Bitcoin Forum
November 17, 2024, 05:44:16 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Hard Drive Encryption and Steganography, looking to increase opsec  (Read 155 times)
KonstantinosM (OP)
Hero Member
*****
Offline Offline

Activity: 1492
Merit: 763


Life is a taxable event


View Profile
December 19, 2019, 03:36:29 PM
Merited by DdmrDdmr (2), TMAN (2), OgNasty (1), ABCbits (1), o_e_l_e_o (1), Heisenberg_Hunter (1)
 #1

Is veracrypt a good tool? I'm looking for something legit to make it so that everything on my PC is a little more protected. I'm sure that I don't have a lot of unprotected crypto but I feel like another layer of security would drastically improve things.

Say that someone steals my computer or gains access. If it shuts down and everything is encrypted, it would stop the information leak that would cause, perhaps prevent some 2-factor, email + password reset or e-mail change sort of hacks into random accounts that I may have.

So I'm looking for tools that can keep my PC and potentially encrypted while in an off or locked state. Same for external HDDs.

Any recommendations?

The first thing I found googling was veracrypt. Is it any good?

Syscoin has the best of Bitcoin and Ethereum in one place, it's merge mined with Bitcoin so it is plugged into Bitcoin's ecosystem and takes full advantage of it's POW while rewarding Bitcoin miners with Syscoin
DdmrDdmr
Legendary
*
Offline Offline

Activity: 2506
Merit: 11062


There are lies, damned lies and statistics. MTwain


View Profile WWW
December 19, 2019, 04:09:55 PM
 #2

<…>
If you’re using Windows 10 pro or enterprise, you can use Bitlocker which comes with the system. You need to have a TMP (Trusted Platform Module) on your computer, but it seems you can bypass the TMP requirement applying a Group Policy change. The solution is Microsoft’s so there’s that (i.e. allegedly there are no backdoors, but once cannot be certain). You can encrypt removable drives (usbs,drives).  I personally use Bitlocker with on one of my laptops.

Note: I have not looked into veracrypt, so I can’t venture to speak on that particular solution.
ABCbits
Legendary
*
Offline Offline

Activity: 3066
Merit: 8090


Crypto Swap Exchange


View Profile
December 19, 2019, 05:34:50 PM
Merited by DdmrDdmr (2), Husna QA (1), o_e_l_e_o (1)
 #3

VeraCrypt is best option, but if you're linux user, you can use built-in encryption option (LUKS or LUKS2)

If you’re using Windows 10 pro or enterprise, you can use Bitlocker which comes with the system.

I wouldn't trust BitLocker since AFAIK it's closed source and has been cracked few times previously.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
DdmrDdmr
Legendary
*
Offline Offline

Activity: 2506
Merit: 11062


There are lies, damned lies and statistics. MTwain


View Profile WWW
December 19, 2019, 06:40:58 PM
 #4

<…> I wouldn't trust BitLocker since AFAIK it's closed source and has been cracked few times previously.
Yes, seen a few claims, and dictionary based attack software solutions. Seems harder to do if the TMP is present (seen some hardware tricks too to try to bypass this), although ideally it should obviously be faultless.

Note: It’s a corporate standard where I’m at. Good enough I guess for prying thieves or stray laptops, but not 100% watertight according to info around the www.
KonstantinosM (OP)
Hero Member
*****
Offline Offline

Activity: 1492
Merit: 763


Life is a taxable event


View Profile
December 25, 2019, 04:52:56 AM
 #5

I just want to say I started with Veracrypt. I'm loving it so far and I'll probably donate to them in the future.

I like how this tool, seems to want to teach you more about security as you use it.

Here's something that popped up that's really relevant to bitcoin:

"Wipe Mode"
"On some types of storage media, when data is overwritten with other data, it may be possible to recover the overwritten date using techniques such as magnetic force microscopy. This also applies to data that are overwritten with their encrypted form (which happens when veracrypt initially encrypts an unencrypted partition or drive).

