Main Index   Search   Register   Login   Who's Online   FAQ   Links
  1 Online, 0 Active   You are not logged in  
Main Index     The HIVE light edition (TM)
This is a historical archive
The forum is read-only. Private information has been removed. It is not possible to login.


The Server Room Thread:   Previous  Forum index  Next

All 18 posts   Subject: another thought on securing HDDs   Please login to post   Down

 
    fortunate1
(Stranger)
11-06-03 08:44
No 469079
      another thought on securing HDDs     

Sorry to see that the thread closed on the note that it did...

First and foremost - any data stored on a magnetic medium or burned into a CD/DVD is 100% retrievable and readable - no matter how it is encrypted or erased. Trust me.

Here's a very good plan for securing your data. Which points you follow depends on what your storing, how much $$ you have, and how paranoid you are...

(1) Don't store the data.
(2) If you must, make sure that computer is never on the network - this is a golden rule followed by anyone serious about keeping their secrets secret.
(3) Separate the secret stuff from the non-essential stuff (your OS and programs) and keep it on its own HDD.
(4) Abandon anything Microsoft makes - Linux and other derivatives are cheap and easy to use. You learned organic chem so you can learn a better/safer OS.
(5) Use a flashdisk with data guard for your secret data.
(6) Regularly flush or disable any backup files - programs like web browsers or MS Word make hidden backup files to "protect" your data from accidentally being lost. Invest time and learn to write a script that periodically sweeps these smoking guns.

That's the comprehensive plan.

What are flashdisks? Basically a flashdisk is a HDD that uses solid state memory (like the RAM in your computer) to maintain data instead magnetic film. They are very rugged (no moving parts), plug and play just like a regular ATA/IDE drive, and are used by people that demand serious security for their data - think military weapons, no shit. Erasing the data on a flashdisk is irreversible and unreadable - transistors have no memory but magnetic stuff does! You can get them with programmable features like "erase my data after X hours of no power" or "erase my data instantly if the power is removed."

If you really have some $$ and don't want to follow all the rules above - buy a big flashdisk (1GB ~ $800), install everything on that drive, buy a UPS, and set the drive to erase after X hours after power disconnect.

Keep any system off the 'net. Trust me.

Knowledge is power - don't give them any more power
 
 
 
 
    hey_man
(Legba)
11-06-03 09:38
No 469086
User Picture 
      No matter how?     

Good advice, but you know not what you speak of.

I like to perform low level formats, see picture...



I also love my flash drive, but it sure as hell didn't cost me $800, I think I paid $49 for a 256Mb flash drive that fits on a keyring or easily inserted up my butt when I don't happen to have pockets.

No encryption is safe huh?

Glad we don't both live in the same world.

 
 
 
 
    Unobtainium
(Instant Karma)
11-06-03 11:12
No 469099
User Picture 
      perhaps you didn't read carefully...     

he said "trust me", twice. It's obvious he knows what he's talking about. Maybe you should just sit back and be thankfull this expert has come forward and choosen to share his wealth of information with us lowly mortals.

By the way, I don't sell flash drives for $800 anymore unless I see a paranoid sucker coming my way.

fuck
 
 
 
 
    BigKev
(Stranger)
11-06-03 13:35
No 469117
      deleting free space...     

yeh flash drives/sticks are ok. i havent see a drive as such but i have seen USB sticks and fairly cheap about $60 for 128mb. reason i dont like sticks are as most (generics) dont have password protection and physicaly arent protected well unless you buy a branded one such as sony etc.

with free space issue ive re-written (just for kix) a old HDD 18 times by filling free space with garbage and the end of files all free space total 18 times. no commerical HDD recovery util i used (i used 4) could not recover anything.

i supose anything over 9 re-writes is ok. but yeh everything prob can be recoverable if say someone opened the HDD and access the physical plates in HDD.

i just dont really get how you can reover if you overwrite that many times. if you just delete (from OS point of view) it doesnt "remove" it as such from the HDD rather makes the OS think its free space to be allowed to be overwriten. not sure how EXT2 and EXT3 filesystems deal with deleting files.

i like to think of it as a VCR tape. tape a movie, then tape over it 18 times and how could you recover what was on it 18 overwrites ago? as you physicaly write to it. get a piece of paper and write a word on it. get a texta and scribble over it once, try to see if you can read it yup you can. do it another 18 times and its pretty hard.

confused.

