AnonTalk BBS — Discuss anything anonymously without registration.
Anonymous 58955ace79a814930ce443d0a8b8aa5b started this discussion 2 months (2008-10-12 18:11:54 UTC) ago:
Hello AT.
I am writing this because somebody I know just got arrested for downloading illegal material.
I have worked for an internet service provider for some time, and have formal qualifications in IT and have picked up skills relevant to online anonymity and safety.
I do not want anybody else to get caught, because I believe very strongly in freedom of speech, and privacy. If you have any questions regarding your online safety, I am listening.
Here are some general guidelines for safe browsing:
1. Do NOT search for illegal material on Google, or on any other search engine. Don't click on links if you think they are unsafe, fire up Tor first.
2. Download Ccleaner (Ccleaner.com) and Eraser (www.heidi.ie). Both these programs are open-source, so there are no 'backdoors' in them. Ccleaner securely erases your browsing traces. Eraser securely wipes free space on your hard disk. Use them every time you visit questionable sites.
3. Familiarise yourself with Truecrypt hidden volumes, and hidden operating systems.
4. Get to know where windows stores logs of your activities. The page file, hibernation file, thumbs.db etc. all keep incriminating information. It is better to disable them.
5. Never store confidential files on your hard disk. Use a usb flash drive, or sd cards with hidden volumes on them.
6. Download dban (dban.org), burn the iso file to a cd. The unlikely situation might arise when you might have to nuke your entire disk quickly and securely.
7. Always use Tor for unsafe browsing.
8. Throw away Internet Explorer, Download Firefox. Version 2 is fine.
9. Disabling java, javascript, cookies and cache in Firefox is necessary, even when using Tor.
10. Disable all the plugins in Firefox except Torbutton, these reveal information about you unintentionally.
11. If you download CP or warez, make sure nobody physically sees you doing this. This may sound stupid, but alot of people got caught by this method. Put dark curtains on your windows, and face your computer monitor away from your rooms doorway.
12. Try and have only one hard disk in your pc, windows uses others to store information without your knowledge. Keep the disk 80Gb or smaller if possible. This makes wiping the drive easier and faster.
13. Never EVER give out personal information on the internet. Period.
14. If you use a laptop at home, buy another 2.5" hard disk for it. Use the original for everyday use, the other for downloading your files. Keep the hard disk cover open in the laptop, so as to ensure you can swop disks quickly. Also, find a pre-determined place in your home where you can hide it in a hurry, that's almost impossible to find.
15. Use Bruce Schneier's 7-pass, or Peter Guttman's 35-pass wipe algorithms for deleting files. For free space, DoD is fine.
I sincerely hope that this was of help to you. Please feel free to comment.
Advertisement: Do you know when and how to use the apostrophe in English? If not — learn!
Anonymous 48dbd5e7b44a84778d695ea1958a2038 replied with this 2 months (2008-10-12 18:25:50 UTC) ago, 14 minutes later (#68,933):
How likely is a regular warez downloader to get caught? I never intentionally download any CP or anything else which would be illegal even if it wasn't "stolen" material.
Anonymous 58955ace79a814930ce443d0a8b8aa5b (OP) replied with this 2 months (2008-10-12 18:32:16 UTC) ago, 6 minutes later (#68,936):
@68,933If you download warez only, you don't have to worry as much. If you live in America or the UK though, you should set up medium level security for your system. What programs do you use for downloading warez?
Anonymous 48dbd5e7b44a84778d695ea1958a2038 replied with this 2 months (2008-10-12 18:38:15 UTC) ago, 6 minutes later (#68,939):
Rapidshare and similar mostly. Sometimes utorrent.
Anonymous 7b7bc510af28214024f9feaaf82e375a replied with this 2 months (2008-10-12 18:38:57 UTC) ago, 42 seconds later (#68,940):
@68,933I was formerly the systems administrator for a medium-sized ISP (in 2000, back before they all merged). Federal agents would show up with warrants with some frequency to demand records relevant to child pornography, both downloaders and distributors. There were occasionally demands for information regarded warez distributors. Never, to my knowledge, did the FBI or any other federal agency bother looking into warez downloaders, and of course, we had plenty.
