It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
So You think your safe?
page: 1share:
Well well fellow ATSers, in continuing the trend of computer/technology security topics that I write up, I have already focused on these topics
previously:
1-Email security, email encryption
2-Communications, without internet, 2 threads
3-Internet security, firewalls and popups
Now I will demonstrate to you, that even if you delete your data, and erase it on a USB drive using proprietary programs. Forensics can still recover data or attempt to reconstruct an idea of what may have been on your USB flash drive.
For this demonstration I will use a 4 GB flash drive I bought at staples, and I have on their my truecrypt files:
Now I will go into my "truecrypt" folder to demonstrate what is in their:
See nothing is hidden, no hidden files or such things. Just my 3 GB encrypted file.
Now, I had previously erased the blank space, written over it, tried various software to erase over it, and then I run my forensics software and see what I get:
My my my, look what I was able to find...files deleted from weeks ago (its a relatively new flash drive). Now just to let you know, there are these types of software out there for various file recovery that the authorities can use while crossing a checkpoint, and yes your electronic equipment is likely to get searched because it is considered just like a suitcase. For best file security use Truecrypt; yes we will know that you used it but its contents are inaccessible. I was able to recover some of my deleted files, but not the encrypted files.
Additional reading:
news.cnet.com...
www.nytimes.com...
tkyte.blogspot.com...
1-Email security, email encryption
2-Communications, without internet, 2 threads
3-Internet security, firewalls and popups
Now I will demonstrate to you, that even if you delete your data, and erase it on a USB drive using proprietary programs. Forensics can still recover data or attempt to reconstruct an idea of what may have been on your USB flash drive.
For this demonstration I will use a 4 GB flash drive I bought at staples, and I have on their my truecrypt files:
Now I will go into my "truecrypt" folder to demonstrate what is in their:
See nothing is hidden, no hidden files or such things. Just my 3 GB encrypted file.
Now, I had previously erased the blank space, written over it, tried various software to erase over it, and then I run my forensics software and see what I get:
My my my, look what I was able to find...files deleted from weeks ago (its a relatively new flash drive). Now just to let you know, there are these types of software out there for various file recovery that the authorities can use while crossing a checkpoint, and yes your electronic equipment is likely to get searched because it is considered just like a suitcase. For best file security use Truecrypt; yes we will know that you used it but its contents are inaccessible. I was able to recover some of my deleted files, but not the encrypted files.
Additional reading:
news.cnet.com...
www.nytimes.com...
tkyte.blogspot.com...
edit on 26-2-2011 by THE_PROFESSIONAL because: (no reason given)
Listen Honey, this stuff intrigues me. How are certain files recoverable, anyhow?
edit on Sun Jun 26 2011 by DontTreadOnMe because: OFF TOPIC
MATERIAL RELATED TO REMOVED POST DELETED
reply to post by THE_PROFESSIONAL
The only way to truly erase a memory stick or hard drive is to first destroy the partition, recreate the partition, then do a full format (not a quick format), then use a program to write random 1's and 0's to it. Then, reformat it again.
When you "delete" files off a USB in windows, they don't get erased, they get transferred to the recycle volume, which is normally hidden. Even if you "empty" your recycle bin, all that does is remove the file names from the File Allocation Table, but the actual files stay right where they were.
So anyone with a the right software can simply scan the device like you did.
Even with TruCrypt, you still need to keep your hardware secure, because if someone gains physical access to your hardware, they can install keyloggers to your computer, gain your TruCrypt passwords, and then you are screwed.
The only way to truly erase a memory stick or hard drive is to first destroy the partition, recreate the partition, then do a full format (not a quick format), then use a program to write random 1's and 0's to it. Then, reformat it again.
When you "delete" files off a USB in windows, they don't get erased, they get transferred to the recycle volume, which is normally hidden. Even if you "empty" your recycle bin, all that does is remove the file names from the File Allocation Table, but the actual files stay right where they were.
So anyone with a the right software can simply scan the device like you did.
Even with TruCrypt, you still need to keep your hardware secure, because if someone gains physical access to your hardware, they can install keyloggers to your computer, gain your TruCrypt passwords, and then you are screwed.
