So You think your safe?

page: 1
9
<<   2 >>

log in

join

posted on Feb, 26 2011 @ 01:11 AM
link   
Well well fellow ATSers, in continuing the trend of computer/technology security topics that I write up, I have already focused on these topics previously:

1-Email security, email encryption
2-Communications, without internet, 2 threads
3-Internet security, firewalls and popups

Now I will demonstrate to you, that even if you delete your data, and erase it on a USB drive using proprietary programs. Forensics can still recover data or attempt to reconstruct an idea of what may have been on your USB flash drive.

For this demonstration I will use a 4 GB flash drive I bought at staples, and I have on their my truecrypt files:



Now I will go into my "truecrypt" folder to demonstrate what is in their:



See nothing is hidden, no hidden files or such things. Just my 3 GB encrypted file.

Now, I had previously erased the blank space, written over it, tried various software to erase over it, and then I run my forensics software and see what I get:



My my my, look what I was able to find...files deleted from weeks ago (its a relatively new flash drive). Now just to let you know, there are these types of software out there for various file recovery that the authorities can use while crossing a checkpoint, and yes your electronic equipment is likely to get searched because it is considered just like a suitcase. For best file security use Truecrypt; yes we will know that you used it but its contents are inaccessible. I was able to recover some of my deleted files, but not the encrypted files.

Additional reading:

news.cnet.com...

www.nytimes.com...

tkyte.blogspot.com...
edit on 26-2-2011 by THE_PROFESSIONAL because: (no reason given)




posted on Feb, 27 2011 @ 02:04 AM
link   
post removed for serious violation of ATS Terms & Conditions



posted on Jun, 26 2011 @ 12:43 AM
link   
Listen Honey, this stuff intrigues me. How are certain files recoverable, anyhow?
edit on Sun Jun 26 2011 by DontTreadOnMe because: OFF TOPIC MATERIAL RELATED TO REMOVED POST DELETED



posted on Jun, 26 2011 @ 12:52 AM
link   
reply to post by THE_PROFESSIONAL
 

The only way to truly erase a memory stick or hard drive is to first destroy the partition, recreate the partition, then do a full format (not a quick format), then use a program to write random 1's and 0's to it. Then, reformat it again.

When you "delete" files off a USB in windows, they don't get erased, they get transferred to the recycle volume, which is normally hidden. Even if you "empty" your recycle bin, all that does is remove the file names from the File Allocation Table, but the actual files stay right where they were.

So anyone with a the right software can simply scan the device like you did.

Even with TruCrypt, you still need to keep your hardware secure, because if someone gains physical access to your hardware, they can install keyloggers to your computer, gain your TruCrypt passwords, and then you are screwed.



posted on Jun, 26 2011 @ 12:54 AM
link   
I have nothing that represent anything of any importance so yes I'd have to say I'm safe from the gooberment.

who knows anything in these day and ages, you could have a picture of an exploding hydrogen bomb and they would charge you with conspiracy



posted on Jun, 26 2011 @ 12:57 AM
link   
ok a reverse note, I am seeking out a really good recovery tool..

long story short, a company hired me to work on their accounts computer, some files were removed, history was erased, and someone stole a ton of money...

their harddrive is pretty much full at this point...the files I found using various free and one pay to play didn't turn up anything of greatness...any suggestions on silver bullet undelete software?



posted on Jun, 26 2011 @ 01:03 AM
link   
reply to post by SaturnFX
 


There are different types of tools, some cost a lot more money. I messaged you a link


If it is a USB drive message me, I may want to investigate
edit on 26-6-2011 by THE_PROFESSIONAL because: (no reason given)



posted on Jun, 26 2011 @ 01:04 AM
link   
 


off-topic post removed to prevent thread-drift


 



posted on Jun, 26 2011 @ 01:07 AM
link   
reply to post by Cryptonomicon
 


Truecrypt is basically a "you are allowed a one time machine compromise" If someone gains access to your computer, then the attacks are endless. Best to redo your entire hardrive, even the boot sector and change your keys. It only allows you one slip-up. Meaning, keep your laptop with you at all times.



posted on Jun, 26 2011 @ 03:27 PM
link   
Have you tried east-tec eraser out? I did some initial tests, and that one seems to work pretty good to me. You can even make up your own custom erasing tasks.



posted on Jun, 26 2011 @ 09:02 PM
link   
reply to post by TKDRL
 


Even a lot of erasers have trouble with USB flash drives. The best one I would recommend is Heidi Eraser. Look at their forums, they conform to DOD/Milspec standards.



posted on Jun, 26 2011 @ 10:02 PM
link   
reply to post by THE_PROFESSIONAL
 


Flash drives are really that different from regular drives? Thanks by the way for that eraser program, I am a huge fan of the open source movement. The forum is a gold mine of information. I just started using flash drives myself, one is used as a readyboost cache. I think this might be dangerous, so I do wipe the free space regularly. I got 6 flash drives for free in cases of bud, the only reason I started using them. My activity I want to protect from prying eyes is not against the law here, but people are trying hard as hell to bring the same US laws to canada. I value my personal privacy, I wish i was more computer savvy and could use linux. I tried it and I couldn't even get my computer to use my wireless card to connect to the internet. I am stuck with windows I guess, my 3D CGI programs and such are windows only as well. I heard great things about GIMP, but if I can't even use the internet on linux, I am probably way too dumb to navigate GIMP



posted on Jun, 26 2011 @ 10:13 PM
link   
reply to post by TKDRL
 


Haha thanks. Yea I used various erasing software on my USB flash drive and then put my truecrypt on it and I was still able to recover remnants and various filenames as you can clearly see above. I tested it out on my sisters flashdrive (with her permission) and boy oh boy was she surprised as to what I could recover. Yes to reiterate once again that flashdrives are not immune to various wiping programs, you have to get the right one.

