New to security..

So i'm new to alot of this, however I have been a bit paranoid here and there about which data of mine the goverment gets, and what it's watching.




I have some questions, I have on my computer Evidence Eliminator, my father had bought it some years back, for one reason or another; and shared his license with me. I've never quite been confident in the program, and as i've read a recent thread here, it does seem to be relatively destructive.

However, is it effective in removing sensitive data, that could be recovered by forensic means? does it cover all the bases, I know i've seen some screwed up things now, and even scarier is i learned they still could be hidden somewhere deep in my computer, i've never known how to test how effective my security programs were working.

So what is the reletive best in terms of effectiveness for file shredding and system washing, encrypting your computer and making sure that even the most determined of people can't bring that stuff back?

Also, which is the best form of encryption, I do use Truecrypt and I use on a container usually Serpent - Aes - Twofish, can it get any better then that?

Thanks for the help, i'm such a newbie when it comes down to it, just want to be safe than sorry.

 

Encryption - TrueCrypt

Harddrive wipeing. - Dariks boot and nuke + Evidence eliminator + Eraser.

[Also A vs B Policy.]

 

Listen to me, and don't panic when I tell you this, but if they want it bad enough, the big boys with the big toys and bigger pocketbooks (oh, lets say CIA/NSA) CAN get that info. You will get arguments galore from people here and elsewhere that such and such numbers of wipes and deleting this and that makes data unrecoverable via the known methods......via the KNOWN methods. As smart as most of the members here are, and as smart as the most well known security guys across the web are, unless they ARE the CIA/NSA, they don't know what they can and can't recover. They are merely going on what they DO know, which when it comes to the secretive nature of intelligence agencies, isn't a lot.

I really don't care to hear what "security experts" want to keep repeating. I will say this again, unless you work with the higher government agencies, you DON'T know what they are/aren't capable of. Call it conspiracy theory, fable, FUD, whatever you want, but if you deny that truth, you're just fooling yourself and others. Another truth is that in this day and age, if you ever have to go to court for being accused of some sort of computer crime or any crime where a computer is involved, just having a program like Evidence Eliminator is going to raise even more flags, simple truth.

Don't go sticking your nose where it doesn't belong and you needn't worry. Always remember, you may not have the evidence anymore, but your ISP does, the websites you visit keep logs, you CAN be found, get over it. As far as strongest encryption, that's better left to people more knowledgeable about it, I THINK AES 256.

Edit: I realize you were just after some basic information to protect files and such from the "normal" bad guys, like hackers that want to use you as a bot or just steal your financial data. They fortunately are MUCH easier to protect against. Truecrypt is actually a good defense as far as password protecting files and such. Do always make sure you have lengthy passwords that are completely random. There are quite a few programs out there that will help with that called password managers, PasswordSafe being a pretty good example.

To keep trojans and such that can steal your data away from your computer, nothing beats a good antivirus program and some common sense as far as opening up files, especially .exe and the like. In all honesty the only thing erasers, cleaners and such do, again, unless you are hiding something, is give slight performance gains by getting rid of space-hogging temp files and obsolete entries. Again though, I need to stress that even once you get rid of something on your computer, if it involved the internet in any way, there are likely traces of that activity floating about out there, and there are people trained to pluck those traces right up.

 

Oh i'm positive there's nothing on my computer of interested to the NSA or CIA. If there had been, I wouldn't think twice about vaporizing the hard drive. no amount of music and stuff would be worth that

Well someone has to design this security stuff, even for the goverment. I don't buy in to the whole tom clancy goverment secret agent thing much, but i'll agree that there may be methods we just havn't heard of yet.

As for having a program called evidence eliminator, i can see it raising an eyebrow; but any security expert called in for defense or prosecution will know that it's a file shredder, regardless of it's name. weither it's eraser, window washer or evidence eliminator i think they'll know the function is the same. But i'll keep that in mind.

Ah sometimes thats harder said than done. especially in today's internet.

visit some place like 4chan, find a funny thread, decide to download the entire thread of pictures. What you don't know is someone slipped a surprise in there. You may not know it for days or weeks or even months.

Playing around with TOR, you click on some random link and your whole night is ruined.

Accidents can and do happen, god knows I know that. I just don't want to have to pay for them.

unrelated now

as for the encryption thing, truecrypt offers the triple encryption thing with AES being one of them, would this be safer to use than a single encryption, or does it not matter either way?

I have a friend that did navy intelligence and worked with encryption, i just find it interesting; there's no real use for it for me, in terms of requirement, but it does make one think.

Right, there's nothing on my computer that any intellegence agency would want; but if things are stored as long as people say they are.

I'm sure there are remenents of things that would probably raise a few questions and eyebrows. I don't want that stuff on there! I want it gone, never to be seen again.

Thanks for the info on the passwords, i'll look in to that, I do have a highly randomized password, infact i can't remember it myself, i have it copied down somewhere safe.

Obviously I can make it even safer.

 

"Well someone has to design this security stuff, even for the goverment. I don't buy in to the whole tom clancy goverment secret agent thing much, but i'll agree that there may be methods we just havn't heard of yet. "....Ahh, but the ones who design such methods ARE the government As far as the Tom Clancy-type deal, well, none of us knows what goes on behind the soundproof thick steel doors of the nations intel agencies. Just remember, everything we use today in technology in our homes was once "science fiction" and "did not exist" according to our governments.

The reason I mentioned Evidence Eliminator is because it's one of the more well known of that type of software and police and government are highly aware of it.

Lol, 4chan can be bad news, but, still, if you're truly up to something, worry, if you happen across things and don't go actively looking for trouble, there's no need for worrying. As far as single and triple encryption, I'm afraid I don't know enough about it to give a good answer.

 

True enough.

So i've read in another thread. I suppose robinhood software could of picked a less... provocative name.

Yes 4chan can be, can be a source is hilarity but sometimes it takes just one guy to ruin all the fun.

In any case as long as evidence eliminator will pulverize all that old data to mush, i'm happy.