Silk Road forums
Discussion => Security => Topic started by: wednesday adams on May 29, 2012, 01:49 am
-
Hi,
PLEASE HELP, I'm not a IT person, but I'm moderately savvy w/computers........and I can learn quick when motivated! : )
I've been reading through these posts and I still am not sure exactly what I need to do to make my laptop totally safe. I've got OS X (10.6.eight), I downloaded/installed the tor bundle, I loaded it onto the desktop but have since copied it onto a usb drive--..... I also downloaded/installed " portable pgp" ...........I've come a long way in 2 days, got pub/priv keys made, learned to crypt messages, .............now, I need to learn how to make my computer as safe as possible.
I've seen different things on here from put everything on a usb port, use liberte (?) on a usb key and/or to create a partitioned HD, I've downloaded truecrypt but don't know how it works.......So, my question is: what should I do to protect my computer in the event LE comes along and takes it (unlikely, perhaps, but why not be as safe as possible, right?).
--How do I securely delete files from my laptop (I've got a file sitting on desktop w/passwords/software that I don't want anyone to see)
--How do I make it so that I can still use my tor browser, go on to SR, etc but that no one who got a hold of my computer would find anything incriminating on it?
--Should I keep my public key copied onto my usb, or is that dumb?
Pls any help is greatly, greatly appreciated, I recognize the importance of crypting mssgs and cleaning up after yourself on your computer but I just don't know where to even begin
Thanks, SO SO glad to have found the SR community!!
-
Sorry I can't be more MAC specific as I don't own one.
I'm not sure how your budget is, but I would recommend getting a cheap laptop at a pawn shop or off ebay. Personally I have a dedicated laptop on which I have installed an Ubuntu variant that encrypts the entire disk. Everything on the laptop is secure as long as you use a good password.
Truecrypt is a transparent on-the-fly encryption program. You use it to create an encrypted "container (file)" (recommended for beginners) or an encrypted partition. Once you create your container you use Truecrypt to open it. No one can see what's inside the container without your password.
Your public key is just that - public. You really want to protect the private key. I have no idea where a MAC would store this and it probably depends on the program used to create it. You could find the location of the private key in the programs documentation.
Passwords are ALWAYS the weak point when it comes to encryption. Use a phrase and translate it to leet-speak for easy memory. Add some symbols in there. You should avoid repeating letters/symbols back to back. Don't write it down - ever.
An example:
!Th15.i5.4n.3x4mpl30fAg00dp455w0rd?
-
Sorry I can't be more MAC specific as I don't own one.
I'm not sure how your budget is, but I would recommend getting a cheap laptop at a pawn shop or off ebay. Personally I have a dedicated laptop on which I have installed an Ubuntu variant that encrypts the entire disk. Everything on the laptop is secure as long as you use a good password.
Truecrypt is a transparent on-the-fly encryption program. You use it to create an encrypted "container (file)" (recommended for beginners) or an encrypted partition. Once you create your container you use Truecrypt to open it. No one can see what's inside the container without your password.
Your public key is just that - public. You really want to protect the private key. I have no idea where a MAC would store this and it probably depends on the program used to create it. You could find the location of the private key in the programs documentation.
Passwords are ALWAYS the weak point when it comes to encryption. Use a phrase and translate it to leet-speak for easy memory. Add some symbols in there. You should avoid repeating letters/symbols back to back. Don't write it down - ever.
An example:
!Th15.i5.4n.3x4mpl30fAg00dp455w0rd?
Hi,
thanks for the reply.......some quick questions, so it sounds like truecrypt would be only useful if I wanted to say keep a file on my desktop w/passwords in it and then enrypt that file only so that only password holder can open it? Is it possible to pub my files on my usb and then encrypt that w/truecrypt? Also, does Ubuntu work on mac machines?
I downleaded a freeware called "portable pgp" when i have it open on the top of my screen it says "portablepgp.portablepgpAPP" and used that to create my pub/priv keys. This (I think) is a java app/script that is stored on my hard drive, ...........anyway, not sure how to use this safely, eg do I need to have portable pgp on my usb drive only, should I keep my private key on the hd in a truecrypted file? on a truectypted usb? stuck very high up my..........ahhhhh, it's like trying to drink from a fire hose.......I"m so lost : (
also, anyone? how do u permanently and safely delete a file off your hardrive or desktop??
I used "portable pgp" to create my keys, it is installed on my mac..............is this also a security risk?
-
Hi Wednesday, hope you are well.
I just bought a Maccy Pro so I am just getting my head round it. I installed TrueCrypt but I can't work out how to encrypt the entire drive yet. :-\ Done the hidden container though. :)
-
I say this a lot lol....
Download Parallels (virtual machine software for Mac).
Download Windows XP/Ubuntu
Install Windows XP/Ubuntu virtual machine on Parallels.
