GLF

So here's a discussion thread on the ideal setup for general HOBBY-activities, and here's personally what I've found to be the best:

First off, if you don't have TrueCrypt, you're doing it wrong. This is the bread and butter of securing yourself. You have a few options here:

Create a storage container or encrypt a partition to store all of your HOBBY. Also, you can create a hidden partition, allowing you to give a password to a "fake" partition that has legal content on it. This gives you plausible deniability of the HOBBY partition ever existing. A lot of people think this is adequate, and it will certainly encrypt your HOBBY, but that doesn't mean a computer forensics expert will be fooled.

This first method entails viewing all of your HOBBY on your main, unencrypted operating system. When you open up a video in a video player, the video player will save some information about that video. This might be in the form of a "watched history" list, or a playlist. In general, a video player could store any of the data anywhere it pleased, metadata being the main concert. Also, Windows 7 integrates with applications to provide a "recently opened" list right from the start-menu. Now, even if you can disable these features, that doesn't mean for sure that the data still isn't being stored, it may just not be displayed anymore. So what do you do?

You encrypt your operating system. TrueCrypt can do this and will prompt for a password before loading the OS, by using a custom bootloader. This now means that everything you do on that computer is now encrypted. I believe (though I'm not positive, as I don't personally use this method) you can create a dummy-OS as well, just like a hidden TrueCrypt partition. This can give you a perfectly legitimate-looking OS, while being able to plausably deny that any other OS even exists on the drive. If they're asking you why all the data on your drive appears to be completely random, you can simply tell them you planned on selling the computer at some point and wiped it.

This method is pretty good, and for some people it may be the best. But if you ever have other people that are using, or even just watching you use your computer, it means there may still be HOBBY-related things floating around the OS that someone else could see. A friend or family member could end up finding a video history list with very obvious titles. Ultimately, my solution to this is to create a Virtual Machine for the sole purpose of HOBBY.

First off, not everyone can do this, and not everyone will have the technical know-how (though it's pretty simple and easy to learn). You will need a computer capable of virtualizing another computer. This means a decent amount of RAM (at least 6 gigs) and a multi-core HOBBYU (you can use a dual-core, but the more cores the better). Ultimately you want your computer to be as powerful as possible, so that your virtualized computer can also be as powerful as possible. On my VM I can easily watch 1080p video and extract files fast.

When creating a VM, you can store the VM files on your encrypted drive. You should also have the option to encrypt the VM itself. Might as well, for an extra security-layer. As far as VM software goes, the two big ones are VirtualBox and VMWare, VMWare being paid software, but the latest version, 8, provides some of the best virtualization technology to date. For photo and video purposes though, either will work.

Once you're up and running in your OS of choice on your VM, you have an OS that is meant for nothing but HOBBY. Go crazy with it. Get a permanent install of TOR and route ALL internet traffic through it. Install Freenet, Frost, and Fuqid (Improved Freenet download manager). Put shortcuts to all these in the start menu or taskbar to streamline everything. Fuck, you can even give yourself a nice HOBBY-wallpaper.

When you're done, simply Suspend the machine. I can't speak for VirtualBox, but in VMWare this essentially "saves" the exact state of the machine until you start it back up again. When you restart it, everything will be exactly the same, and all your programs and files will still be open. The only thing that will be different is that TOR will obviously have to reconnect, as well as Freenet (which can take some time), it's essentially like just disconnecting the internet to your VM.

For ultra security, use the VM method as well as encrypting your main OS. This pretty much makes you impenetrable, and there's very little else you can do to protect yourself from forensic examination.

Obviously this post doesn't touch on the internet-side of things. This is security against physical tampering. It's not going to stop the cops from showing up, but it should stop their case from going anywhere whatsoever. They'll spend a couple days on the drive, find nothing, and scrap the case. If you have a strong pass-phrase (notice I said pass-PHRASE, not word. Ideally, remember a long sentence and make that your password; 10+ words at least. You can also incorporate special symbols and numbers if you can remember them.) for your TrueCrypt drives, it will be impossible to brute-force them within a lifetime.

If and when, somewhere down the line, technology may allow them to somehow decrypt your data, you could still get busted. They'll likely ghost the drive and it will stay in evidence for quite some time. This is all speculation though, and HIGHLY unlikely.

I know I wrote quite a lot, but I hope it will help some people who have shoddy security setups. As far as setting this stuff up goes, Google is your friend. If you have any criticisms for my set-ups (anything that I missed, perhaps), definitely post them.

A lot of people think this is adequate, and it will certainly encrypt your HOBBY, but that doesn't mean a computer forensics expert will be fooled.

You encrypt your operating system. TrueCrypt can do this and will prompt for a password before loading the OS, by using a custom bootloader. This now means that everything you do on that computer is now encrypted. I believe (though I'm not positive, as I don't personally use this method) you can create a dummy-OS as well, just like a hidden TrueCrypt partition.

This can give you a perfectly legitimate-looking OS, while being able to plausably deny that any other OS even exists on the drive. If they're asking you why all the data on your drive appears to be completely random, you can simply tell them you planned on selling the computer at some point and wiped it.

This method is pretty good, and for some people it may be the best. But if you ever have other people that are using, or even just watching you use your computer, it means there may still be HOBBY-related things floating around the OS that someone else could see.

Sascha hat geschrieben:Ein Computerforensiker kann auch nicht beweisen, dass eine hidden partition existiert. Er kann die Leute darauf hinweisen, dass es diese Möglichkeit in Truecrypt gibt, aber ein einfacher verschlüsselter Container unterscheidet sich in nichts sichtbarem von einem mit einer zusätzlichen hidden container.

Insbesondere kann man auch wenn man den offene (Schein-)Teil öffnet, nicht sehen, dass ein Teil davon auch als hidden container dient. Man erkennt lediglich, dass der offene Teil nur zu einem kleinen Teil beschrieben ist.

Annika hat geschrieben:apropo Picard:
weiss jemand wie man den Falten vorbeugen kann?