In article
<MPG.1c2676d98492fc25989c65@news-server.columbus.rr.com>, Leythos
<void@nowhere.org> wrote:

Given that privacy has been virtually eliminated, constitutional
protections against search and seizure have been eroded,
frivolous lawsuits are rampant, identity theft and spyware
probing are rife, and the not-so-gradual drift towards both
pre-fascism and litigiousness, it is a matter of elementary
prudence to ensure that our data is not accessible to snoops of
all kinds, official and otherwise.

While I recommend full OTF encryption of HDs as the better
approach, scrubbing is another workable approach to these
problems.

Nor need the likelihood of the problems be high to jsutify taking
action. Although the chance of my house burning down is small, I
still carry fire insurance. In short, prudence is not paranoia.

Regards,

In article
<MPG.1c26783acd453b3d989c66@news-server.columbus.rr.com>, Leythos
<void@nowhere.org> wrote:

Yes, one of the key characeristics of sheeple is their repeated
assertion that "all is futile" asince "they" are all-powerful and
all-knowing. It is a primitive defence mechanism to justify
torpor and inactivity and reinforce a sense of belonging to a
passive herd. No doubt their ancestors warned against trying to
oppose George III and his redcoats.

But it is, of course, just another example of defeatism as an
excuse for inaction. The plain fact of the matter is that is
quite possible to render one's data (and, speaking more broadly,
one's life) opaque to those who would intrude or obtrude on them.

That includes mechanisms that can thwart even the most serious
adversaries (e.g., TLAs of major governments) or, failing that,
at least raise the costs of surveillance out of reach for even
them in all but a very few situations. Those who provide cover
traffic also serve, even if the contents of their encrypted or
scrubbed HDs are so bland and benign as to bore anyone to tears.


Yes, passivity once again as the overarching approach to life.
No, my dear Leythos, we all make our world every day in every way
right down to our smallest actions. Our fate is in our own
hands.

Regards,

In article <MPG.1c268b6cb9cd5dbb989c6a@news-server.columbus.rr.com>, Leythos <void@nowhere.org> wrote:

Keep thinking you can stop me, that's your right, and more power
to you, but you're only kidding yourself.

Regards,

Leythos wrote:
- Regarding the WAN, you argue that the good is the enemy of the
perfect - that because 100% anonymity/privacy online can not be assured,
striving for something less is foolish.

Yes a determined, well-resourced, focused snooper will get you -
straddling mix relays if necessary.

But an encrypted VPN to a -somewhat trustworthy- anonymizing ISP will
decrease the number of logs at tracking destinations, of potential
snoopers along the backbone; and at your do-good ISP. If it contains a
mixed connection elsewhere, it's pretty good. It isn't 100%, but it
exceeds the 0% most accept.

- Regarding the box, your same 100% criticism applies to a "clean" PC.
One needs to discard unnecessary documents to free limited storage
anyway! And if some of it can be misinterpreted or misused if viewed by
others, why not render those documents and records completely deleted?

What is the downside to learning how to do this, and incorporate it into
routine hygiene. Lots of embarrassing tidbits on most boxes; once "they"
(e.g.local thief, local cop, random inspection at airport security)
recovers those tidbits, you'll be a candidate for embarrassment at the
least. Don't have to be a judicial candidate, terrorist or kiddee porn addict

I don't keep my box and Internet activity "clean" out of fear of "them"
- nor do I keep my house clean out of fear of "them" - rather, doing so
is rewarding intrinsically, and has the additional benefit of preventing
certain kinds of grief should others inspect my space, or recover some
un-shredded paper or magnetic document.

In article
<MPG.1c268abfd7da82b7989c69@news-server.columbus.rr.com>, Leythos
<void@nowhere.org> wrote:


Irrational fears?

What could have been more irrational a few years ago in the US
than to believe the twin towers could be brought down by 19
rag-tag terrorists?

What could have been more irrational a few years ago than to
believe the US would abrogate great swaths of constitutional and
treaty law?

What could have been more irrational a few years ago than to
believe that there could be "secret laws" and directives, which
could get you imprisoned but which you were not allowed to even
read? Laws which could regularly put Senator Kennedy on a no-fly
list?

What could have been more irrational a few years ago than to
believe that the executive branch could jail folks - even US
citizens - without due process or even being charged for three
years or more? Executive fiat on whim and without explanation
that would make George III or Louis XVI envious. Jail - or even
torture - on exactly the same basis as those despots and tyrants,
raisons d'etat!