I have nothing that represent anything of any importance so yes I'd have to say I'm safe from the gooberment.
who knows anything in these day and ages, you could have a picture of an exploding hydrogen bomb and they would charge you with conspiracy
who knows anything in these day and ages, you could have a picture of an exploding hydrogen bomb and they would charge you with conspiracy
ok a reverse note, I am seeking out a really good recovery tool..
long story short, a company hired me to work on their accounts computer, some files were removed, history was erased, and someone stole a ton of money...
their harddrive is pretty much full at this point...the files I found using various free and one pay to play didn't turn up anything of greatness...any suggestions on silver bullet undelete software?
long story short, a company hired me to work on their accounts computer, some files were removed, history was erased, and someone stole a ton of money...
their harddrive is pretty much full at this point...the files I found using various free and one pay to play didn't turn up anything of greatness...any suggestions on silver bullet undelete software?
reply to post by SaturnFX
There are different types of tools, some cost a lot more money. I messaged you a link
If it is a USB drive message me, I may want to investigate
There are different types of tools, some cost a lot more money. I messaged you a link
If it is a USB drive message me, I may want to investigate
edit on 26-6-2011 by THE_PROFESSIONAL because: (no reason given)
reply to post by Cryptonomicon
Truecrypt is basically a "you are allowed a one time machine compromise" If someone gains access to your computer, then the attacks are endless. Best to redo your entire hardrive, even the boot sector and change your keys. It only allows you one slip-up. Meaning, keep your laptop with you at all times.
Truecrypt is basically a "you are allowed a one time machine compromise" If someone gains access to your computer, then the attacks are endless. Best to redo your entire hardrive, even the boot sector and change your keys. It only allows you one slip-up. Meaning, keep your laptop with you at all times.
Have you tried east-tec eraser out? I did some initial tests, and that one seems to work pretty good to me. You can even make up your own custom
erasing tasks.
reply to post by TKDRL
Even a lot of erasers have trouble with USB flash drives. The best one I would recommend is Heidi Eraser. Look at their forums, they conform to DOD/Milspec standards.
Even a lot of erasers have trouble with USB flash drives. The best one I would recommend is Heidi Eraser. Look at their forums, they conform to DOD/Milspec standards.
reply to post by THE_PROFESSIONAL
Flash drives are really that different from regular drives? Thanks by the way for that eraser program, I am a huge fan of the open source movement. The forum is a gold mine of information. I just started using flash drives myself, one is used as a readyboost cache. I think this might be dangerous, so I do wipe the free space regularly. I got 6 flash drives for free in cases of bud, the only reason I started using them. My activity I want to protect from prying eyes is not against the law here, but people are trying hard as hell to bring the same US laws to canada. I value my personal privacy, I wish i was more computer savvy and could use linux. I tried it and I couldn't even get my computer to use my wireless card to connect to the internet. I am stuck with windows I guess, my 3D CGI programs and such are windows only as well. I heard great things about GIMP, but if I can't even use the internet on linux, I am probably way too dumb to navigate GIMP
Flash drives are really that different from regular drives? Thanks by the way for that eraser program, I am a huge fan of the open source movement. The forum is a gold mine of information. I just started using flash drives myself, one is used as a readyboost cache. I think this might be dangerous, so I do wipe the free space regularly. I got 6 flash drives for free in cases of bud, the only reason I started using them. My activity I want to protect from prying eyes is not against the law here, but people are trying hard as hell to bring the same US laws to canada. I value my personal privacy, I wish i was more computer savvy and could use linux. I tried it and I couldn't even get my computer to use my wireless card to connect to the internet. I am stuck with windows I guess, my 3D CGI programs and such are windows only as well. I heard great things about GIMP, but if I can't even use the internet on linux, I am probably way too dumb to navigate GIMP
reply to post by TKDRL
Haha thanks. Yea I used various erasing software on my USB flash drive and then put my truecrypt on it and I was still able to recover remnants and various filenames as you can clearly see above. I tested it out on my sisters flashdrive (with her permission) and boy oh boy was she surprised as to what I could recover. Yes to reiterate once again that flashdrives are not immune to various wiping programs, you have to get the right one.
The Heidi Eraser was having trouble with USB drives as well, I would check on their forums to see if they have updated their information. This was on their forums about erasing USB drives:
www.heidi.ie...
Haha thanks. Yea I used various erasing software on my USB flash drive and then put my truecrypt on it and I was still able to recover remnants and various filenames as you can clearly see above. I tested it out on my sisters flashdrive (with her permission) and boy oh boy was she surprised as to what I could recover. Yes to reiterate once again that flashdrives are not immune to various wiping programs, you have to get the right one.
The Heidi Eraser was having trouble with USB drives as well, I would check on their forums to see if they have updated their information. This was on their forums about erasing USB drives:
www.heidi.ie...
edit on 26-6-2011 by THE_PROFESSIONAL because: (no reason given)
Originally posted by navy_vet_stg3
There is only one way to be sure. Shred it, then burn it!
this is what you use on the government, then you have no more problems
The fact that you are doing all of this in basic Explorer.exe and would even dream to call yourself a "Professional".... I am sorry to say that,
because you are using anything made by Microsoft... Your computer is a gigantic file cabinet of information waiting for anyone to just grab the handle
and yank.