Of course, that doesn't mean that it didn't happen, and it doesn't mean that it doesn't happen now.
I pretty much agree with the OP, especially about the use of tor and truecrypt. A lot of those other utilities, however, aren't really worth it, IMO. If you really want to be safe, use truecrypt and Linux on an external drive — you really don't need anything else. If privacy and security is your concern, then Windows is your #1 enemy. I would only trust a Windows computer if
all of the partitions were fully encrypted at all times — you just have no idea what data Windows collects, and where it stores it, and anyone who tells you otherwise is either lying or ignorant.
Anonymous e7b9b2d4c33e457c3a7b1d3e69f3610d replied with this 2 months (2008-10-12 18:41:41 UTC) ago, 3 minutes later (#68,941):
Truecrypt can protect your entire hard drive now, I tried it the other day and it fucked up claiming my drive was damaged but your mileage may vary.
I don't' have anything illegal, not into that, I just want to piss someone off if they ever think I do.
Anonymous d886d6b8e8f5fca548251849f55dbdc7 replied with this 2 months (2008-10-12 21:47:05 UTC) ago, 3 hours later (#69,010):
All I use is Limewire, should I take any measure? I don't download any movies or anything, just the occassional music file.
Anonymous 5d6f42ae35ee13a863024c2a449eb840 replied with this 2 months (2008-10-12 21:54:50 UTC) ago, 8 minutes later (#69,013):
personally, all i see is empty threats.
I don't see how one ISP is going to take down all there customers who do warez. Nearly everyone does it. those who would most likely get caught, are those who burn it to a disc and sell it.
however i can see how CP would be a problem.
Anonymous 9b80b0bc5cf5a0ef32fab7e70e430d66 replied with this 2 months (2008-10-12 22:45:23 UTC) ago, 51 minutes later (#69,038):
Instead of using Truecrypt, do all of your CP browsing inside a virtual machine. On shutdown, have the VM revert to a clean, CP-free snapshot. Keep all of your CP on a high-capacity SD card. If the FBI comes looking for you, you accidentally sit down on it while it's in your back pocket (where it should be whenever it's not in your computer) and snap it in half.
Anonymous cc90dbe7fb9906b6b695ad0b322718ed replied with this 2 months (2008-10-12 22:49:10 UTC) ago, 4 minutes later (#69,039):
how secure is putting a couple of bullets into your HDDs? Seems like this would be the fastest way to destroy a couple of disks
Anonymous b2ddb3ad25dbbdb0023f883b2dc587e0 replied with this 2 months (2008-10-13 00:43:57 UTC) ago, 2 hours later (#69,086):
If you want to destroy a hard drive very quickly, microwave it. Then unplug the microwave. They may not even be able to tell WHEN you microwaved the drive. You're better off following OP's advice though.
Anonymous 48dbd5e7b44a84778d695ea1958a2038 replied with this 2 months (2008-10-13 08:38:43 UTC) ago, 8 hours later (#69,225):
@69,086> Then unplug the microwave.Why?
Anonymous 88eb1d629fc78207d619e4bce496c510 replied with this 2 months (2008-10-13 12:30:04 UTC) ago, 4 hours later (#69,245):
I think many people have unintentionally downloaded underage materials.
My emergency contingency is to take it out into the country and throw it out into the wilderness, never to be seen again for some centuries. Now if my ISP has my record and cares to trace it (and has the legal authority to do so), that's a different story. It would be horrible if something like that happened. I don't know what could be done in that case.
Anonymous 1a194f92d5f3564cf54668ff539723b3 replied with this 2 months (2008-10-13 17:19:11 UTC) ago, 5 hours later (#69,296):
@69,245They can do nothing. IP addresses by themselves are meaningless, and if you have nothing on your hard drive, they have no case.
Anonymous 0719c639fae6bc09cf9b4b608d6a5323 replied with this 2 months (2008-10-13 21:38:51 UTC) ago, 4 hours later (#69,376):
And how exactly are you going to shoot your hdd when the cops are at your door and not make them very suspicious? When they ring the doorbell, hear a few gunshots in response, you let them in and they see an openened computer with several smoking holes through it and a few empty casings next to it, they aren't going to say "can't see any evidence here, we'll be going then".