And that's in a so-called bastion of free rights - what about
other countries?

Irrational fears?

Regards,

PS Your failures of understanding or imagination do not set
the limits of the possible. Irrational fears indeed!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <cpggvf$nt9@dispatch.concentric.net>
winged <winged@nofollow.com> wrote:
Interesting...

Thus do something to increase your privacy...



Did you read this paper?

"Secure Deletion of Data from Magnetic and Solid-State Memory"
Peter Gutmann
Department of Computer Science
University of Auckland

http://www.cs.auckland.ac.nz/~pgut00...ecure_del.html

Do you know Tor?
http://tor.freehaven.net

Once again, read Gutmanns paper about secure data deletion.

Maybe you don't understand it well?
I say that it is secure.
Man in the middle attack is no problem if you are using keys
signed by a trusted third party, or you are able to verify the
keys yourself.

Once again read the papers.

Why?
You are saying that they are able to decrypt everything?

Please be more specific.

"unlimited resources"...

It's not myth, it's reality.

Just use full HD encryption.

cypher

-----BEGIN PGP SIGNATURE-----
Version: N/A

iQA/AwUBQbzaoSPnLg7nPH4AEQL9KgCeNdqeJzVyPXfYwVQBHXYuCV X+udgAoOqf
HpFBxSH4OJRohADUYd9SS8bw
=YB88
-----END PGP SIGNATURE-----

Anonymous wrote:
the technologies used for disk recovery that applied when the anonymous
writer was probably in grade school (1996), probably doesn't deserve a
response. Forensic recovery methodologies have not changed, but the
technology has.

Winged is well aware of Freenet and Tor and their ability to obscure.
If Anonymous chooses to believe this tech will make him hidden, who am I
to argue. There are many ways to skin an onion if one desires. The
user would probably not understand basic node weaknesses in the approach
nor how packet structure used to basically pass the packets could be
reassemble the data stream either at the node or at the endpoints.
Following timing and sequences one can put packets together without
knowing the actual data (initially for tracking purposes).

If those with unlimited will and resources choose their is a very high
probability, that even someone who was innocent of doing anything
"illegal" could be jailed by statute for transmitting those encrypted
kiddie porn fragments (if such were to occur). Not saying it "would"
happen, but technically if you transmit this activity, even if you do
not "know" what it is, you might even be culpable under several laws.

Winged has been playing in this arena since the CP/M days (his first
computer was started in 78). Full HDD encryption works so long as one
can ensure the keys can not be re-created. This technology has existed
practically forever. If I know, for example,what a specific piece of
data is, that will reside in a specific location, say a non-movable
file, a boot record etc. one can go a long way to derive the keys used.
If I can figure out the tool being used (usually fairly
straightforward)) then that further fills a piece of the puzzle. There
are more tricks, but believing having your entire drive encrypted keeps
you secure against will and unlimited resources, well some folks believe
in Santa Clause.

If it is worth the impact to your operational performance to fully
encrypt your drive, feel free, more power to you. I believe you have
the right to believe in Santa if you choose.

I will continue to do basic security as that has its own reward in
anonymity. It bothers me however that someone might have Bubba as a
cell mate because anonymous promised him he was hidden and untraceable.

Yes anonymous, there is a Santa Claus.

Winged

winged wrote:
the keyboard plug, monitor and collect evidence entered from the
keyboard, then remove the device a week later (hopefully un-found) then
analyze the data input, probably be easier.
Winged

In article <MPG.1c269082fe5422b0989c6c@news-server.columbus.rr.com>, Leythos <void@nowhere.org> wrote:
You claim that no one can ever escape your clutches? And yet you
don't even know the purpose of Encase?

Encase doesn't hide anyone's on-line actions; it's forensic
software which discloses HD contents, including contents which
have been inadequately scrubbed. Nothing more, nothing less.

The reason to use it in conjunction with a scrubbing or
encryption scheme is as a QA check of those operations to make
sure nothing has leaked.

Regards,

In article <96b3b0a02d7d249e26048416c25b61a6@itys.net>, Anonymous
<mix@itys.net> wrote:
...snip interesting remarks...
I have long advocated full OTF HD encryption. With such a method
God Himself cannot recover anything from my HD. Why? Because it
has NEVER contained any plaintext.