Want Security?
First Rule:
Don't use anything proprietary.
Go UNIX.
Want Security?
First Rule:
Don't use anything proprietary.
Go UNIX.
I would like to ask the OP (or anyone else) if they have any links to a good, general "one-stop" source for computer security and privacy info.
Written for a non-techie (me).
Thanks in advance.
Thanks in advance.
^^^ - That's something that's going to be difficult to find. Your best bet is to ask general questions and get others to give their opinions.
There are so many different options, and layers to security and the likes, it would be next to impossible to grab all of it. Are you wondering about
firewalls? Anti-virus, anti-malware, spyware, root kits, etc.?
So far, I have never been hacked, or had an infection. Here's what I run. Don't know if this will get you started or not.
Firewall:
My cable modem connects into a PC running Smoothwall. Smoothwall acts as a firewall, as well as the router. I have 3 network interfaces on the "internal" side of this machine. Smootwall breaks their interfaces into colors; Red, Green, Purple and Orange. Here is how they are laid out, and a general overview of their functions.
Red: External, connected to your modem.
Green: Internal, secure LAN (Mine is wired) - This interface can access all others by default. This is where my personal computers and file server reside.
Purple: Internal, secure LAN/WAN (Mine is wired and wireless) - My wireless laptops, Xbox, DVR, Blu-Ray, etc. connect to this LAN.
Orange: This is my DMZ. I have a bogus web server on there, with no security. This is so people can play and think they're stealing something, while my firewall logs appropriate information for me to retaliate later. It's an old P2 system, running Windows 2000. If they totally destroy it, I don't really care. At least they won't be messing with my other stuff stuff.
Security Software:
Anti-Virus - Panda. I run Panda because a long time ago, there was a piece of code called "Magic Lantern" that McAfee and Norton agreed to NOT look for, but Panda told Magic Lantern's creators to shove it. There are a lot of good anti-virus software, and people will differ on opinions here. Nod32 is a good one too. Remember though, none of these are any good, if you don't update your software regularly (daily).
Anti-Malware - Malwarebytes. Update, boot to safe mode, and run a scan. It works very well. I only run this about once a month or every 2 months. Only when I'm paranoid. The Malwarebytes forums occasionally update a program called "combofix" that cleans root kits. I've fixed several people's computers using this, in conjunction with Malwarebytes.
Anti-Spyware - Spybot S&D. Like Malwarebytes, I only run this occasionally.
Note1: If you use wireless, use WPA2 or later security and have a strong key.
Note2: For your passwords, don't use "password" or the name of your dog, or anything like that. Use upper case, lower case, numbers, and special characters if possible.
Note3: Avoid connecting your laptops/phones to public WiFi networks.
Note4: Don't go to Warez sites, stay away from file sharing things like Bearshare, Torrents, etc (unless you know what you're doing, and can afford to lose your data if your system gets infected).
There's a lot more to consider, but hopefully this gets you looking in the right direction.
So far, I have never been hacked, or had an infection. Here's what I run. Don't know if this will get you started or not.
Firewall:
My cable modem connects into a PC running Smoothwall. Smoothwall acts as a firewall, as well as the router. I have 3 network interfaces on the "internal" side of this machine. Smootwall breaks their interfaces into colors; Red, Green, Purple and Orange. Here is how they are laid out, and a general overview of their functions.
Red: External, connected to your modem.
Green: Internal, secure LAN (Mine is wired) - This interface can access all others by default. This is where my personal computers and file server reside.
Purple: Internal, secure LAN/WAN (Mine is wired and wireless) - My wireless laptops, Xbox, DVR, Blu-Ray, etc. connect to this LAN.
Orange: This is my DMZ. I have a bogus web server on there, with no security. This is so people can play and think they're stealing something, while my firewall logs appropriate information for me to retaliate later. It's an old P2 system, running Windows 2000. If they totally destroy it, I don't really care. At least they won't be messing with my other stuff stuff.
Security Software:
Anti-Virus - Panda. I run Panda because a long time ago, there was a piece of code called "Magic Lantern" that McAfee and Norton agreed to NOT look for, but Panda told Magic Lantern's creators to shove it. There are a lot of good anti-virus software, and people will differ on opinions here. Nod32 is a good one too. Remember though, none of these are any good, if you don't update your software regularly (daily).
Anti-Malware - Malwarebytes. Update, boot to safe mode, and run a scan. It works very well. I only run this about once a month or every 2 months. Only when I'm paranoid. The Malwarebytes forums occasionally update a program called "combofix" that cleans root kits. I've fixed several people's computers using this, in conjunction with Malwarebytes.
