39 replies to this topic

[lut4]

Hey all, I had thinking about the senario when the police want to search your pc for illegal tools...

What shall you do? Delete C:...takes some time

format the partion?


or what, i have some warez and a bit tools for hacking so if they came?

[netcomm]

Get nude, that'll throw/turn em off I'm sure.

[joepi]

Tell them you need 5 min to get dressed. Get the hard drive out and get out the disc and scratch it deeply in all directions.
Just make sure they didnt come around for a parking tickets

[bonarez]

Hey all, I had thinking about the senario when the police want to search your pc for illegal tools...

What shall you do? Delete C:...takes some time

format the partion?

or what, i have some warez and a bit tools for hacking so if they came?

delete what? C:? oh you mean hda1

well since deleting stuff in your OS only means deleting their file allocation table entry, all data will still remains on the disc and will easily be recovered
same story with formatting, only disaster recovery option is a dod government wipe, whitch takes allmost as long as encrypting it.

disaster avoidance gives the option of encryption, whitch requires a bit of cpu powers, but brings 'plausible deniability', at least where I live.. laws can be a bitch

as far as applications go, I try to host as many apps possible through ssh or rdp remotely.

ps: funny one for the females DH

[lut4]

hehe good ones...what about darik's boot in nuke?

[expaethitec]

Always have a location at your home from where you can watch the people on your door without being noticed.Then if it's the police you should immediately replace that X-harddrive with A backup harddrive (showing you are an average pc user...games,microsoft office etc)

Note:The above thing works only if they are searching your PC and not the house.

[hugopnr]

I would hide the HDD under my bed ! They won't find it ...

[Little_Dice]

Deleting the files won't do. Because the police can always just file carve the drive and recover them. What you can do.

A. Put everything on an external hard drive. (Hide it well) in the wall in an air duct, just be creative)
B. Encrypt EVERYTHING. Their are a bunch of programs that will do drive encryptions. Personally I put everything in a passworded rar. (Make a strong password- symbols, numbers, letters, upper case letters, and at leaste 9 digits, and don't write it on a sticky note)
C. For those of you who really don't want to be caught. Build a huge electro magnet and the second the cops show up flip a switch and that will pretty much destroy everything. (I have heard of file carving after this, but lets get real unless you control a net of bots and are a big suspect they arn't going to waste their time)

[agentmimi]

Deleting the files won't do. Because the police can always just file carve the drive and recover them. What you can do.

A. Put everything on an external hard drive. (Hide it well) in the wall in an air duct, just be creative)
B. Encrypt EVERYTHING. Their are a bunch of programs that will do drive encryptions. Personally I put everything in a passworded rar. (Make a strong password- symbols, numbers, letters, upper case letters, and at leaste 9 digits, and don't write it on a sticky note)
C. For those of you who really don't want to be caught. Build a huge electro magnet and the second the cops show up flip a switch and that will pretty much destroy everything. (I have heard of file carving after this, but lets get real unless you control a net of bots and are a big suspect they arn't going to waste their time)

use truecrypt and put 2 passwords in one encrypted folder. if cops ask for the password give them the fake one.

[Jim]

Assuming you're in the States, you most likely won't have any choice. If the police suspect you're doing something illegal and want the drive, they'll obtain a search warrant and will most likely kick in your door in the middle of the night so you don't have time to do anything. Should another situation arise where they knock on the door and ask to talk to you, don't let them in. There's something called the Fourth amendment which protects you from unlawful search and seizure. As soon as they are given permission to enter the house, they have a lot more permission than you think. You do NOT have to let the police in.

Deleting something isn't going to work as a poster above already stated. When they sieze the computer, they will unplug it completely. This is to avoid any programs that might be set to do encryption/deletion upon shut down. When they take it to the lab, they will mirror the entire disk, most likely using the EnCase forensic software to begin file recovery.