And I'm more than comfortable that the NSA itself is not going to
make any headway cracking AES-256 in the next few decades.

Regards,

PS Yes, there are avenues other than cracking, but with
full OTF HD encryption I have raised the bar for compromising my
data privacy to a very high level.

In article <cpiv1a$sv@dispatch.concentric.net>, winged
<winged@nofollow.com> wrote:

Winged writes some interesting stuff, but...

First let me say that I have been actively using computers since
1963 (third year engineering) and the IBM 1401/1440 (32 K of
memory - upgraded from 4K! - when core WAS core and there wasn't
any OS). I remember when IBM 360 and operating systems were
newfangled inventions (and I remember cursing IBM for not
implementing a stack architecture). I've even participated in
hard disk races when they were as big as washing machines and had
hydraulic head positioners (you could make them "walk" across a
room by programming the right head sequencing). So, yeah, I've
been around computers for a while.

And, yes, there are all kinds of threat model, including
real-world analogues of the theoretical global passive and global
active adversaries, but networks like mixmaster and Tor give
excellent protection even from the very few TLAs who approach
this level of capability (and even they do not have unlimited
resources - they must choose their targets carefully).

Selective cascading of such networks (and other variant methods)
gives even stronger protection.

So rather than even respond to silliness like Leythos' absolute
statements about privacy not being achievable (which betrays a
woeful ignorance of even how to pose the question, let alone
arrive at an answer - no system is perfect; such is the human
condition) let me say that there are methods (ranging from
workable to superb) for achieving most privacy and anonymity
objectives in conjunction with realistic threat, consequence, and
response assessments.

Regards,

On Mon, 13 Dec 2004 05:23:31 +0000, wrote:

Actually, you are right, I have never used Encase, never needed it, and
had not followed back to the start of the thread. Late last night I loaded
up a linux box, downloaded all the thread, and started reading it from the
first post where some lamer tells us that a pirated copy of it is in a
warez group - not that I would trust it.

I think it's nice that there are programs available, and Encase is not the
only one, bit they are not the only tools we have when scanning drives or
monitoring a suspects online activity.

On Mon, 13 Dec 2004 09:48:30 +0100, Jim Watt wrote:

LOL, don't take me back to Core memory. I had thought I got away from
that, and then in the 80's when I was in the service, I was assigned to a
location that had computers that still used Core memory.

On Mon, 13 Dec 2004 00:42:49 -0800, Anonymous wrote:

Ah, I see you've never found a reason to catch a thief? Who are you going
to call when the "bad guys" take/steal/monitor/etc... your stuff.

There are times in life when you have to take a stand against stealing,
against corruption, against injustice, and it's not always a company or
government that is the guilty party, sometimes it's the person across the
street running a kiddie porn business, a mole in a company stealing
secrets for another company, an accountant taking company money, a kid
making threats against another kid, etc.... Would you want those types to
remain free?

On Sun, 12 Dec 2004 23:32:34 GMT, Leythos <void@nowhere.org> wrote:
<snip>

<snip>

If somebody is out wardriving with a stolen laptop and attempts to
bypass your firewall, could you uncover their identity without any
real problem?

HiS

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <CN9vd.498754$%k.1435@pd7tw2no>
nemo outis@erewhon.com (nemo outis) wrote:
Yes, I fully agree with you.

Winged wrote that the data can be recovered even after shredding.
That is probably true (according to this papers), but it would
cost so many money, human, time and equipment resources that it
is cheaper to use e.g. TEMPEST attack.
So few random passes is enough if you don't have *really*
important data to destroy.
(like data important for national security)

Even if NSA is able to crack your AES encrypted HD (I don't
think so, but *if*...) than they would *never* do this, because
it is cheaper, faster and easyier to kidnap/torture/kill you (if
you have something like launch codes for ballistic missiles on
your HD).
If they would crack AES than everybody would stop using it.

I don't know any better solution than full OTF HD encryption.

Regards

cypher

-----BEGIN PGP SIGNATURE-----
Version: N/A

iQA/AwUBQb3PbCPnLg7nPH4AEQItAQCgg1x9GLuiP8oPFi7zZtVmOl 4DgqMAoJ1N
aHwtcRQFCcxvYdv9ENlAo3Rx
=1uZe
-----END PGP SIGNATURE-----

~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article
<c58b8d5271da072a50009dd00f7ee5da@remail.amessage. info>
Max Mustermann <anonymous@remail.amessage.info> wrote:
Yes, you don't loose anything.