Add XP/Ubuntu VM to truecrypt hidden container (on Mac). << This step is not so much necessary but useful for hiding the VM)
Download all necessary programs for XP/Ubuntu (truecrypt, tor, PGP etc...)
If you're a buyer then all of this is not so much required but it is advisable. If you're a seller then it's literally do or die.
Peace out
Dank
-
I say this a lot lol....
Download Parallels (virtual machine software for Mac).
Download Windows XP/Ubuntu
Install Windows XP/Ubuntu virtual machine on Parallels.
Add XP/Ubuntu VM to truecrypt hidden container (on Mac). << This step is not so much necessary but useful for hiding the VM)
Download all necessary programs for XP/Ubuntu (truecrypt, tor, PGP etc...)
If you're a buyer then all of this is not so much required but it is advisable. If you're a seller then it's literally do or die.
Peace out
Dank
Thanks Guru and Dank,
Guru: what about gpg tools, others in the forum have recommended it, do u thinks it's safer?
Dank: can you pls explain the above a little bit more in laymen's terms..........what's a VM? What is Parallels and what does it do, and, if it's software, then how does one install another software on top of it...eg install XP/Ubuntu on parallels????? Or more specifically, if I did everything you listed above........what would be the end result, what would I have accomplished?.............sorry for the pathetic questions, I'm at the bottom of a steep learning curve : )
-
hello
for securing a macbook i suggest using a bootable live operating system.
There are operating systems preconfigured for TOR that are really easy to use and come with handy tools like pgp pre-installed. On shut down the system wipes your ram and leaves no trace of activity.
The Amnesic Incognito Live System - Tails, is one of those systems that runs fine on a Macbook.
1 Download the current version @ https://tails.boum.org/
2 Burn the ISO image onto a DVD
a Insert blank DVD
b Open "Disk Utility" (OSX feature)
c In the "File" Menu click on "Open Disk Image..." and choose the Tails ISO
d The ISO will now appear in the lower part of the left column
e Select the image there and click on the atomic "Burn" icon in the top left corner and burn to the DVD with slow speed (2x/4x)
3 If you restart your Macbook with the DVD inserted wait for the screen to get white and immediately press and hold the alt button until you reach the bootloader. Navigate to the DVD entry labeled "Windows" and press enter.
Voilá! You are now ready to go. Network drivers, Touchpad, etc. all supported by default.
You also have the option to insert a Thumbdrive and clone the system to it via Applications - System Tools - Tails USB Installer
This will give you the option to create a persistent Volume (e.g. save files, pgp keys) and will work much faster than a DVD.
Although booting from a USB drive is not possible with the default apple bootloader you can download and install rEFIt from you OSX, which will recognize the drive.
rEFIt: http://refit.sourceforge.net/
hope that helped :)
-
hello
for securing a macbook i suggest using a bootable live operating system.
There are operating systems preconfigured for TOR that are really easy to use and come with handy tools like pgp pre-installed. On shut down the system wipes your ram and leaves no trace of activity.
The Amnesic Incognito Live System - Tails, is one of those systems that runs fine on a Macbook.
1 Download the current version @ https://tails.boum.org/
2 Burn the ISO image onto a DVD
a Insert blank DVD
b Open "Disk Utility" (OSX feature)
c In the "File" Menu click on "Open Disk Image..." and choose the Tails ISO
d The ISO will now appear in the lower part of the left column
e Select the image there and click on the atomic "Burn" icon in the top left corner and burn to the DVD with slow speed (2x/4x)
3 If you restart your Macbook with the DVD inserted wait for the screen to get white and immediately press and hold the alt button until you reach the bootloader. Navigate to the DVD entry labeled "Windows" and press enter.
Voilá! You are now ready to go. Network drivers, Touchpad, etc. all supported by default.
You also have the option to insert a Thumbdrive and clone the system to it via Applications - System Tools - Tails USB Installer
This will give you the option to create a persistent Volume (e.g. save files, pgp keys) and will work much faster than a DVD.
Although booting from a USB drive is not possible with the default apple bootloader you can download and install rEFIt from you OSX, which will recognize the drive.
rEFIt: http://refit.sourceforge.net/
hope that helped :)
Thanks Omnium!!!
That actually looks like a great, step by step guide for newbies, thanks!! ;D, I still have a few questions if you have the time....
**The big picture: by doing all of your steps, I will have created a usb drive that has an operating system which will run the tor bundle and allow me to go online/go to SR etc, but when i do this none of the activity will register on my laptop**********Is this right? Do I correctly perceive the big picture?
Also,
1--Would a regular 4gig flash drive be good enuf? Is there a specific brand that 's best for this?
2-Is there a way I can encrypt or somehow lock the usb drive so no one can pop it in and see what i've been doing?
