Silk Road forums

Discussion => Security => Topic started by: audacity on March 01, 2012, 08:38 pm

Title: Using TOR within a TrueCrypt volume
Post by: audacity on March 01, 2012, 08:38 pm
If i were to theoretically create an encrypted truecrypt volume, unzipped the TOR browser bundle inside, and ran it exclusively within this volume- would there be any traces on the computer once the volume is closed? This is on a mac in my friends' case, but I also ask in general.

The idea i guess is to have a clean every-day computer, with a useable secure tor browser inside the volume where all SR info (bookmarks, public keys, etc...) would be unobtainable?

Also, is it possible to have a pgp/gpg keychain within this volume with no trace outside of it (again ideally on a mac). GPGtools seems to need to be installed on the main disk (correct me if im wrong).

Lastly, is there a good option as to hiding the actual existence of the truecrypt Application on a Mac? In essence I would like to have a mac on which one can use SR as reasonably securely as possible where unless you knew all about the truecrypt volume it would be a virtually normal computer.

Thanks guys- I've learned a lot here and your responses really do not go unappreciated :)

Edit: If you guys have another idea as to a comparable level of security using other methods, i'm totally all ears. Cheers-
Title: Re: Using TOR within a TrueCrypt volume
Post by: MailMaxDev on March 01, 2012, 09:56 pm
Tor Bundle is configured in a way that it shouldn't leave traces of information on your computer afterwards. I would use full drive encryption to be safe anyways. Also it's not necessary to hide the existence of the TrueCrypt application. If you really want to you may be able to find a portable version that you could put onto a USB stick though.
Title: Re: Using TOR within a TrueCrypt volume
Post by: inscape on March 01, 2012, 11:26 pm
in my research, even though there are allegedly "portable" versions of firefox, thunderbird, gpg, and even "iportablesnow" i have been unable to get any of them working from a usb stick, let alone a hidden truecrypt volume, on multiple macbook's running Leo...my best conclusion so far has been to install a fully working OS, using truecrypt or not, but at least onto an external usb drive, to allow the full instalation of GPG, tbird, macspoofer, firefox, ect. burning such an os onto a "read-only" LiveCD could be a possibility? would be curious to know if this allows the same, RAM only, "traces" left on the host computer? compared to a unix build like Liberte? or Tails?
Title: Re: Using TOR within a TrueCrypt volume
Post by: CaptainSensible on March 01, 2012, 11:52 pm
When booted from a USB drive, Liberte & Tails are designed to not even power up the hard drive.  They're your best bet for not leaving traces on your computer.  But my experience is just with PCs, not Macs. 
Title: Re: Using TOR within a TrueCrypt volume
Post by: inscape on March 02, 2012, 12:15 am
unfortualtely, from my experience, it's pretty hard to install Liberte, Tails, ect using a Mac. At least not without excessivly using the command line. Installing Liberte onto a usb using a windoze machine seems the next best option for most mac users. but you'd think building something using anithing UNIx based would bee easier on a mac? but if you 'can' get it done, that seems the best option..

would really like to hear opinions on an extensive guide to ultimate security for the average mac user tho....the best security without having to open Terminal?
Title: Re: Using TOR within a TrueCrypt volume
Post by: audacity on March 02, 2012, 12:54 am
Ok sweet, so assuming it didn't involve a bootable USB or CD, for the sake of.. insatiable curiosity.  :)

a) what is you're guys' opinion on GPG installed normally on a computer (if you can't in fact install a key-chain exclusively in a mounted drive) - is it indicative of anything besides the want for privacy? You're opinion MailMax is that it's all good to have truecrypt, does that go for GnuPG as well?

b) if you did have GPG, how would you handle the keys? do you think are there traces left if you delete the public keys after each encryption?

c) Why would one do full disk encryption- assuming it would involve wiping the OS and starting over.. couldn't you just securely wipe the empty space so there are no traces from the past and keep the current and future activities allocated to the truecrypt disc?

d) if these procedures were all in place, would i have a 'secure'.. trustworthy computer?

Cheers again for the thoughts, this is all very intriguing.. even not being the most IT savvy or very paranoid person.

 
Title: Re: Using TOR within a TrueCrypt volume
Post by: audacity on March 02, 2012, 08:24 am
would really like to hear opinions on an extensive guide to ultimate security for the average mac user tho....the best security without having to open Terminal?

+1 - Hopefully we can get a general thread going by someone knowledgeable on the subject.
Title: Re: Using TOR within a TrueCrypt volume
Post by: club on March 02, 2012, 03:33 pm
Ah not a mac user so Im no help there. But I do have my "SR toolkit" set up pretty much exactly how you mentioned: TrueCrypt volume contains my Tor, my PGP, text files of bookmarks, etc.