I would recommend DriveCrypt Plus Pack for personal use.
http://www.securstar.com


cypher

-----BEGIN PGP SIGNATURE-----
Version: N/A

iQA/AwUBQb4KUSPnLg7nPH4AEQIzMQCgikgUaks3nv8TggBVTsxlCv LT/CcAn09E
WI6jjFqJDAGe8MEDvOWqeSi6
=FHND
-----END PGP SIGNATURE-----

In article <pan.2004.12.13.11.36.51.981474@nowhere.com>, Leythos
<void@nowhere.com> wrote:

Each tool has a purpose, and, generally speaking, the better the
tool the more focussed the purpose. To this cowboy's mind, "All
combinations are pi'zen."

A suspect's online activity? Next thing you'll be talking about
"perps." I know I have chided you about having the attitude of
an Inspector Javert, but I am nonetheless surpised to see you so
completely live up to the stereotype.

But I really couldn't ask for more. You provide the
quintessential example of the "What have you got to hide?"
mentality which equates a desire for privacy with wrongdoing, or
even outright criminality. And it is evident you frame both the
questions of security and privacy (which you sloppily conflate)
in terms of "catching bad guys." Such misdirected ("aberrant"
would not be too strong a word) thinking is invaluable: Truly you
are the incarnation of Voltaire's dictum, "No one is completely
useless; even the worst can serve as a horrible example."

Regards,

PS Sorry (although only very slightly) to dump on you, but
you do such a wonderful job of setting yourself up that is nearly
irresistible not to lampoon you.

In article <QHALRKZ638334.7941203704@anonymous.poster>, anonymous@remailer.hastio.org wrote:
...snip accurate analysis...
Yep :-)

In article
<c58b8d5271da072a50009dd00f7ee5da@remail.amessage. info>, Max
Mustermann <anonymous@remail.amessage.info> wrote:

There are a number of full HD OTF encryption products available
for Windows (each with minor differences in features and warts).
They include:

Safeboot Solo (now discontinued but widely available as "low
risk" warez since the MD5 and SHA1 hashes of the clean program
are available)

Securstar's DCPP (Drivecrypt plus pack)

Utimaco's safeguard

Winmagic's Securedoc

And (free) Compusec

Unfortunately, none is open-source. (Truecrypt folks, are you
listening?)

You *can* encrypt an existing drive containing plaintext (which,
unless you fear a TLA, is more than sufficient) but the truly
paranoid (or high-risk folks) will encrypt to a virgin drive and
destroy, rather than heavy-duty scrub, the original plaintext
drive. After all, HDs are dirt cheap these days ($0.50 per
gigabyte or so).

With a full encrypted HD it is **essential** (let me repeat that:
ESSENTIAL) that you do backups of your data before encryption
and then regularly afterwards. Destroy the "before" version once
you're sure all is working right. The "after" backups (which
must be done regularly unless you are suicidally stupid - many
times more critical than for unencrypted drives) must themselves
be encrypted unless you make special arrangements to spirit them
out of the country, etc. Accordingly, the "after" backups are
best made as encrypted image versions using Norton Ghost (because
it offers the most fine-grained control) using the -ir option.
(Acronis, Paragon, etc. - despite being fine programs - do not
offer the subtle level of "to-the-metal" control of image backups
for encrypted HDs that Ghost does.)

Some will treat full OTF HD encryption as their only defence (and
it's a very strong one!). The truly paranoid will do "defence in
depth" with an encrypted container file nested within the
encrypted boot drive. In effect, this uses full OTF HD as the
major defence (which makes scrubbing a LOT less important - which
can possibly even be omitted) with the nested container file
encryption (Truecrypt recommended) for secure data as an
additional defence: the keep within the castle walls. Having
encryption from two different suppliers on different continents
gives considerable protection should one of them be backdoored by
the NSA, etc.

Regards,

PS The main objective is a very strong system to preserve
privacy that is NOT so complicated that it will be difficult to
use or that will tempt you to deviate from your security
protocols because of tedium and inconvenience. Full HD
encryption is marvellous in that respect - after initial setup,
one password/passphrase at bootup is all it takes. Turn the
computer off and you are instantly bombproof. No need to
discipline yourself to do a long, slow and complicated scrubbing
process in conjunction with every logoff.