The Heidi Eraser was having trouble with USB drives as well, I would check on their forums to see if they have updated their information. This was on their forums about erasing USB drives:

www.heidi.ie...
edit on 26-6-2011 by THE_PROFESSIONAL because: (no reason given)



posted on Jun, 26 2011 @ 10:54 PM
link   
There is only one way to be sure. Shred it, then burn it!




posted on Jun, 28 2011 @ 10:48 PM
link   

Originally posted by navy_vet_stg3
There is only one way to be sure. Shred it, then burn it!


this is what you use on the government, then you have no more problems



posted on Jun, 29 2011 @ 02:19 AM
link   
The fact that you are doing all of this in basic Explorer.exe and would even dream to call yourself a "Professional".... I am sorry to say that, because you are using anything made by Microsoft... Your computer is a gigantic file cabinet of information waiting for anyone to just grab the handle and yank.


Want Security?

First Rule:

Don't use anything proprietary.

Go UNIX.



posted on Jun, 29 2011 @ 03:11 AM
link   
I would like to ask the OP (or anyone else) if they have any links to a good, general "one-stop" source for computer security and privacy info. Written for a non-techie (me).

Thanks in advance.



posted on Jun, 29 2011 @ 02:53 PM
link   
^^^ - That's something that's going to be difficult to find. Your best bet is to ask general questions and get others to give their opinions. There are so many different options, and layers to security and the likes, it would be next to impossible to grab all of it. Are you wondering about firewalls? Anti-virus, anti-malware, spyware, root kits, etc.?

So far, I have never been hacked, or had an infection. Here's what I run. Don't know if this will get you started or not.

Firewall:

My cable modem connects into a PC running Smoothwall. Smoothwall acts as a firewall, as well as the router. I have 3 network interfaces on the "internal" side of this machine. Smootwall breaks their interfaces into colors; Red, Green, Purple and Orange. Here is how they are laid out, and a general overview of their functions.

Red: External, connected to your modem.
Green: Internal, secure LAN (Mine is wired) - This interface can access all others by default. This is where my personal computers and file server reside.
Purple: Internal, secure LAN/WAN (Mine is wired and wireless) - My wireless laptops, Xbox, DVR, Blu-Ray, etc. connect to this LAN.
Orange: This is my DMZ. I have a bogus web server on there, with no security. This is so people can play and think they're stealing something, while my firewall logs appropriate information for me to retaliate later. It's an old P2 system, running Windows 2000. If they totally destroy it, I don't really care. At least they won't be messing with my other stuff stuff.


Security Software:
Anti-Virus - Panda. I run Panda because a long time ago, there was a piece of code called "Magic Lantern" that McAfee and Norton agreed to NOT look for, but Panda told Magic Lantern's creators to shove it. There are a lot of good anti-virus software, and people will differ on opinions here. Nod32 is a good one too. Remember though, none of these are any good, if you don't update your software regularly (daily).
Anti-Malware - Malwarebytes. Update, boot to safe mode, and run a scan. It works very well. I only run this about once a month or every 2 months. Only when I'm paranoid. The Malwarebytes forums occasionally update a program called "combofix" that cleans root kits. I've fixed several people's computers using this, in conjunction with Malwarebytes.
Anti-Spyware - Spybot S&D. Like Malwarebytes, I only run this occasionally.

Note1: If you use wireless, use WPA2 or later security and have a strong key.
Note2: For your passwords, don't use "password" or the name of your dog, or anything like that. Use upper case, lower case, numbers, and special characters if possible.
Note3: Avoid connecting your laptops/phones to public WiFi networks.
Note4: Don't go to Warez sites, stay away from file sharing things like Bearshare, Torrents, etc (unless you know what you're doing, and can afford to lose your data if your system gets infected).

There's a lot more to consider, but hopefully this gets you looking in the right direction.



posted on Jun, 29 2011 @ 11:31 PM
link   
A really big magnet off of an old speaker will work really well for erasing all data off a magnetic HDD. I use a magnet from an old 18" sub-woofer and it seems to do the trick. Like another poster mentioned, if you're that concerned about your data then take a hammer to the drive or burn it.

The weakest link in your security scheme will always be a windows based OS. Using a falvour of Linux such as Debian is the best way to go, not only for security but performance as well.



posted on Jun, 30 2011 @ 01:33 AM
link   

Originally posted by scghst1
The fact that you are doing all of this in basic Explorer.exe and would even dream to call yourself a "Professional".... I am sorry to say that, because you are using anything made by Microsoft... Your computer is a gigantic file cabinet of information waiting for anyone to just grab the handle and yank.


Want Security?

First Rule:

Don't use anything proprietary.

Go UNIX.


Ahh the old insult. Do you even know I i have used unix but there is software that I use that is not made for linux? Secondly do you even use encryption?

Lets see you post some forensics analysis. Yea did not think so. I am more professional than you.



reply to post by Jocko Flocko
 



Even if you use Linux, I will still be able to recover your data as the previous poster thinks he is immune just because he is using linux.
edit on 30-6-2011 by THE_PROFESSIONAL because: (no reason given)





top topics
 
9
<<   2 >>

log in

join