I found that the old school PGP 6.5.8 (the last version by MIT before they sold it) is still every bit as functional and compatible with gpg, and I was able to make it portable by just copying the program directory to my Truecrypt/USB volume.
Title: Re: Using TOR within a TrueCrypt volume
Post by: DropGuy751 on March 02, 2012, 08:04 pm
Tor Bundle is configured in a way that it shouldn't leave traces of information on your computer afterwards. I would use full drive encryption to be safe anyways. Also it's not necessary to hide the existence of the TrueCrypt application. If you really want to you may be able to find a portable version that you could put onto a USB stick though.
TrueCrypt is portable by default just install on to memory stick and select portable mode when prompted.
Title: Re: Using TOR within a TrueCrypt volume
Post by: gavrilov on March 03, 2012, 01:26 am
How about using one of VM appliances on truecrypted partition? VMWare + Ubuntu should give you pretty good isolation, provided you have all your SR stuff there. And you don't have to worry about Mac compatibility etc.
Title: Re: Using TOR within a TrueCrypt volume
Post by: inscape on March 03, 2012, 01:52 am
your primary issue, in my experience, is at least, getting all the prefs, ect from GPGTools, Firefox/TBB, ect, to reside on the usb stick. which is why i recommend to install an "actual" OS on your external drive. yes you can install TBB, GPG, ect on ur stick. but unless you can get all those other files that otherwise naturally reside somewhere hidden within your OS, to reside on the Truecrypt volume, your are leaving traces on the host comp. as far as i know...
Title: Re: Using TOR within a TrueCrypt volume
Post by: audacity on March 03, 2012, 02:05 am
Ah not a mac user so Im no help there. But I do have my "SR toolkit" set up pretty much exactly how you mentioned: TrueCrypt volume contains my Tor, my PGP, text files of bookmarks, etc.

I found that the old school PGP 6.5.8 (the last version by MIT before they sold it) is still every bit as functional and compatible with gpg, and I was able to make it portable by just copying the program directory to my Truecrypt/USB volume.

So the whole truecrypt volume including PGP, tor, etc.. all on a usb? Does the USB drive leave any traces if used in this traditional capacity (as opposed to tails or liberte) on an everyday computer? Like theoretically if i had a completely brand spankin new computer and I plugged in a USB with such a truecrypt drive built in, after some usage (text edit, pgp, tor, etc..) would it still be brand spankin new? (Mac or PC)

cheers!
Title: Re: Using TOR within a TrueCrypt volume
Post by: xXShadowXx on March 03, 2012, 02:06 am
to get truecrypt to run off a usb drive you gotta install the main program on your computer then run it and go to the tools menu and then "Travelers disk setup". And the computer u try and run the usb drive on has to either have truecrypt binaries/driver already installed(main program) or the account u try to run it on has to have root(linux)/administrative(windows) rights. Cause running truecrypt off the flash drive still requires the truecrypt driver to run on the host computer. And it is only possible to make a hidden OS from windows, u can make a linux or unix one. Best thing is hidden volumes, create a hidden volume and put tor in there. Youll have two passwords, one mounts the outer (decoy) partition and the other mounts the hidden volume with tor/important-personal files/folders. If you have any questions feel free to ask.
Title: Re: Using TOR within a TrueCrypt volume
Post by: xXShadowXx on March 03, 2012, 02:08 am
Ah not a mac user so Im no help there. But I do have my "SR toolkit" set up pretty much exactly how you mentioned: TrueCrypt volume contains my Tor, my PGP, text files of bookmarks, etc.

I found that the old school PGP 6.5.8 (the last version by MIT before they sold it) is still every bit as functional and compatible with gpg, and I was able to make it portable by just copying the program directory to my Truecrypt/USB volume.

So the whole truecrypt volume including PGP, tor, etc.. all on a usb? Does the USB drive leave any traces if used in this traditional capacity (as opposed to tails or liberte) on an everyday computer? Like theoretically if i had a completely brand spankin new computer and I plugged in a USB with such a truecrypt drive built in, after some usage (text edit, pgp, tor, etc..) would it still be brand spankin new? (Mac or PC)

cheers!
Theoretically if used correctly. Some programs have default directories in there config files. An example would be virtualbox. Even if installed on a flash drive/hidden drive it will save files to your local partition if not configured not to.
Title: Re: Using TOR within a TrueCrypt volume
Post by: inscape on March 03, 2012, 02:10 am
here's a good link on how to do such a thing though. it's not "impossible"..