Your best bet is to use full drive encryption. PGP has the longest track record of being uncrackable by investigators. If your pass-phrase is known only to you, as in not written down, and it's long and complex, you're good to go. Coincidentally, there's a current news story about a man who was arrested for stuff on his computer but the feds can't get anything because he's using PGP drive encryption. A judge recently ruled that the government can't force the man to reveal his PGP pass-phrase, because his Fifth amendment right to not incriminate himself still applies.

hxxp://www.news.com/8301-13578_3-9834495-38.html

[Jim]

ok I'm kinda missing something...

how does computer shutdown NOT make investigators loose evidence?
I mean if they shutdown and next boot everything is encrypted?

Secure deletion of files does work if you use DOD standard or the crazy w/e his name is standard forgot about the name.

PGP can't hold the record for longest not broken WDE because there where/are 2 known backdoors for it.

There are no back doors in the official PGP distributions. PGP was created by Phil Zimmerman, a staunch privacy advocate, and despite urban legends, there were never any back doors in the official releases. From his official site:

Q: Are there any back doors in PGP? Come on, you can tell me, I won't tell anyone.

A: No. There never have been, and never will be, at least as long as I am associated with the product. I didn't go through all this trouble just to see my product become corrupted. Besides, we publish the PGP source code, so you can check it yourself.

Also, if you read some of of my political writings (such as my Senate testimony, Why I Wrote PGP, and the preface to one of my books), you will get a sense of my political values and motives, why I developed PGP, and why I would never allow a back door in PGP.

The team of people who make PGP share these values. They work on PGP because they believe in PGP. They aren't going to put backdoors in PGP. I have worked with them for years, and they are just as committed as I am.

Q: I assume you put a back door in PGP because of the September 11th attacks. Is this true?

A: No, the attacks did not change my convictions about privacy and civil liberties. See my response to a post-9/11 Washington Post article.

Q: I heard a rumor that you cut a deal with the US Government to put a back door in PGP in order to not be prosecuted for publishing PGP. Is this true? Come on, you can tell me, I won't tell anyone, I promise.

A: You heard wrong. No, I didn't cut any deals, and would not have done so even if it was the only way to stay out of prison. But I didn't have to negotiate with them at all. After a three year criminal investigation, they did not indict me, because we beat them.

The Government would have had a very tough time proceeding with a criminal trial in 1996. There were serious First Amendment issues. They also had significant evidentiary problems proving their case. And there were huge political problems with proceeding with a case of this kind in an election year, given the nearly unanimous sentiment in the computer industry against a prosecution. Not everything that happens in the world is a result of some dark conspiracy. Sometimes you just win. This was one of those times.

Sometimes people ask me if the government chose not to prosecute me because they just figured out some way to crack PGP, perhaps by some fancy method of cryptanalysis, without me actually putting in a back door. I find that most unlikely, for a number of reasons. First, if the NSA did develop a means of breaking PGP, they would keep it under tight wraps, and would certainly not tell a federal prosecutor about it. The NSA would never trust the cops with a secret of that magnitude. Also, the popularity of PGP was greatly enhanced by my harrassment from the government. If the NSA could break it, it would make more sense for them to just sit back and allow a prosecution to proceed, which would make PGP even more popular, and thus give the NSA even more opportunities to exploit their secret capability. So if the lack of my prosecution is all the evidence you have of some secret NSA capabilty to crack PGP, I think your case falls apart. The real reason why they didn't prosecute me is that we simply beat them.

As for pulling the plug. You have to get the machine out of the house somehow, so I'm guessing they view pulling the plug a safer bet then letting it shut down normally. The next step will be going to the lab where they can image the disk completely, without needing to boot from it.

[White Scorpion]

so, to be really paranoid:

1. setup a hdd password
2. use drivecrypt or other full disk encryption system to encrypt the disk.
3. create a container with 2 layers with truecrypt
4. in the inner container put a password protected rar file (3.x), in the outer container some pr0n.
5. encrypt the rar file with some unknown encryption system, one you made yourself for example.

finally put the laptop in a safe where the inner side is composed of some material which will ignite at >50 degrees celsius.
If you don't give m the key / password to the safe they will have to use a torch or drill to open it. This will cause enough heat to ignite the safe itself and the laptop with it.


It'll be a hassle to work with the data every day, but if it's for storage then it should be fine