Encrypting Your Hard Drive? - Computers - International Cannagraphic Magazine Forums

Herbasaurus · 11-06-2009, 03:31 PM

"Surfers Paradise man Rohan Wyllie, 39, pleaded guilty in Southport Magistrates Court on Monday to spying on his flatmates through a network of peepholes and cameras wired throughout his apartment.
However, he escaped a lengthy prison sentence as police were unable to crack an encryption code on his home computer and view the illegal footage. He was instead placed on two years' probation."

Source: https://www.smh.com.au/technology/win...ml?comments=19

There is another thread her about how Windows is easily searched by LEO and Microsoft admits working with LEO in the article above.

https://www.icmag.com/ic/showthread.p...ight=Microsoft

So the question becomes - what can we do to make the computer unsearchable without overwritng everything a dozen times?

Is PGP the way to go? I understand the Feds had a lawsuit against PGP a few years ago that they sudedenly dropped, raising the suspicion that either PGP added a back door or the feds could crack it.

This is all a bit over my head tech wise so if any of our experts could break it down very very simply it would be much appreciated.

Pinball Wizard · 11-06-2009, 03:48 PM

It's over my head, too. I hope there is a simple way to do it.

There's been several local newspaper articles, lately...where the search warrant was for the owner's computer only.

(the latest one, the owner blew his brains out; after the police took his computer...apparently...he was up to no good?)

boroboro · 11-06-2009, 04:09 PM

https://www.truecrypt.org/
whole-disk-encryption, hidden boot volumes, steganography, open source, lots of good things going on with TrueCrypt lately. Plenty of documentation so you can start learning it with little background knowledge:

Begin here, creating a simple hidden volume:
https://www.truecrypt.org/docs/?s=tutorial

Ready for more? A completely hidden operating system would be pretty damn cool:
https://www.truecrypt.org/docs/?s=hidden-os

Don't want to learn it? Well, good luck, then.

Steganography may well be worth learning for U.S. and British people (and other countries?) where there is some precedent for allowing the courts to force defendants to reveal passwords.

Tony Aroma · 11-06-2009, 05:18 PM

I don't know about Windows, but Mac users have two options, both built into the system.

The first is File Vault, which will encrypt everything in your home folder. I personally DO NOT recommend this unless you have serious security concerns. If you forget your password or have a hard disk problem, all your stuff will irretrievable.

The second option is to create an encrypted disc image and put just the items you want to be secure on it. That's what I do with all my picts and grow logs and such. When it is mounted, it acts just like any hard disk. Otherwise it appears as an archive, and with clever naming and placement can be made pretty inconspicuous. You cannot mount an encrypted disc image without a password (which you should NOT store in your Keychain).

Both options are VERY secure. LEO doesn't like (criminals with) Macs for that reason, as they typically cannot crack their security.

11-06-2009, 08:52 PM

before you encrypt you have to make sure your drive is clean

instead of trying to hide a os i'd put it on a sd card or usb drive

for deleteing everything to dod standards i use boot n nuke, you download it, burn it to cd or usb then reboot and boot from that disc then you'll have options on what drive to delete and how to delete

and for a single file on windows you can use analogx's supershredder

Jalisco Kid · 11-06-2009, 09:22 PM

Is windows vista 64 bit encryption worth the effort? JK

Herbasaurus · 11-09-2009, 09:45 AM

boroboro

thanks for the truecrypt link - liked the hidden OS and hidden folders idea but a little too tech for my pea brain - actually a lot too tech.

found this link that breaks it down a little easier

https://www.goingware.com/encryption/

and mentions a canadian e-mail crypt that sounds good but hard to believe a gov't would put out a crypt they couldn't crack.

Anyone have any idea of the status of the law as far as forcing you to disgorge password? Sounds like it should be 5th amendment stuff but in these patriot act days and very conservative supreme court I just don't know.

Hoping someone like boroboro could start a "Encryption for Dummies" thread.

Tony - I hope you are right about Apple file vault but I would suspect any big company to possible providing a back door to LEO in these patriot act times.

As another thread show, the patriot act "sneak and Peek" provisions have been used mainly in drug cases
https://www.icmag.com/ic/showthread.php?t=138158

ChaosCatalunya · 11-09-2009, 10:54 AM

Just so as you know...