I'm EXCITED!
 
 
 
 
    Osmium
(Stoni's sexual toy)
11-06-03 13:42
No 469120
User Picture 
      It is possible to discover remnants of prior...     

It is possible to discover remnants of prior magnetization, since the read/write head will not completely erase them. But you need to physically open up the drive and work directly on the disk surface, with very sophisticated equipment.

Overwriting it once is good enough for home use, no software tool will be able to recover your data.

I'm not fat just horizontally disproportionate.
http://www.whatreallyhappened.com
 
 
 
 
    fortunate1
(Stranger)
11-06-03 16:30
No 469155
      some clarifications...     

I offered a general security plan... you can take it or leave it. I am happy that we started some good discussion here - questions educate.

Overwriting
Yes, if you over write you can obscure the data and make it harder to see. In magnetics it's all a question of the material's mechanical memory. The longer a track has been left laid down - the stronger the memory is. Think of it as a slow moving water stain on your ceiling. If that track is then quickly overwritten several times, the original is *still* readable with a standardized technique in a lab by looking for the stains. The question is "how bad do they want to know your secrets?" And now a days, there are several vendors that do data recovery... and forensic data recovery.

A process that used to be employed to defeat this was periodically shifting your data around by non-symmetric block sizes. The data never sat still very long so it minimized the stain.

Flashdisks
If you went the route of buying USB keys then you are gift wrapping your secrets. They offer no credible security. Sure you can physically trash them in a hurry, but the original request was to make a system that takes care of itself when you can't. In an extended dreamworld, BitMicro 2.5" IDE drives were used heavily. Remember, you get what you pay for.

Encryption
It's not bad to have encryption, but don't be foolish enough to think someone doesn't already have a key. :)

Erasing
Thank you for pointing out that erasing only makes the space available and (normally) doesn't remove the data.


I'm not trying to scare anyone. I was just offering some basic and effective ways to keep prying eyes out. Find your weaknesses. Weigh the risk. Make them work harder!

Don't store your secrets
Don't EVER put them on a computer connected to the 'net
Dump MS or educate yourself on its ins/outs
Make your system passively protect itself

Trust me. Opps that's three times. I don't use it that often to get laid.
 
 
 
 
    fortunate1
(Stranger)
11-06-03 16:35
No 469157
      Next week...     

We can talk about spoofing IR detectors, lasers used to record conversations off your windows, and other not-so-legal methods used for "surveillance"...

Ok... now I'm trying to scare you. Sorry I was sick for Halloween.
 
 
 
 
    weedar
(martha stewart's little bitch)
11-06-03 21:04
No 469196
User Picture 
      or     

we can discuss if asymmetrical encryption really is
safe. symmetrical encryption looks dandy.

Tant pis!
 
 
 
 
    yellium
(I'm Yust a Typo)
11-06-03 23:04
No 469217
      And when can we discuss the tin foil hats,...     

And when can we discuss the tin foil hats, miniature black helicopters and implanted microchips?



...oh, we have already done that, but THEY made me forget...
 
 
 
 
    merbst
(Stranger)
11-07-03 05:30
No 469355
      The program http://www.jetico.com/index.htm#/bc...     

The program http://www.jetico.com/index.htm#/bcwipe_faq.htm BCWIPE is very handy for overwriting a hard drive's slack space and free space 7 times with random bit patterns.  Its an overnight process, and read the FAQ before using, but its a free 30 day trial, and quite overkill for the job. smile
 
 
 
 
    Turel
(Stranger)
11-07-03 07:36
No 469384
      Pointless     

"Secure" your data? Yeah right...that's cute.

Just what kind of data do you intend to hide? To be worth hiding in the first place, such data must be able to assist the dreaded 'them' in your prosecution. So what are you going to hide from them by 'securing' it?

Writeups? Pictures of yourself making drugs? Oodles and oodles of juicy 'data' on illegal activities that they would just love to have? I have a better solution: Don't download that shit in the first place. You didn't break into the records of the Russian KGB and steal secret codes to decrypt this precious 'data'. No, you downloaded it for free off of a website.

