Silk Road forums
Discussion => Security => Topic started by: Bungee54 on December 11, 2012, 11:59 am
-
Of course We do not want to aid terror & pedophiles but this report shows how our enemies are working and what we ought to do to shield us against them.
We are in a war aren`t we ? Pine this is for yoU :-*
Cheers!
http://www.hacker10.com/other-computing/u-n-report-reveals-secret-law-enforcement-techniques/
Buried inside a recent United Nations Office on Drugs and Crime report titled “Use of Internet for Terrorist Purposes” one can carve out details and examples of law enforcement electronic surveillance techniques that are normally kept secret.
-
TY for posting this Bungee. I will get back to you after I've finished reading (Currently on page 3).
btw, speaking of pine, where the phuc is she??? Has she gone?
-
http://dkn255hz262ypmii.onion/index.php?action=profile;u=9193
S(he) hasnt been around for a few weeks. Could be in Columbia running drugs, setting up the new SR servers, or being brutally interrogated for the scoop on Willy Wonka.
-
very interesting!
-
Point 198: It explains how an investigator can circumvent Truecrypt plausible deniability feature (hidden container), advising computer forensics investigators to take into consideration during the computer analysis to check if there is any missing volume of data.
My favorite part.
Come on people, if LE examines your hard drive only to find that none of the files were accessed since the day you installed the OS, they'll know something is up. If they catch you physically using the machine, then you're pretty much fucked. Whether or not they can prove it in court depends on where you live and how the judge is feeling that day. In some places, LE won't need to prove shit beyond a reasonable doubt. They'll know you have a hidden OS at the point (especially if unallocated clusters are all filled with random data and not bits of old files), and will either beat the password out of you or just throw you in jail automatically.
Instead of using a hidden OS, just store the bootloader for the partition on a CD or USB drive. Not only is it 10x easier, but you eliminate the risk of accidentally booting to the fake OS and overwriting your hidden partition. All they'll find on your hard drive is a bunch of random data, which can simply mean that the drive was wiped 5 years ago for all they know. Destroy the CD/thumb drive holding the bootloader and you also destroy the master key, rendering the encrypted data completely useless provided they don't break the algorithm itself. It sure beats insulting their intelligence and pissing them off.
-
http://dkn255hz262ypmii.onion/index.php?action=profile;u=9193
S(he) hasnt been around for a few weeks. Could be in Columbia running drugs, setting up the new SR servers, or being brutally interrogated for the scoop on Willy Wonka.
hopefully she is fine..she is an worthy asset to our cause...
gonna light a candle for her really :-\
-
Point 198: It explains how an investigator can circumvent Truecrypt plausible deniability feature (hidden container), advising computer forensics investigators to take into consideration during the computer analysis to check if there is any missing volume of data.
My favorite part.
Come on people, if LE examines your hard drive only to find that none of the files were accessed since the day you installed the OS, they'll know something is up. If they catch you physically using the machine, then you're pretty much fucked. Whether or not they can prove it in court depends on where you live and how the judge is feeling that day. In some places, LE won't need to prove shit beyond a reasonable doubt. They'll know you have a hidden OS at the point (especially if unallocated clusters are all filled with random data and not bits of old files), and will either beat the password out of you or just throw you in jail automatically.
Instead of using a hidden OS, just store the bootloader for the partition on a CD or USB drive. Not only is it 10x easier, but you eliminate the risk of accidentally booting to the fake OS and overwriting your hidden partition. All they'll find on your hard drive is a bunch of random data, which can simply mean that the drive was wiped 5 years ago for all they know. Destroy the CD/thumb drive holding the bootloader and you also destroy the master key, rendering the encrypted data completely useless provided they don't break the algorithm itself. It sure beats insulting their intelligence and pissing them off.
I have always done it exactly this same way since I found SR; it just occurred to me then that it is a much easier idea. Every article that I read when I first came to the forums seemed to want me to install some sort of Linux OS to a flash drive. Is there by any chance a portable TrueCrypt?
-
Point 198: It explains how an investigator can circumvent Truecrypt plausible deniability feature (hidden container), advising computer forensics investigators to take into consideration during the computer analysis to check if there is any missing volume of data.
My favorite part.
Come on people, if LE examines your hard drive only to find that none of the files were accessed since the day you installed the OS, they'll know something is up. If they catch you physically using the machine, then you're pretty much fucked. Whether or not they can prove it in court depends on where you live and how the judge is feeling that day. In some places, LE won't need to prove shit beyond a reasonable doubt. They'll know you have a hidden OS at the point (especially if unallocated clusters are all filled with random data and not bits of old files), and will either beat the password out of you or just throw you in jail automatically.