Anonymous 1cfc9e5e6416c39f9bd5b74125de18c3 replied with this 2 months (2008-10-13 23:48:41 UTC) ago, 2 hours later (#69,441):
@69,376Something tells me that whatever they cite you for when you shoot your hard drive to pieces will be far less than the jailtime for CP.
Anonymous 58dd28e1bc86b2def7988aec997400a9 replied with this 2 months (2008-10-14 03:41:41 UTC) ago, 4 hours later (#69,556):
or buy a strong magnet an if in need just swipe it across the hard drive
Anonymous 7b7bc510af28214024f9feaaf82e375a replied with this 2 months (2008-10-14 05:54:57 UTC) ago, 2 hours later (#69,599):
NOTE: I'm not a pedo myself, and I hate child porn and wish that the creators of it would die in a fire. However, I hate censorship even more, and I don't like the idea of people facing criminal sanctions merely for possessing information. Hence, my advice.
@69,556Just wanted to point out that this poster is correct. The use of a degaussing magnet is a
far faster and more reliable way to completely destroy the contents of a disk than any of the other methods (microwaving, shooting, etc.). If you degauss it, it's GONE and cannot be recovered.
I would still recommend full-disk encryption with a hidden volume. An earlier anon suggested running in a virtual machine, and that's a good idea, but I wouldn't trust it if it were running in Windows, for instance. This is because Windows could be using virtual memory (disk swap space) as RAM for the virtual machine. Then, you could end up with your swap space being filled with illegal materials that would survive both the resetting of your VM disk and a reboot of the host OS. The software commonly used by investigators
would detect this. However, if you are confident of your ability to prevent such little oversights from occurring, this would be a great method — although, where are you going to save your illegal material?
I suppose that I am in a unique position to offer advice on this particular subject, since not only do I have experience as the former senior tech at an ISP — I am now a U.S. criminal defense lawyer. The anons who suggest to destroy your drive to avoid conviction are leading you to tread on very shaky legal ground. I'll explain:
Suppose that the State has evidence, obtained from third-parties and your ISP, that shows that your IP address downloaded child pornographic images. This, just by itself, is very likely not going to be enough to convict you. However, if you are caught destroying evidence (or refuse to provide a decryption key*) then the prosecution will almost certainly be able to get an instruction to the jury saying, "If you find that the defendant intentionally destroyed the hard disk drive, then you may assume that the hard disk drive contained evidence damaging to the defendant." BAM — the jury convicts your ass.
* Actually, this issue has come up in one federal jurisdiction, and a federal magistrate judge ruled that the defendant could
not be required to provide his key due to 5th amendment concerns. However, as much as I like this ruling, it's actually wrong (given the precedents), and I expect it to be overturned shortly and the rule established that the government can compel you to cooperate with decrypting your drive, or else get an instruction to the jury saying that they get to assume that you're hiding CP on it.
This is why you want to use truecrypt with a hidden volume — you have plausible deniability. When asked to produce the decryption key, just provide the one that will decrypt the "innocent" portion of the drive. In my opinon, both technically and legally, this is a safer solution than destroying the drive, and a more useful solution than using a virtual machine or a liveCD.
Anonymous 6109eeb128fd53149489e69eb49a19b5 replied with this 2 months (2008-10-14 20:16:24 UTC) ago, 14 hours later (#70,005):
Anonymous 4dc0e3f176fdc9b1c6747e4943b612d7 replied with this 2 months (2008-10-15 05:14:50 UTC) ago, 9 hours later (#70,285):
@69,599> An earlier anon suggested running in a virtual machine, and that's a good idea, but I wouldn't trust it if it were running in Windows, for instance. This is because Windows could be using virtual memory (disk swap space) as RAM for the virtual machine. Then, you could end up with your swap space being filled with illegal materials that would survive both the resetting of your VM disk and a reboot of the host OS. The software commonly used by investigators would detect this. However, if you are confident of your ability to prevent such little oversights from occurring, this would be a great method — although, where are you going to save your illegal material?Good catch. I didn't think about swap space being used as virtual machine RAM before. You could solve this problem by fitting the VM entirely within the physical RAM. (I know VMWare Workstation has an option to do this) If you're ultra paranoid just turn the swap file off altogether. As for where to put your CP, this thought really baked my noodle today. If you put it in a hidden volume, wouldn't it look very, very suspicious when you give the investigators the 5GB normal volume password to a 6GB file container? I don't think it can be
proven that you're hiding something, but why else would you create a bigger volume than you needed?