Information isn't just going to totally vanish from existence overnight to thwart your plans for making that 60kg of methamphetamine and moving to Portugal with your riches....

My point is this: This subject is a little over-glorified. If you have needfor these measures, that is because of two things: 1.Your actions/activities are such that you have much to hide and fear, and 2.You are foolish enough to store prosecutable data on your personal computer, while you engage in these activities. Wow.....

You can 'safeguard' yourself by not storing shit that can be used against you. Besides, even if you 'secure' this sensitive data, your computer will still contain enough intelligence to prosecute you. 'They' might not be able to find your secured files, but they can see where you likely got them, because uncle sam knows billy's software inside and out, better than you do.

Hide all you want, Windows and your ISP hold all the information they really need.

Hah, wonder if you can fuck billy's attempts to monitor you right over by getting your 'windows' onto a RamDrive? Dynamic RAM leaves no trace of data once power is removed. Boot from a CD containing the partition ghost, along with the setup of the RamDrive and special boot sequence. laugh

-T
 
 
 
 
    placebo
(arrogant bee of the day)
11-07-03 09:22
No 469396
User Picture 
      Re: First and foremost - any data stored on a...     


First and foremost - any data stored on a magnetic medium or burned into a CD/DVD is 100% retrievable and readable - no matter how it is encrypted or erased. Trust me.



You just make a 650mb PGP disk, fill it with secrets and then burn it to your CD. Nobody can read it!


I'm not fat, I'm just too short for my weight.
http://www.whatreallyhappened.com
 
 
 
 
    weedar
(martha stewart's little bitch)
11-07-03 09:45
No 469404
User Picture 
      hey Turel     

heard of Knopix? You can boot right off the CD.
No fuss, no mess.

Agree fullhartedly with you though, what kind of information
would you NEED to have on your computer?

Tant pis!
 
 
 
 
    Turel
(Stranger)
11-07-03 20:33
No 469508
      I Use Knoppix     

I use Knoppix all the time. I also like DamnSmallOS too. Small enough tio fit onto a mini-CD. But having 'windows' on a RamDrive also has other benefits. I'm not even certain if it can be accomplished though. But alas, I'm going off topic, and will cease.

-T
 
 
 
 
    ScuzZ
(Hive Addict)
10-25-04 12:13
No 537676
      CD Data Erasure     

1. Insert CD into microwave.

2. Set microwave for high and power on for 5 - 10 seconds.

3. Marvel at your new piece of artwork.
 
 
 
 
    LaBTop
(Daddy)
10-26-04 01:30
No 537813
User Picture 
      I like what the first poster indicated     

as the task set for the discussion:
""Sure you can physically trash them in a hurry, but the original request was to make a system that takes care of itself when you can't.Make your system passively protect itself.""

So, how do you, paranoid enough Knoppix bootable-CD users, exactly work, with which sort of underlaying HD, in what way formatted, so you can store your full PGP software and use PGPed info from Knoppix wordprocessing files on that "secure" HD. And still use a passive protection software solution, which will erase files on that HD or memstick, when certain parameters are set by you, and met on certain Law Enforcement occasions, which trigger an irreversable, also by LE, erase process.
No formatting of that HD allowed by any MS programs (supposedly full with US + Echelon backdoors), or any other extra HD's with MS software on them, in the same box.

And, yes, we, by now, after so many remarks about it, know very well, that you must fall in special categories to get that sort of attention and so much LE labour invested to get to your "secrets".
Why can't I use the best there is available, just for the sport of it, and the challenge to my intelligence? I never liked other people to read my letters send by postal, so why should I not go all the way to protect my rights on a different medium.

Let's try to be serious, don't ridicule those posting with some obvious expertice, who also clearly indicate, they try to help.
 
And microwaves, ovens and hammers are lots of fun to make from a serious poster, but it shy's away from the real subject:
 
Passive data protection.
Which a lot of posters here are sure as hell very interested in.
And yes, this is serious enough to provide step by step guidance, to protect our core of damn good chemists, of whom too many seem to have too little expertise in the software corner, to keep asure to stay unharrassed by their local LE thugs or their collegues and bosses.

