Jump to content

How to cover up web footprints?


Guest

Recommended Posts

Hi!

db_sed_aloha

There is a serious flaw in your 'autoexec.bat' scheme. If you turn off your computer and leave it anyone one can boot it from a floppy or CD and avoid running the resident startup files. Also the 'deltree' command just marks the files as deleted same as the 'delete' command. The files can easily still be restored until they are overwritten.

Anyone snooping can do this, be it resourcefull law enforcement or a computer literate wife/gf. Rest assured that any teenager with basic computer knowledge can do it.

As for destroying the disc physically being the only secure way to destroy the information I don't think this is true any more. Fifteen years ago field service were not allowed to remove disc packs from Swedish military instalations. If they couldn't repair the on site the disc packs were smashed with sledge hammers. Today I think they just erase them. On the web site you mentioned there is a link to a Usenix paper titled "Secure Deletion of Data from Magnetic and Solid-State Memory" that is quite interesting.

As always the security level should be adapted to the level of the anticipated threat.

tyler durden

quote:

isn't there a one click program that'll do all that?

Tre programs I mentioned 'Evidence Eliminator' and 'Windows Washer' do precisely that,

regards

ALHOLK

Link to comment
Share on other sites

My two cents on security:

Its one thing to sanitize your PC, but don't forget that this in no way

insures that there is not a packet filter somwhere on your LAN or that

your ISP is not monitering logs. Unless you are encrypting e-mail, using

https, or some kind of tunneling protocal, day to day much of what you

say is passing over the net as plain text.

When I was in school we were all givin our own ip numbers (even for dial up accounts) and you could find out alot

about your classmates by filtering ip-numbers against access logs which

were publically accessable.

In my own mind the best form of security is to maintain virtual identities

and take pains to insure that this never gets superimposed with your

carbon image, which means don't fuck off at work, I've read the most

insane stuff off of backed up mail spools months after you discarded the

message.

The funniest thing that ever happened to me was when a women claimed that

the glass in her scanner broke because the lamp got to hot. When I

swapped her out and set up the new scanner to our mutual suprise there was

an impression of her fanny (both) in the preview window. Needless to say

I didn't file an employee negligence report. The point being you really

have to be deligent in cleaning up after yourself and some time thats not

enough because you can't control all the computers that you touch if they

are networked.

Getting back to keeping a clean workstation you might consider these

alternatives:

1. SuSE Linux 7.2 and greater offer the option of using an encrypted file

system. So in the event that some one is able to mount your drive they

would still have to decrypt it. Remember that you could be compelled by

law or worse to unlock encrypted files. The only way around this is with

a steganographic file system were encrypted files are hidden in other

files or appear as random data.

2. A bootable CD with a live file system. I think you can do this with

windows try searching "bootable+cd-rom." Linuxcare made a bootable cd that

fits on a credit card size/shaped cd. It is really a wonderfull little

distro. It has a gooey desktop with mozilla 0.81 and can use the vast

majority of ethernet cards an probably any hardware modem. I keep a copy

in my suitcase. If you should be interested in trying it out look for

version 1.6 as the latest version (2.0) doesn't have the module/driver for

realtek based ethernet cards.

Adik Gede

Link to comment
Share on other sites

Hi!

 

Adik Gede

Everything you say is true but I don't think the original poster was trying to conceal information from the FBI or the NSA. I think it was more about hiding your tracks from snooping wives/girl friends and bosses.

Concealing information from law enforcement is a completely different ball game. At the least very difficult and if they decide to tap into your internet connection albeit impossible.

I to am an IT professional like suspect that you are but bear in mind that Linux is not an easy system for a novice to use. I started using Unix in the mid 80's and I still have to read the manual to configure a system.

regards

ALHOLK

Link to comment
Share on other sites

Hi!

Adik Gede

Restarting before shuting down would do the trick ofcourse but is easy to forget if you are in a hurry.

quote:

It takes surprisingly long to run 35 passes on a 9 Gig drive.

Tell me about it. I have 80 gigs on my home computer. If I want to erase file slack or unused space I will start it in the morning before I go to work.

regards

ALHOLK

Link to comment
Share on other sites

Hi Adik Gede

Everything you say is true but I don't think the original poster was trying to conceal information from the FBI or the NSA. I think it was more about hiding your tracks from snooping wives/girl friends and bosses.

Concealing information from law enforcement is a completely different ball game. At the least very difficult and if they decide to tap into your internet connection albeit impossible.

I to am an IT professional like suspect that you are but bear in mind that Linux is not an easy system for a novice to use. I started using Unix in the mid 80's and I still have to read the manual to configure a system.

regards

ALHOLK

 

I couldn't agree with you more as to your first point, I am sure that clearing your history and cache before you quit IE is more than adequate in most cases. My remarks were meant, rather to adress db's rather elaborate instructions to sanitize a DOS workstation. Furthermore I hope anyone doing something illegal gets caught. If the FBI or NSA is interested in you they could certainly manufacture any evidence that an unfurtunate suspect failed to provide.

As to your last point, I am paid to use a computer from time to time, but hardly a professional. I came to Linux from nearly ten years on a Mac, I just wanted a computer that didn't crash. Linux really isn't hard for a novice, infact if one is installing an OS from scratch I am certain that Linux installation is easier than MS Windows if we are talking about the most popular distributions outside of Slackware and Debian. In terms of ease of use if the OS is already installed I doubt a novice using the KDE gooey would notice they are using Linux/Unix. It is more likely that the experienced user would miss alot of the commercial software they are acustomed to. The Linuxcare bootable business card that I mentioned is very easy to use for a novice once they have gone throught the routine a few times I am certain that you could be browsing the internet in less time than it would take to clean up a public workstation. The important difference being that with the live CD you have to do the hard work before you get started and with a public workstation you have to do the hard work before you leave. I suspect that the latter is more prone to accidents.

Link to comment
Share on other sites

There has just been a case where this pedo where I live has been sent down for a year. Not because he had illegal photos on his machine but they found traces of the sites visited and what had been viewed!

This is a landmark case as in the UK if you have even accidently surfed to these site(I Knew him and I am sure it wasnt accidental) You can be convicted of creating an obsene photo.

Since in non technical terms this is akin to someone posting you a letter which you receive and open to find porn. I expect that this will be reversed in a higher court.

Link to comment
Share on other sites

Hi,

overwriting one time is not enough - up to 3 layers of magnetic information can be identified on the harddisk. In the 80's I remember Pentagon demanded that erase programs should overwrite deleted files 50 times with nonsense information.

elef

Link to comment
Share on other sites

Hi,

"Cookie management programs, I dunno. I get just as much functionality from what's built into IE6."

Still using IE5.0. Have not bothered yet to download 6.0, it's what? 17Mb? Takes quite a while at 56K.

"But there's still the big problem of site names being stored. Any program that remembers "always accept"or "always deny" is creating a record of those sites somewhere."

Hmm, good point. They are stored on my machine though, and I am not really that worried about people finding out stuff from my machine. If anybody would ever get that close (being able to trace me from the web to my home), I don't think stuff like this would matter much.

Sanuk!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...