Anti-Spyware - Spybot S&D. Like Malwarebytes, I only run this occasionally.
Note1: If you use wireless, use WPA2 or later security and have a strong key.
Note2: For your passwords, don't use "password" or the name of your dog, or anything like that. Use upper case, lower case, numbers, and special characters if possible.
Note3: Avoid connecting your laptops/phones to public WiFi networks.
Note4: Don't go to Warez sites, stay away from file sharing things like Bearshare, Torrents, etc (unless you know what you're doing, and can afford to lose your data if your system gets infected).
There's a lot more to consider, but hopefully this gets you looking in the right direction.
A really big magnet off of an old speaker will work really well for erasing all data off a magnetic HDD. I use a magnet from an old 18" sub-woofer
and it seems to do the trick. Like another poster mentioned, if you're that concerned about your data then take a hammer to the drive or burn it.
The weakest link in your security scheme will always be a windows based OS. Using a falvour of Linux such as Debian is the best way to go, not only for security but performance as well.
The weakest link in your security scheme will always be a windows based OS. Using a falvour of Linux such as Debian is the best way to go, not only for security but performance as well.
Originally posted by scghst1
The fact that you are doing all of this in basic Explorer.exe and would even dream to call yourself a "Professional".... I am sorry to say that, because you are using anything made by Microsoft... Your computer is a gigantic file cabinet of information waiting for anyone to just grab the handle and yank.
Want Security?
First Rule:
Don't use anything proprietary.
Go UNIX.
Ahh the old insult. Do you even know I i have used unix but there is software that I use that is not made for linux? Secondly do you even use encryption?
Lets see you post some forensics analysis. Yea did not think so. I am more professional than you.
reply to post by Jocko Flocko
Even if you use Linux, I will still be able to recover your data as the previous poster thinks he is immune just because he is using linux.
edit on 30-6-2011 by THE_PROFESSIONAL because: (no reason given)
new topics
-
TLDR post about ATS and why I love it and hope we all stay together somewhere
General Chit Chat: 45 minutes ago -
Hate makes for strange bedfellows
US Political Madness: 2 hours ago -
Who guards the guards
US Political Madness: 5 hours ago -
Has Tesla manipulated data logs to cover up auto pilot crash?
Automotive Discussion: 7 hours ago
top topics
-
Hate makes for strange bedfellows
US Political Madness: 2 hours ago, 12 flags -
CIA botched its handling of sexual assault allegations, House intel report says
Breaking Alternative News: 17 hours ago, 11 flags -
whistleblower Captain Bill Uhouse on the Kingman UFO recovery
Aliens and UFOs: 12 hours ago, 10 flags -
Who guards the guards
US Political Madness: 5 hours ago, 10 flags -
1980s Arcade
General Chit Chat: 14 hours ago, 6 flags -
Teenager makes chess history becoming the youngest challenger for the world championship crown
Other Current Events: 16 hours ago, 4 flags -
Deadpool and Wolverine
Movies: 15 hours ago, 4 flags -
TLDR post about ATS and why I love it and hope we all stay together somewhere
General Chit Chat: 45 minutes ago, 3 flags -
Has Tesla manipulated data logs to cover up auto pilot crash?
Automotive Discussion: 7 hours ago, 2 flags
active topics
-
TLDR post about ATS and why I love it and hope we all stay together somewhere
General Chit Chat • 3 • : UpIsNowDown2 -
"We're All Hamas" Heard at Columbia University Protests
Social Issues and Civil Unrest • 235 • : TheWoker -
MULTIPLE SKYMASTER MESSAGES GOING OUT
World War Three • 95 • : cherokeetroy -
1980s Arcade
General Chit Chat • 19 • : theatreboy -
Candidate TRUMP Now Has Crazy Judge JUAN MERCHAN After Him - The Stormy Daniels Hush-Money Case.
Political Conspiracies • 691 • : Threadbarer -
The Fight for Election Integrity Continues -- Audits, Criminal Investigations, Legislative Reform
2024 Elections • 4142 • : IndieA -
Hate makes for strange bedfellows
US Political Madness • 20 • : Cvastar -
SC Jack Smith is Using Subterfuge Tricks with Donald Trumps Upcoming Documents Trial.
Dissecting Disinformation • 107 • : WeMustCare -
What do you guys think of this UFO footage?
Aliens and UFOs • 12 • : Cvastar -
Fast Moving Disc Shaped UFO Captured on Camera During Flight from Florida to New York City
Aliens and UFOs • 21 • : Cvastar