Encrypting Your Hard Drive?

[Herbasaurus]

"Surfers Paradise man Rohan Wyllie, 39, pleaded guilty in Southport Magistrates Court on Monday to spying on his flatmates through a network of peepholes and cameras wired throughout his apartment.
However, he escaped a lengthy prison sentence as police were unable to crack an encryption code on his home computer and view the illegal footage. He was instead placed on two years' probation."


Source: http://www.smh.com.au/technology/wi...ck-out-the-law-20091021-h8z9.html?comments=19


There is another thread her about how Windows is easily searched by LEO and Microsoft admits working with LEO in the article above.



http://www.icmag.com/ic/showthread.php?t=136770&highlight=Microsoft


So the question becomes - what can we do to make the computer unsearchable without overwritng everything a dozen times?


Is PGP the way to go? I understand the Feds had a lawsuit against PGP a few years ago that they sudedenly dropped, raising the suspicion that either PGP added a back door or the feds could crack it.


This is all a bit over my head tech wise so if any of our experts could break it down very very simply it would be much appreciated.

 

[Pinball Wizard]

It's over my head, too. I hope there is a simple way to do it.

There's been several local newspaper articles, lately...where the search warrant was for the owner's computer only.

(the latest one, the owner blew his brains out; after the police took his computer...apparently...he was up to no good?)

 

[boroboro]

http://www.truecrypt.org/
whole-disk-encryption, hidden boot volumes, steganography, open source, lots of good things going on with TrueCrypt lately. Plenty of documentation so you can start learning it with little background knowledge:

Begin here, creating a simple hidden volume:
http://www.truecrypt.org/docs/?s=tutorial

Ready for more? A completely hidden operating system would be pretty damn cool:
http://www.truecrypt.org/docs/?s=hidden-os

Don't want to learn it? Well, good luck, then.

Steganography may well be worth learning for U.S. and British people (and other countries?) where there is some precedent for allowing the courts to force defendants to reveal passwords.

 

[Tony Aroma]

I don't know about Windows, but Mac users have two options, both built into the system.

The first is File Vault, which will encrypt everything in your home folder. I personally DO NOT recommend this unless you have serious security concerns. If you forget your password or have a hard disk problem, all your stuff will irretrievable.

The second option is to create an encrypted disc image and put just the items you want to be secure on it. That's what I do with all my picts and grow logs and such. When it is mounted, it acts just like any hard disk. Otherwise it appears as an archive, and with clever naming and placement can be made pretty inconspicuous. You cannot mount an encrypted disc image without a password (which you should NOT store in your Keychain).

Both options are VERY secure. LEO doesn't like (criminals with) Macs for that reason, as they typically cannot crack their security.

 

[mrred]

before you encrypt you have to make sure your drive is clean

instead of trying to hide a os i'd put it on a sd card or usb drive

for deleteing everything to dod standards i use boot n nuke, you download it, burn it to cd or usb then reboot and boot from that disc then you'll have options on what drive to delete and how to delete

and for a single file on windows you can use analogx's supershredder

 

[Jalisco Kid]

Is windows vista 64 bit encryption worth the effort? JK

 

[Herbasaurus]

boroboro

thanks for the truecrypt link - liked the hidden OS and hidden folders idea but a little too tech for my pea brain - actually a lot too tech.

found this link that breaks it down a little easier

http://www.goingware.com/encryption/

and mentions a canadian e-mail crypt that sounds good but hard to believe a gov't would put out a crypt they couldn't crack.

Anyone have any idea of the status of the law as far as forcing you to disgorge password? Sounds like it should be 5th amendment stuff but in these patriot act days and very conservative supreme court I just don't know.

Hoping someone like boroboro could start a "Encryption for Dummies" thread.

Tony - I hope you are right about Apple file vault but I would suspect any big company to possible providing a back door to LEO in these patriot act times.

As another thread show, the patriot act "sneak and Peek" provisions have been used mainly in drug cases
http://www.icmag.com/ic/showthread.php?t=138158

 

[ChaosCatalunya]

Just so as you know...

In the UK at least, if LEO find encrypted data, they can and will force you to open it [give up the pwd] or you get in far more trouble, legally, they can and do presume the worst.

As some of you already know, deleting something in Windows [or Mac etc just as much] is like ripping the covers off a book, the book is still there even though "you cant see it". Data written onto a Hard Drive is still readable once it has been overwritten many times, as is data from otherwise "dead" hard drives. Anything you have ever done on a PC is clear as daylight to an IT expert, anything you have ever done online is there for eternity.