That Knoppix CD is a damn good start, but where do you store all your online defence software like firewall, antivirus, and browser + plugins, IP software etc etc. That sort of software constantly needs updates, so yes, you could burn the programs on a RW.CD or RW.DVD, and rewrite the updates, but that seems a bit too far fetched, to need one CD drive for your Knoppix-OS and one RW.DVD drive for all your other software programs.
A big 1 Gig memstick is perhaps better and surely cheaper.

But, how do you 100% passively protect that whole setup!
If anybody steals a box or laptop, or confiscates it, it would be nice to make any chemist happy, who can sleep easy, when he knows that that box or laptop will have erased itself, no doubt about it. LT/

WISDOMwillWIN
 
 
 
 
    Osmium
(Stoni's sexual toy)
10-26-04 08:06
No 537878
User Picture 
      > That Knoppix CD is a damn good start, but     

> That Knoppix CD is a damn good start, but where do you store all your online
> defence software like firewall, antivirus, and browser + plugins, IP software
> etc etc.

???
You don't need antivirus-software on a knoppix cd. Firewall is included. Remember, this is linux, you don't have to buy any Noprton internet security package. The knoppix cd contains all you need, and if you want more or other software then you can simply throw out some of the bulkier programs (e.g. one of the several office suites, the documentation etc) from that CD and add your own. If you want to know how to do it consult the knoppix faq.

> That sort of software constantly needs updates,

http://www.debian.org/doc/manuals/apt-howto/index.en.html

> so yes, you could burn the programs on a RW.CD or RW.DVD, and rewrite the
> updates, but that seems a bit too far fetched, to need one CD drive for your
> Knoppix-OS and one RW.DVD drive for all your other software programs.

You can store additional software or data on removable drives, USB sticks etc. You can also modify the knoppix CD. There are how-tos for this available.

> A big 1 Gig memstick is perhaps better and surely cheaper.

It sure is a nice toy, but cheap? Don't think so.

There is no need to encrypt the knoppix CD or your software. Only the user data is important. Simply encrypt your home directory, linux doesn't store user data all over the hard drive like windows does. Everything goes into the home directory of the respective user.

> No formatting of that HD allowed by any MS programs (supposedly full with US +
> Echelon backdoors), or any other extra HD's with MS software on them, in the
> same box.

Yeah right. Format c: or HD wiping tools running under windows will put some evil NSA backdoor on that HD that will compromise your linux or other OS installed on top of it.

BUSH/CHENEY 2004! After all, it ain't my country!
www.american-buddha.com/addict.war.1.htm
 
 
 
 
    WizardX
(Wizard Master)
10-27-04 05:40
No 538048
User Picture 
      Boot Managers     

Smart Boot manager  http://btmgr.webframe.org/   Best
Powerful Password Protection: You can not only assign a password for each partition or driver, but also set a password for administrator. There are three security level in SBM, which can make your computer secure and robust.

XOSL http://www.freedownloads.be/downloaddetail/308  Good
Extended Operating System Loader (XOSL) is the world's only full-featured free boot manager with a real, easy-to-use and full-blown graphical user interface.

I was instructed by a person of high computer science knowledge to do the following.

(1) Password protect your BIOS.
(2) Primary HDD with Windows or Linux OS.
(3) Secondary HDD with Windows or Linux OS, in a removable HDD carriage.
(4) Image/backup both Primary & Secondary HDD.
(5) Install Smart Boot Manager, configure and set the password security levels on ALL HDD.

Using Smart Boot Manager, boot secondary hdd for Hive and storing data. Store ALL data encrypted in a container/safe. Use Tracks Eraser Pro (window users) to clean your internet surfing. Remove HDD carriage from PC box to take it with you.
 
 

All 18 posts   End of thread   Top
   

 https://the-hive.archive.erowid.org    the-hive@erowid.org
   
Powdered by Pygmy Brains® Version 5.16.3, Copyright 2015, HAL Microsystems Corporation Asia. All rights reserved.

Links     Erowid     Rhodium

PIHKAL     TIHKAL     Total Synthesis II

Date: 03-29-24, Release: 1.6 (10-04-15), Links: static, unique