What is your privacy setup like?

Discussion in 'privacy technology' started by blaze x, May 19, 2012.

Thread Status:
Not open for further replies.
  1. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126
    Here's my security setup which focuses on anti-forensics.

    u2012.JPG
     
    Last edited: May 29, 2012
  2. TigerRaptorFX

    TigerRaptorFX Registered Member

    Joined:
    Sep 9, 2011
    Posts:
    58
    Firefox 13
    No Script
    Adblock Plus with Fanboy easylist
    Bitdefender TrafficLight
    Web Developer - Referrers disabled
    Ghostery
    BetterPrivacy set to 1 second delete
    CS Lite aka Cookiesafe - All cookies are set to block by default. Registered sites are set to session.

    Chrome 19 Only for multitasking.
    ScriptNo
    Adblock Plus with Fanboy easylist
    TrafficLight
    Ghostery
    non add-ons
    All cookies set to disable. Only registered sites are set to accept cookies.
    Referrers disabled
    Data sent to Google disabled.
    BetterPrivacy works with Chrome when Firefox is active.
     
  3. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    I'd be interested in hearing about this setup. Have you recompiled TC with customizations?

    PD
     
  4. hashed

    hashed Registered Member

    Joined:
    May 5, 2012
    Posts:
    53

    Same here, especially with the "self-destruct" options :)

    ~h
     
  5. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126


    I'm not using TC but I can only reveal it's one of the rarest commercial FDEs with preboot password destruction.

    About the preboot password destruction:
    If your attacker tries to bruteforce it with dictionary attack, it will kill off the hidden OS access.

    About the startup hidden partition destroyer mechanism, this is easy on my setup (inside decoy OS):
    Be sure to put tons of pictures of beautiful ladies/men to trick your attacker into thinking this is your dirty secret OS.
    ■ I've tweaked a whole range of registry settings; disabling, functions, taskbar, start button menus, task manager etc, desktop icons, drives, safe mode, etc.
    ■ Plant several zip bombs on startup, hide command popups.

    Remember that the hidden OS is located inside decoy OS with "only few MBs of buffer".
    When someone logs into Decoy OS, it is 100% chance the encrypted hidden OS will be overwritten at least partiallly rendering your secrets unrecoverable.

    About the system crash mechanism hotkey, I use Bestcrypt Volume Encryption extra feature. You can assign your own hotkey to crash (blue screen of death) instantly.

    The only weakness to current FDE is cold boot attack, which has maximum 5 minutes window after your computer shuts down.
    In layman terms, your attacker needs to raid your place and spray (eg. liquid nitrogen) freeze your physical RAM within 5 minutes after your computer has been switched off. Make sure sure it's NOT attached to battery (if laptop) or UPS (if desktop).
     
    Last edited: May 30, 2012
  6. Countermail

    Countermail Registered Member

    Joined:
    Aug 7, 2009
    Posts:
    169
    Location:
    Sweden
    Cold boot protection on my laptop :cool:
    (Note: This removes all warranty)
     

    Attached Files:

    Last edited: May 31, 2012
  7. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    So I'll assume it's DCPP and you also run BCVE for the 'Crash' Command? Does that 'Crash' option also wipe DCPP's keys? I assume you don't encrypt anything with BCVE since DCPP is doing it all?

    PD
     
  8. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    JBWeld is a wonderful product :D

    PD
     
  9. Chiron

    Chiron Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    174
  10. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803

    can already imagine the pain in the ~ Snipped as per TOS ~ replacing ram will be with this , nice idea thou , something to consider ;)
     
    Last edited by a moderator: May 31, 2012
  11. hashed

    hashed Registered Member

    Joined:
    May 5, 2012
    Posts:
    53
    I've found a group of people as paranoid as I seem to be :argh:

    ~h
     
  12. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803
    i almost forgot one thing theres something in dev once this gets integrated with TC coldboot attacks will be a thing of the past and no jb weld required ;)

    that would be TRESOR
     
  13. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,327
    Location:
    Here, There and Everywhere
    Before your attacker does anything, they're going to clone the drive. How do you feel software FDE with any kind of "self-destruct after X number of attempts" will protect you at all?

    Am I missing something?

    -
     
  14. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Actually, I can see this as a useful tool (I know it's a hot button topic in the FDE community). There is one real world incident where, if the detainee really had some data he wanted destroyed, it could have helped him. The individual was Kevin Mitnick:

    http://news.cnet.com/8301-1009_3-10054569-83.html

    He goes into a lot more detail on TWiT a few weeks later. IIRC there were some times where they asked for his password, or had him log into other devices. A destruction password would have worked wonderfully. Our potential adversaries aren't all MENSA candidates, and all scenarios aren't 'no knock' raids where you never get to touch your gear again.

    PD
     
  15. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    803

    hence the reason why it hasnt been included in the first place from the TC devs, it is indeed kind of useless against no knock raids , a strong passphrase with fde and thats all you need , then comes jbweld or TRESOR once its ready, and make sure you have a motion detector activated for when your not at home that cuts off your electricity from your pc and hdds ;)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.