http://www.ithiriel.com/content/2009/06/01/gnupg-keys-usb
Title: Re: Using TOR within a TrueCrypt volume
Post by: audacity on March 03, 2012, 02:26 am
to get truecrypt to run off a usb drive you gotta install the main program on your computer then run it and go to the tools menu and then "Travelers disk setup". And the computer u try and run the usb drive on has to either have truecrypt binaries/driver already installed(main program) or the account u try to run it on has to have root(linux)/administrative(windows) rights. Cause running truecrypt off the flash drive still requires the truecrypt driver to run on the host computer. And it is only possible to make a hidden OS from windows, u can make a linux or unix one. Best thing is hidden volumes, create a hidden volume and put tor in there. Youll have two passwords, one mounts the outer (decoy) partition and the other mounts the hidden volume with tor/important-personal files/folders. If you have any questions feel free to ask.

Okay cool. as to why i was skeptical earlier i was thinking that was the case (the USB aspect of your comment) as i guess there'd have to be some way to interface with the encryption of the drive. So but the latter part is actually what i was thinking my approach will be. I guess my questions would be then:

1) How would you get a key chain to work within the vacuum of this hidden drive on the OS?

2) Would opening text edit and preview and other such applications leave a trace outside the hidden drive?

3) Would you be anymore secure with a 'fully encrypted disk' (the whole drive)? If it is totally secure and there is no leakage from the mount why would it be necessary?

The idea would be for plausable denability to say that yes, i have the truecrypt application but there is in-fact, no hidden volume.
Title: Re: Using TOR within a TrueCrypt volume
Post by: audacity on March 03, 2012, 02:57 am
here's a good link on how to do such a thing though. it's not "impossible"..

http://www.ithiriel.com/content/2009/06/01/gnupg-keys-usb

Is this then instructions on how to move the GnuPG source 'keyring' to the volume? Honestly can't even get the source code compiled on OSX- maybe i'd have better luck on linux but a lot of the './configure make install' error feedback is way over my head

Excuse my ignorance  :-[  but i may have to go the pre-build application (gpgtools..) route

thanks though mate, i wish i was up to speed on unix coding but too many projects already going at once ya know.
Title: Re: Using TOR within a TrueCrypt volume
Post by: homersimpson on June 07, 2012, 11:52 pm
Sorry to kinda jump on your thread.

I partitioned and encrypted my usb and all was working fine then I extracted and ran the linux liveUSB in the hidden folder.
I restarted my computer assuming it would boot up ask me for a password and then it would let me access liveUSB with a fuck POPO attitude.

However when I restarted it I just got a message saying remove my usb and press any key to restart.

I'm pulling my hair out not understanding what I have done wrong, please someone help me :(

Thanks
Title: Re: Using TOR within a TrueCrypt volume
Post by: Ben on June 08, 2012, 01:05 am
Whats wrong with using truecrypt to fully encrypt the boot partition, in system mode?

Obviously this would also work when booting from an external device like a flash drive or harddisk in a usb connectable enclosure.
Title: Re: Using TOR within a TrueCrypt volume
Post by: SR_Seller_Accounts on June 08, 2012, 04:11 am
If i were to theoretically create an encrypted truecrypt volume, unzipped the TOR browser bundle inside, and ran it exclusively within this volume- would there be any traces on the computer once the volume is closed? This is on a mac in my friends' case, but I also ask in general.

The idea i guess is to have a clean every-day computer, with a useable secure tor browser inside the volume where all SR info (bookmarks, public keys, etc...) would be unobtainable?

Also, is it possible to have a pgp/gpg keychain within this volume with no trace outside of it (again ideally on a mac). GPGtools seems to need to be installed on the main disk (correct me if im wrong).

Lastly, is there a good option as to hiding the actual existence of the truecrypt Application on a Mac? In essence I would like to have a mac on which one can use SR as reasonably securely as possible where unless you knew all about the truecrypt volume it would be a virtually normal computer.

Thanks guys- I've learned a lot here and your responses really do not go unappreciated :)

Edit: If you guys have another idea as to a comparable level of security using other methods, i'm totally all ears. Cheers-

yes I have everything inside of two double-encrypted usb devices, as well as burnt to multiple rewritable cd's. Run my shit right from there and save everything to them.

When you create a truecrypt volume you have the ability to create a HIDDEN TRUECRYPT VOLUME that has two passwords that give plausible deniability in case some evil motherfucker is holding a gun to your head. The outter volume being a decoy, and the inner volume being the real one. That way you can be coerced into giving the decoy volume credentials while havinf plausible deniability for the hidden one you dont mention or refuse the existance of if pushed. Same goes for law enforcement =)

y