In the UK at least, if LEO find encrypted data, they can and will force you to open it [give up the pwd] or you get in far more trouble, legally, they can and do presume the worst.

As some of you already know, deleting something in Windows [or Mac etc just as much] is like ripping the covers off a book, the book is still there even though "you cant see it". Data written onto a Hard Drive is still readable once it has been overwritten many times, as is data from otherwise "dead" hard drives. Anything you have ever done on a PC is clear as daylight to an IT expert, anything you have ever done online is there for eternity.

Never say anything online, on a PC or a telephone you are not totally happy to explain to a judge and jury.

Obviously, constantly wearing a nice tinfoil hat with some spectacular horns you fashioned yourself will render you totally safe from these emisaries of Satan. Do take care with nearby exposed electrical sockets though, that shit conducts....

Pinball Wizard · 11-09-2009, 11:13 AM

Quote:

Just so as you know...

In the UK at least, if LEO find encrypted data, they can and will force you to open it [give up the pwd] or you get in far more trouble, legally, they can and do presume the worst.

waterboarding?... I assume...

wintermute · 11-09-2009, 11:25 AM

If you are going to encrypt disks, do it full disk encrypted not folder or volume based.

Full disk encryption protects the operating system at rest as well as data! Keeping your OS clean is another task.

Good FDE means pre-boot authentication and volume loading. If it doesn't do pre-boot authentication your OS is not protected! This needs a USB key, Crypto Fob, or CD-ROM to boot up sometimes.

Windows FDE:
-> BitLocker (Vista)
-> TrueCrypt with XTS and Bootloader

Mac FDE:
-> PGPDisk?

Linux FDE:
-> dm-crypt/LUKS
-> dm-crypt/cryptsetup (older)
-> loop-aes with custom boot!
! NOT cryptoloop it is crap.

11-06-2009, 03:31 PM	#1
Herbasaurus Member Join Date: Sep 2009 Posts: 176	Encrypting Your Hard Drive? "Surfers Paradise man Rohan Wyllie, 39, pleaded guilty in Southport Magistrates Court on Monday to spying on his flatmates through a network of peepholes and cameras wired throughout his apartment. However, he escaped a lengthy prison sentence as police were unable to crack an encryption code on his home computer and view the illegal footage. He was instead placed on two years' probation." Source: https://www.smh.com.au/technology/win...ml?comments=19 There is another thread her about how Windows is easily searched by LEO and Microsoft admits working with LEO in the article above. https://www.icmag.com/ic/showthread.p...ight=Microsoft So the question becomes - what can we do to make the computer unsearchable without overwritng everything a dozen times? Is PGP the way to go? I understand the Feds had a lawsuit against PGP a few years ago that they sudedenly dropped, raising the suspicion that either PGP added a back door or the feds could crack it. This is all a bit over my head tech wise so if any of our experts could break it down very very simply it would be much appreciated.
	Quote

11-06-2009, 04:09 PM	#3
boroboro Member Join Date: Jul 2007 Posts: 505	https://www.truecrypt.org/ whole-disk-encryption, hidden boot volumes, steganography, open source, lots of good things going on with TrueCrypt lately. Plenty of documentation so you can start learning it with little background knowledge: Begin here, creating a simple hidden volume: https://www.truecrypt.org/docs/?s=tutorial Ready for more? A completely hidden operating system would be pretty damn cool: https://www.truecrypt.org/docs/?s=hidden-os Don't want to learn it? Well, good luck, then. Steganography may well be worth learning for U.S. and British people (and other countries?) where there is some precedent for allowing the courts to force defendants to reveal passwords.
	Quote 1 members found this post helpful.