Instead of using a hidden OS, just store the bootloader for the partition on a CD or USB drive. Not only is it 10x easier, but you eliminate the risk of accidentally booting to the fake OS and overwriting your hidden partition. All they'll find on your hard drive is a bunch of random data, which can simply mean that the drive was wiped 5 years ago for all they know. Destroy the CD/thumb drive holding the bootloader and you also destroy the master key, rendering the encrypted data completely useless provided they don't break the algorithm itself. It sure beats insulting their intelligence and pissing them off.
I like the way you guys think. I'm slipping behind. :( pine was right when she said a lot of kids (real kids, not like you, you're old) know more about security and tech than engineers and most corporations (can't remember exact words). I came up with that too, lol. She said it first ;) . It worries me a little that no one here knows where she is. (And it's a she. It says it on her profile, or at least, used to.) I won't light a candle bungee, but I will get stoned for her until she gets back. Least I can do. :(
[quote author=raven92 link=topic
http://dkn255hz262ypmii.onion/index.php?action=profile;u=9193
S(he) hasnt been around for a few weeks. Could be in Columbia running drugs, setting up the new SR servers, or being brutally interrogated for the scoop on Willy Wonka.
[/quote]
Probably.... not..... in Columbia running drugs, pmsl. Kind of weird she ^ and left without saying where though. Um. Piece out. Drug safely.
-
I know pine is missed by everyone here, but without her it’s even more important we maintain the strong security mantra at SR. Good to see PGP Club still ^ even if not quite as active. And that nomad bloodbath is back again. I won’t even bother answering the war in Asia question (yep, it’s likely), or whether U.S. is more likely to revert to protectionism (nope, it won’t) as that boat now has sailed on the igiveashitaboutyourreply meter.
(And for godssake thecrackhead, she’s a she, not a he! Why you play with us like that lol.)
An overdue +1 to Bungee54 for posting the link *clearnet* http://www.hacker10.com/other-computing/u-n-report-reveals-secret-law-enforcement-techniques on 2012/12/11. I think everyone new to Tor should read this, and know mistakes to avoid.
I won’t bother asking about trusted downloads for PGP as I am sure pine or someone else will have posted that on here, but while I’m writing this I can’t very well search for it can I?
Speaking of security, wot (web of trust) at *clearnet* http://www.mywot.com is worth a quick investigation if faced with a dubious website, and isitup at *clearnet* http://isitup.org is invaluable to Tor users who keep getting timeouts and are wondering if it’s them or the website itself. Old news to most, but new users are reminded that tormail.org at http://jhiwjjlqpyawmpjx.onion provides anonymous email with no verification or archiving abilities implemented. And do I need to remind new users not to come here launched from onion.to .
Piece out. Drive safely. Eat plenty.
[Crap!! This is supposed to go on either PGP Club or the other thread..... brb while I fix it ^]
-
The LEA need to be beaten in every way possible, so thanks for this information since it helps everyone hiding from them.
-
Point 198: It explains how an investigator can circumvent Truecrypt plausible deniability feature (hidden container), advising computer forensics investigators to take into consideration during the computer analysis to check if there is any missing volume of data.
My favorite part.
Come on people, if LE examines your hard drive only to find that none of the files were accessed since the day you installed the OS, they'll know something is up. If they catch you physically using the machine, then you're pretty much fucked. Whether or not they can prove it in court depends on where you live and how the judge is feeling that day. In some places, LE won't need to prove shit beyond a reasonable doubt. They'll know you have a hidden OS at the point (especially if unallocated clusters are all filled with random data and not bits of old files), and will either beat the password out of you or just throw you in jail automatically.
Instead of using a hidden OS, just store the bootloader for the partition on a CD or USB drive. Not only is it 10x easier, but you eliminate the risk of accidentally booting to the fake OS and overwriting your hidden partition. All they'll find on your hard drive is a bunch of random data, which can simply mean that the drive was wiped 5 years ago for all they know. Destroy the CD/thumb drive holding the bootloader and you also destroy the master key, rendering the encrypted data completely useless provided they don't break the algorithm itself. It sure beats insulting their intelligence and pissing them off.
I have always done it exactly this same way since I found SR; it just occurred to me then that it is a much easier idea. Every article that I read when I first came to the forums seemed to want me to install some sort of Linux OS to a flash drive. Is there by any chance a portable TrueCrypt?
TrueCrypt can run in Portable Mode, which means that it does not have to be installed on the operating system under which it is run. You can also encrypt the system partition where the O.S is installed or the entire system drive. You could also create an encrypted file container, meaning a virtual encrypted disk is created in a file. This is the easiest of these options to set up.