Never say anything online, on a PC or a telephone you are not totally happy to explain to a judge and jury.

Obviously, constantly wearing a nice tinfoil hat with some spectacular horns you fashioned yourself will render you totally safe from these emisaries of Satan. Do take care with nearby exposed electrical sockets though, that shit conducts....

 

[Pinball Wizard]

Just so as you know...

In the UK at least, if LEO find encrypted data, they can and will force you to open it [give up the pwd] or you get in far more trouble, legally, they can and do presume the worst.

waterboarding?... I assume...

 

[wintermute]

Disk Encryption - Go FULL DISK Or Go Home!

Disk Encryption - Go FULL DISK Or Go Home!

If you are going to encrypt disks, do it full disk encrypted not folder or volume based.

Full disk encryption protects the operating system at rest as well as data! Keeping your OS clean is another task.

Good FDE means pre-boot authentication and volume loading. If it doesn't do pre-boot authentication your OS is not protected! This needs a USB key, Crypto Fob, or CD-ROM to boot up sometimes.

Windows FDE:
-> BitLocker (Vista)
-> TrueCrypt with XTS and Bootloader

Mac FDE:
-> PGPDisk?

Linux FDE:
-> dm-crypt/LUKS
-> dm-crypt/cryptsetup (older)
-> loop-aes with custom boot!
! NOT cryptoloop it is crap.

 

[gardenlover]

let me pose this question, if we encrypt everything and that stuff is safe. But what if the the cops get ahold of our account name some how because we forgot to log out of the Cannagraphic forms. and lets say we have done some very thorough grow reports with lots of number, would any of this stuff be admissible in court? I have always worried about this kinda stuff. I don't know about this computer stuff as much as i use to. let me know on some of this stuff if any one knows about this stuff

 

[ItsAllOver]

Just know the location of the hard drive in your computer and keep a hammer nearby for the unlikely event of a raid.
Magnets are really tough to get to work in this application, best method is total destruction coupled with burning if possible.
Just say you were upset about the Yankees winning the world series.

 

[gardenlover]

I mean i guess i would rather smash my mac laptop then go to jail but I am not sure if I could do that? I guess this means i am due for a backup hu?

 

[ItsAllOver]

Well, in the case that you smash it you are probably going to jail anyway, but at least you are definitely keeping them from building the case based on what you have stored/said on the computer...

 

[*mistress*]

there is no encryption that cannot be un-encrypted...
especially on standard commercial hard drives. w/ standard commercial operating systems.

also does nothing about isp, ip addy, etc... ieg, even if zero-out hard drive 36 times, there is node on network via isp & ip addy.

smashing a computer will do nothing. drill holes thru the hard drive like making kbs buckets... otherwise, there may be retrievable sectors.

enjoy your garden!

 

[Pinball Wizard]

smashing a computer will do nothing. drill holes thru the hard drive like making kbs buckets... otherwise, there may be retrievable sectors.

When I replaced my old 98 windows; I fired a box of 22 long rifle rounds into it....but, I wasn't satisfied with the penetration...so...I emptied a 30 round clip from my 30CAL carbine into it...and took it to the local trash compacter. That computer will tell no tales...

 

[DKBuddy]

Hi,

i can vouch for TrueCrypt for sure! Been using it since it got out kinda. No problems at all......

But honestly, everyone who REALLY wants to be secured -> get a pseudo name shell box paid with egold or paysafecard and run it remote with vnc or set up unix.
I can redirect you to providers, which wont E V E R give out your account details. (So you could even rent it with CC etc.) This can be done because the servers are hosted in an offshore location.

peace

 

[Strainhunter]

.


Any and every code CAN be cracked eventually.

Don't you think if a 16yr old can break in to the Pentagon Computer LEO can't decrypt a lousy home PC? (or draw user data such as PW's from servers placed anywhere in this world)



Try recovering an external Hard Drive that was dropped in to a bucket of Battery Acid standing next to your PC.

That's the ONLY "for sure" way to do it.

 

[DiscoBiscuit]

I replaced a crashed HD. Went to the trouble of taking the HD cover off and removing the disk. Then I scratched up the surface pretty good, tossed it and thought nothing more of. A few weeks later a friend told me the disc only spins to locate data, not read. I bet 90% of the data is still readable on the disc, lol. Damn thing was 8 years old, no telling WHAT was on it.

 

[mrred]

boot n nuke does it to dod standards without destorying the hd