11-06-2009, 05:18 PM	#4
Tony Aroma Let's Go - Two Smokes! Join Date: May 2007 Location: King of Donair Posts: 1,568	I don't know about Windows, but Mac users have two options, both built into the system. The first is File Vault, which will encrypt everything in your home folder. I personally DO NOT recommend this unless you have serious security concerns. If you forget your password or have a hard disk problem, all your stuff will irretrievable. The second option is to create an encrypted disc image and put just the items you want to be secure on it. That's what I do with all my picts and grow logs and such. When it is mounted, it acts just like any hard disk. Otherwise it appears as an archive, and with clever naming and placement can be made pretty inconspicuous. You cannot mount an encrypted disc image without a password (which you should NOT store in your Keychain). Both options are VERY secure. LEO doesn't like (criminals with) Macs for that reason, as they typically cannot crack their security. __________________ Get up, stand up. Stand up for your rights. B. Marley
	Quote

11-06-2009, 09:22 PM	#6
Jalisco Kid Marijuanero Join Date: Mar 2006 Posts: 394	Is windows vista 64 bit encryption worth the effort? JK __________________ Be Safe Grow Well...
	Quote

11-09-2009, 10:54 AM	#8
ChaosCatalunya 5.2 club is now 8.1 club... Join Date: Nov 2007 Location: Nr Barcelona Posts: 4,039	Just so as you know... In the UK at least, if LEO find encrypted data, they can and will force you to open it [give up the pwd] or you get in far more trouble, legally, they can and do presume the worst. As some of you already know, deleting something in Windows [or Mac etc just as much] is like ripping the covers off a book, the book is still there even though "you cant see it". Data written onto a Hard Drive is still readable once it has been overwritten many times, as is data from otherwise "dead" hard drives. Anything you have ever done on a PC is clear as daylight to an IT expert, anything you have ever done online is there for eternity. Never say anything online, on a PC or a telephone you are not totally happy to explain to a judge and jury. Obviously, constantly wearing a nice tinfoil hat with some spectacular horns you fashioned yourself will render you totally safe from these emisaries of Satan. Do take care with nearby exposed electrical sockets though, that shit conducts.... __________________ .....
	Quote

11-06-2009, 03:48 PM	#2
Pinball Wizard Si non oscillas, noli tintinnare Join Date: Jul 2006 Location: Hooterville Posts: 2,933	It's over my head, too. I hope there is a simple way to do it. There's been several local newspaper articles, lately...where the search warrant was for the owner's computer only. (the latest one, the owner blew his brains out; after the police took his computer...apparently...he was up to no good?)
	Quote

11-06-2009, 08:52 PM	#5
mrred Guest Posts: n/a	before you encrypt you have to make sure your drive is clean instead of trying to hide a os i'd put it on a sd card or usb drive for deleteing everything to dod standards i use boot n nuke, you download it, burn it to cd or usb then reboot and boot from that disc then you'll have options on what drive to delete and how to delete and for a single file on windows you can use analogx's supershredder
	Quote

11-09-2009, 09:45 AM	#7
Herbasaurus Member Join Date: Sep 2009 Posts: 176	boroboro thanks for the truecrypt link - liked the hidden OS and hidden folders idea but a little too tech for my pea brain - actually a lot too tech. found this link that breaks it down a little easier https://www.goingware.com/encryption/ and mentions a canadian e-mail crypt that sounds good but hard to believe a gov't would put out a crypt they couldn't crack. Anyone have any idea of the status of the law as far as forcing you to disgorge password? Sounds like it should be 5th amendment stuff but in these patriot act days and very conservative supreme court I just don't know. Hoping someone like boroboro could start a "Encryption for Dummies" thread. Tony - I hope you are right about Apple file vault but I would suspect any big company to possible providing a back door to LEO in these patriot act times. As another thread show, the patriot act "sneak and Peek" provisions have been used mainly in drug cases https://www.icmag.com/ic/showthread.php?t=138158
	Quote

11-09-2009, 11:25 AM	#10
wintermute Member Join Date: Aug 2009 Location: Not Applicable Posts: 82	Disk Encryption - Go FULL DISK Or Go Home! If you are going to encrypt disks, do it full disk encrypted not folder or volume based. Full disk encryption protects the operating system at rest as well as data! Keeping your OS clean is another task. Good FDE means pre-boot authentication and volume loading. If it doesn't do pre-boot authentication your OS is not protected! This needs a USB key, Crypto Fob, or CD-ROM to boot up sometimes. Windows FDE: -> BitLocker (Vista) -> TrueCrypt with XTS and Bootloader Mac FDE: -> PGPDisk? Linux FDE: -> dm-crypt/LUKS -> dm-crypt/cryptsetup (older) -> loop-aes with custom boot! ! NOT cryptoloop it is crap. __________________ *LuminiferousAether*
	Quote