3-""You also have the option to insert a Thumbdrive and clone the system to it""---why would I want to do this and what does it mean/eg what's a thumbdrive
4--Once this usb is created, should I just use "secure empty trash" mode to delete the files/Tor software that is currently on my laptop, or do I need to "wipe" the drive?
You know, I just realized that if someone was selling something like this on SR, I'd buy it in a second, would save me about 100 hours of pulling my hair out/crying/breaking things trying to learn all this, just a thought ::)
-
Thanks Omnium!!!
That actually looks like a great, step by step guide for newbies, thanks!! ;D, I still have a few questions if you have the time....
**The big picture: by doing all of your steps, I will have created a usb drive that has an operating system which will run the tor bundle and allow me to go online/go to SR etc, but when i do this none of the activity will register on my laptop**********Is this right? Do I correctly perceive the big picture?
Also,
1--Would a regular 4gig flash drive be good enuf? Is there a specific brand that 's best for this?
2-Is there a way I can encrypt or somehow lock the usb drive so no one can pop it in and see what i've been doing?
3-""You also have the option to insert a Thumbdrive and clone the system to it""---why would I want to do this and what does it mean/eg what's a thumbdrive
4--Once this usb is created, should I just use "secure empty trash" mode to delete the files/Tor software that is currently on my laptop, or do I need to "wipe" the drive?
You know, I just realized that if someone was selling something like this on SR, I'd buy it in a second, would save me about 100 hours of pulling my hair out/crying/breaking things trying to learn all this, just a thought ::)
Hey Wednesday,
yes you are right that the operating system will leave no trace and that you can access tor with the integrated browser. all networking will be set up to be only through tor.
by thumbdrive i refer to a usb drive. 4gb will be fine but i suggest no less. when you buy the drive make sure it supports booting. some of the cheaper ones dont allow you to boot.. to give an example: Kingston DT109 is a small and affordable stick that will do fine.
each time you shut down the stick it will set itself to the state prior to booting. there will be nothing saved -> nothing to encrypt.
if you plug in the stick to a booted computer it will not be recognized as a readable stick.
you can however configure persistence. this means that you create a partition on your stick that is fully encryptet where you can keep files and settings. this can be done under Applications - System Tools - Set Up Persistence.
The only way to create your thumbdrive in the first place is by booting into the dvd and then "cloning" its contents onto the stick via the included system tool that i described earlier. (Tails USB Installer)
if you plan on becoming a seller you might want to clean up nicely.. on the mac settings you can somehow set the method for secure emptying the trash to overwrite multiple times (1/3/5/7) .. but just for deleting the tor browser bundle file you should really not bother to do so. after all thats really not sensitive information and you wont get in trouble... if you have any silk road related files/logs you can however do that. :)
peace
-
thank you everyone who replied to my post, I'm proud to say I managed to put tails on a usb cd and to "clone ?" the drive, so i now have tails up and running on my usb stick, I also used somthing off other forums Plop bootloader--I think, to get my mac to boot up onto tails.............needless to say, I am very proud of my techno-challanged self!! Thanks
-
Thanks omnium. This info will be very useful.
-
just a thanks to wednesday and omnium for bringing me this info, v helpful. One question - probably stupid - Omnium, do you have to download rEFit when using tails with the dvd already in, or can you download to your hd first?
-
I also used somthing off other forums Plop bootloader--I think, to get my mac to boot up onto tails
Would be really interested to hear more about that since rEFIt doenst seem to work for me ...
Then regarding plop bootloader I burnt it on a cd, loaded it but couldnt use my keyboard in order to configure anything... strange
ALso there's not much info on the web about this program so it'd be great if you could post more details about how <you succeded booting tails from a usb drive on a mac...
In the meantime I guess i'll use a dvd, but i'm just curious about how you managed to do this
-
I also used somthing off other forums Plop bootloader--I think, to get my mac to boot up onto tails
Would be really interested to hear more about that since rEFIt doenst seem to work for me ...
Then regarding plop bootloader I burnt it on a cd, loaded it but couldnt use my keyboard in order to configure anything... strange
ALso there's not much info on the web about this program so it'd be great if you could post more details about how <you succeded booting tails from a usb drive on a mac...
In the meantime I guess i'll use a dvd, but i'm just curious about how you managed to do this
Did you ask about this somewhere else before? I don't think I had time to answer but I'll explain now.
1) Firstly get all your operating systems installed and ready, Mac, Windows on bootcamp and Linux on your memory stick. All Done.
2) Now install refit, remove it and do it again if you have to.
3) Now reboot Mac 3 times. Don't ask why, just do it.
4) When you reboot the last time, with the Linux memory stick plugged in press the "ALT" button at the bottom left of the keyboard on your Mac when the white screen first comes on, before the Mac goes "TaDahhhhh". You'll get a list of all the options including your Linux OS which looks like a penguin.