The bottom line is that if you're paranoid enough to go through the trouble of installing a virtual machine and surfing securely, you shouldn't save illegal material in the first place. The only people that ever get caught are the people who make the CP and the fucking idiots that pay for it with their own goddamn credit cards.
Anonymous 449fa725d3a674726f7e1a9ef827d225 replied with this 2 months (2008-10-15 07:21:19 UTC) ago, 2 hours later (#70,321):
if you really are a pedo or warez downloader, can't simply stealing a wireless signal from somewhere remove even the chance that anyone would ever get to you at all? i'd still keep stuff on a usb drive or something and wipe the free space. having stuff like that would make me really paranoid regardless. but, isn't it a good idea to eliminate the link to you at all? nobody's going to randomly show up if you were on a connection of someone else, eh?
Anonymous 68a2d21b762d69367cea0f56ec9379a4 replied with this 2 months (2008-10-15 09:51:57 UTC) ago, 3 hours later (#70,366):
It's a falsehood to rely on encryption alone. It's called Windows for a reason. And if you think Tor or proxy methods are going to cover your tracks, you neglect to remember that ALL traffic is routed through NSA hubs at EVERY ISP. Data-mining is a billion dollar industry. Anonymity is dead. DEAD! Just a quaint little idea for kids to play dress up and champion non-causes like protesting parody religions and screaming at walls.
Anonymous 7b7bc510af28214024f9feaaf82e375a replied with this 2 months (2008-10-15 10:32:59 UTC) ago, 41 minutes later (#70,369):
@70,285> You could solve this problem by fitting the VM entirely within the physical RAM.I actually thought of another problem with the VM method. You'd have to make certain that you did an overwrite on the section of the drive where the VM's volume was located, because otherwise, an attacker could certainly do data forensics on the unallocated space left over after you copied the original image back. Perhaps the best method for doing this would be using non-writable media like a liveCD for your browsing.
It's little things like this that always pop up that have led me to the opinion that full-disk encryption is really the best way to go if you're going to have any writable media on the machine.
> If you put it in a hidden volume, wouldn't it look very, very suspicious when you give the investigators the 5GB normal volume password to a 6GB file container? I don't think it can be proven that you're hiding something, but why else would you create a bigger volume than you needed?Actually, in truecrypt, the hidden volume is stored in the free space on the "ringer" volume. You really can't tell that there's a hidden volume at all — it just looks like one big volume. If you filled the "ringer" volume up, you'd actually overwrite the hidden volume.
One of the beauties of RSA (and similar) encrypted data is that it is virtually indistinguishable from regular old random data. There are some mathematical techniques that can be used to
suggest that data is less likely to be truly random, but I am confident that this wouldn't even rise to the level of probable cause from a legal standpoint (much less meeting the necessary threshold of proof).
> The bottom line is that if you're paranoid enough to go through the trouble of installing a virtual machine and surfing securely, you shouldn't save illegal material in the first place.You're right, at least with respect to porn collections. I have a large porn collection, but thankfully I'm not a pedo, so it is CP-free. I'd just give up and not have porn if I had to go through all of this trouble to protect myself. However, I disagree with the idea that we should just give up on storing illegal material — in some places of the world, this is important stuff (i.e., not child porn). If you use strong, full-disk encryption, you really are pretty much just as safe as if you never saved it.
Anonymous 7b7bc510af28214024f9feaaf82e375a replied with this 2 months (2008-10-15 10:35:50 UTC) ago, 3 minutes later (#70,370):
@70,321Well, if you do that, you're basically using a proxy (your neighbor), right? If you are just wardriving around, you're probably perfectly safe with this method, unless you happen to hit a government-controlled honeypot (probably named "linksys").
