrypt containers on any existing file system. Not only will this make free space wiping faster, but it will annoy the hell out of feds trying to crack each one of the dummy files. Make them all different sizes and ensure that truecrypt is set not to change file access dates. Is it a good idea to piss off the feds in this manner? No, but then again there's no way they can prove your intentions. Just don't tell them anything at all, let alone mention "dummy files". Also, by "relatively weak password", I don't mean "fuckthefeds420lolthisisadummyfile". They don't need any help doing their jobs.
-
If you're just ordering small amounts of drugs and have no specific reason to think you're going to be raided, I would encrypt the entire hard drive first. Go to truecrypt.org and read up on how to fully encrypt the system partition. It's actually quite easy, and if you are that willing to wipe your HD, then I doubt you have much to worry about if the process goes wrong (never heard of that happening). Just be sure to use a very long, complex passPHRASE and leave the computer off whenever you aren't in the room.
The only weakness Full Disk Encryption has at the moment involves the feds catching you with your PC on and the encrypted partition mounted. If you turn the power off before they get to it, there isn't much they can do other than try and guess your password. Not that they'd bother using any of this for 10 pills of anything, though you never know. You can also run CCleaner--set to overwrite free space of course--on the encrypted partition to wipe any trace of the deleted tor browser bundle folder as well as a host of other juicy forensic artifacts. That way, even if they somehow gain access to your disk, they won't see much of anything unless they used some crazy, secret trojan to log your every move locally. Again, that's not something you have to worry about unless you're dealing in serious shit (or just competing with the Chinese hahaha).
If your HDD doesn't support the ATA secure erase command, you can use a program called DBAN (google for instant DL link) to create a boot cd that will wipe the hard drive on command.
OR, if you REALLY want to piss them off, wipe the HDD, reinstall the OS, and encrypt it with a relatively weak password. Now repeat for every hard drive in your possession, cause everyone has dozens of hard drive sitting around, right? Even if you don't have a bunch of physical drives, you can always make a bunch of large, empty truecrypt containers on any existing file system. Not only will this make free space wiping faster, but it will annoy the hell out of feds trying to crack each one of the dummy files. Make them all different sizes and ensure that truecrypt is set not to change file access dates. Is it a good idea to piss off the feds in this manner? No, but then again there's no way they can prove your intentions. Just don't tell them anything at all, let alone mention "dummy files". Also, by "relatively weak password", I don't mean "fuckthefeds420lolthisisadummyfile". They don't need any help doing their jobs.
This just results in you sitting longer in remand in prison.
There is no "annoying" the feds, the more work you make for them, the safer their jobs are, they love it. They'll have you sit there the rest of your life if that's what it takes. Plus now in many countries refusal to give them the hard drive encryption keys equals an automatic one year prison sentence.
A much better option is to encrypt your hard drive, put loads of safe useless data there, like sports results, then have a 'hidden container' which they don't know about and only you know the key to. There's no way to prove it exists and gives you plausible denyability so you don't spend the rest of your life on remand in jail.
-
I was joking about annoying them. If you get cute with the feds, they will know and will either seize your house or try to throw you in jail for no reason like you mentioned.
If I were in the UK or a country with similar laws, I would go the plausible deniability route instead of the whole dummy containers thing. In the US, it's not as much of a problem (although that's changing), plus they'd have to catch you off-guard and bypass your FDE before they ever see the dummy files. The only reason I mentioned that technique is the relative difficulty of setting up a hidden OS, plus the fact that any modification of free space on the decoy OS partition can damage your files. Also, one can tell that the decoy OS is never used by looking at the time stamps of files and logs on the volume. The plausible deniability of the hidden OSs is not very strong while being a bit risky to use as well as annoying to implement for less tech savy users.
Still, it certainly wouldn't hurt to use a hidden OS on a "backup image" you just so happen to keep on a large external HD and never access...
-
Download an ISO...XP or WIN 7, and use VMplayer to make a virtual machine. Run the VM from an external HD. Its much slower than running from your internal drive, but much easier to wipe afterwards. download a hard drive erasing program and send 7 or so random passes on it. Then re-use.
You can google for the ISO, VMplayer and a wipe program. All free.