Even then, if you don't know what you're doing, you could be setting yourself up for trouble. Suppose the axe falls on your neighbor and he/she gets investigated. The police figure that the neighbor is genuinely innocent, so they check out her router's logs and see the list of MAC addresses that have been connecting to it. They cross-reference the MAC addresses with the manufacturer's lists, and one of the officers sees you with a Sony laptop (which has a network card with a MAC address in the proper range to match the one that was connected to the router when the illegal downloading occurred).
This is enough information to get a warrant to seize your laptop. The police show up and nab your laptop, and since you don't believe in encryption, everything's just sitting there, or at least in your history or cache. Uh-oh.
The tor + disk encryption scenario, in this case, is actually a little safer. Probably your tor exit node is in India or Germany — there's not much that the police can do here to discover what's going on there, so they'd never even have cause to investigate in the first place. Secondly, even if you did ever get your laptop seized, no-one's getting anything off of it.
Of course, if you want warez, that's overkill. They don't really give a shit about that unless you are distributing — wardriving is more than enough protection.
Anonymous 7b7bc510af28214024f9feaaf82e375a replied with this 2 months (2008-10-15 10:38:02 UTC) ago, 2 minutes later (#70,371):
@70,366> It's a falsehood to rely on encryption alone. It's called Windows for a reason.Well, I agree with you that if you use Windows, you can never be truly safe, because you never know just what the OS is doing. Plus, it just generally sucks — you probably have a trojan already on the damn thing that's recording what you're doing without your knowledge.
> And if you think Tor or proxy methods are going to cover your tracks, you neglect to remember that ALL traffic is routed through NSA hubs at EVERY ISP. Data-mining is a billion dollar industry. Anonymity is dead. DEAD! Just a quaint little idea for kids to play dress up and champion non-causes like protesting parody religions and screaming at walls.With all due respect, you do not sound as though you know what you are talking about.
I assure you that the NSA does not have hubs in Europe or Asia, where most tor exit nodes are located. Moreover, anyone using tor to transmit data that is sensitive in and of itself will be using encrypted transport, meaning that being able to sniff the traffic through a single middle hop would be useless to an attacker, anyway. I promise you that the NSA does not have either secret quantum computers with which to do bruteforce cryptanalysis on data encrypted with modern ciphers, nor a secret breakthrough in theoretical mathematics that is unknown to the academic community.
Granted, it is theoretically possible for the NSA or some other U.S. government agency to nail someone who comes out at a government-controlled tor node and goes in through a government-controlled sniffer, but the necessary traffic analysis would be non-trivial to perform. They aren't going to waste that kind of effort unless there's a serious political issue at stake, and even then, there's no guarantee of success if their goal is to press criminal charges against an individual (it would certainly be hard to prosecute a criminal case based on the esoteric evidence that they would have to present).
Anonymous adc7d2ca30939888060944c8ad33ed8a replied with this 2 months (2008-10-16 02:37:43 UTC) ago, 16 hours later (#70,632):
@70,366ALL traffic is routed through NSA hubs at EVERY ISP. Data-mining is a billion dollar industry.
If the US Government had the time, money, or ability to do that, things would be a little different than they are now. Though I've never downloaded CP, I have done a few illegal things online without using any sort of security at all. As far as I know, the NSA has no idea. If the government had that much power, CP wouldn't be a problem- it wouldn't exist. The FBI would burst through the front door of anyone who produced, distributed, downloaded, or thought anything illegal and arrest them. That obviously doesn't happen. Furthermore, you're a troll and I don't like you.
Anonymous b91fc57471a928e06975a9e1def0540d replied with this 2 months (2008-10-17 05:30:23 UTC) ago, 1 day later (#71,084):
any suggestions for mac fags? i foolishly got a "cut that out" letter from my isp for not using a proxy on a torrent am i on the lookout list or what
Anonymous 641565a89b7b3ff26de67930fe6001f0 replied with this 2 months (2008-10-17 21:08:08 UTC) ago, 16 hours later (#71,301):
@71,084> any suggestions for mac fags? i foolishly got a "cut that out" letter from my isp for not using a proxy on a torrent am i on the lookout list or whatNaw, you should be totally fine. As stated in the entire rest of this thread, no one's going to go after you for DLing warez. Unless you were torrenting CP, you should be totally fine…
Obviously, be more careful next time though…
© AnonTalk.com 2008