According to some studies and governmental publications, recovery of overwritten data can be prevented (or made very difficult) by overwriting the data with pseudorandom and certain non-random data a certain number of times. Therefore, if you believe that an adversary might be able to use such techniques to recover the data you intend to encrypt, you may want to select one of the wipe modes (existing data will not be lost). Note that wiping will NOT be performed after the partition/drive is encrypted. When the partition/drive is fully encrypted, no unencrypted data is written to it. Any data being written to it is first encrypted on the fly in memory and only then is the (encrypted) data written to the disk"





Personally whenever I encrypted a file in the past I felt a little silly, knowing that someone could just use testdisk and find the unencrypted data there. This addresses this issue to a certain extent.

edit: typos

Syscoin has the best of Bitcoin and Ethereum in one place, it's merge mined with Bitcoin so it is plugged into Bitcoin's ecosystem and takes full advantage of it's POW while rewarding Bitcoin miners with Syscoin
Aveatrex
Sr. Member
****
Offline Offline

Activity: 840
Merit: 375



View Profile
December 25, 2019, 05:15:53 AM
Merited by PrimeNumber7 (1)
 #6

snip
Veracrypt is pretty good from my own experience.Just please don't forget your password when you encrypt your hard drives like I did once (learned it the hard way I guess) it wasn't a hard drive but just a file and I lost some ETH during this dumb process but at least now I'm convinced that you truly cannot breach a legit encrypted file Smiley






░░░▄▀█░░░▄░▄▄░▄░░░█▀▄
▄▄▄▀▀██▀░█▐▌█ ▀██▀▀▄▄▄
▐▌░░░▐▀░▄▀░▐▌░▀▄░▀▌░░░▐▌
▐▌░░░█░░▄▀▄▐▌▄▀▄░░█░░░▐▌
▐▌░░░█░░▀▄░▀▀░▄▀░░█░░░▐▌
▐▌░░▄░█▄░▀▄▐▌▄▀░▄█░▄░░▐▌
▐▌░█▄█░░▀▀▀██▀▀▀░░█▄█░▐▌
▐▌░░░░░░░░░░░░░░░░░░░░▐▌
▐█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█▌
▀▀▀▀▀▀▀█▀▀▀▀▀▀█▀▀▀▀▀▀▀
░░░░░░░▀▀▀▀▀▀▀▀▀▀
.
░░░░░░░░░░░░░▄█▄░░░░░░░▄█▄
░░░░░░░░░░░░░░░░░▄█▄░░░
░░░░▄▄▄▄▄░░░░░░░░░░░░░
░░█▀▄▄▀▄▄▀█░░░▐▌▐▌
░░░░░░░▐▌▐▌
░░░░░░░░█▄░░░░▄█
█▄█▄▄▄▄▄█▄█░░░░▄▄▀▀▀▄▄
░░░░▄▄▄░░░░░▄▀▄██▀█▌▀▄
░░░██▄██▄▄█▀█▌█▐█▄█▌█▐█
░░░░█▄▄▄▄▄█▄█▌█▐█▄█▌█▐█
░░░░█▄█░░░░░█▄▄█▄█▄█▄█
▀▄▄▄▄▄▄▄▄▄▄▀░░░▀▀▄█▄█▄▀▀
.


░░░██▄▄░░██░██
▄▄░░░░░▀█░█▄▐▌░░░░░▄▄▄
▀▀▀▀▀▀▀█▐▌▄█▐▌░░░░█░▀▀
░░░░░░█▀▄▄▄▄▄▄▀▀▀▀░░▄▄
░░░░░░█░▀▀▀▀▀▀▄█▀▀▀▀▀▀
░░▄▄▄▄▄░▄▄▄▄▄▄▀▄
░░▀▀░░█▄▀▀▀▀▀█▄▀
░░░░░░░█▐▌▀█░█
██▀▀▀▀▀▀▐▌░█░░▀▀▀▀▀▀█
░░░░░░░░██░░▀▀▀▀▀██░██
.
PrimeNumber7
Copper Member
Legendary
*
Offline Offline

Activity: 1666
Merit: 1901

Amazon Prime Member #7


View Profile
December 26, 2019, 06:05:26 AM
Merited by KonstantinosM (2)
 #7

Say that someone steals my computer or gains access. If it shuts down and everything is encrypted, it would stop the information leak that would cause, perhaps prevent some 2-factor, email + password reset or e-mail change sort of hacks into random accounts that I may have.
I want to point out that if your computer is "on" (and unencrypted) when an adversary gains access to your computer, your adversary may be able to obtain the decryption keys that are being stored in RAM (memory). If an adversary gains access to your decryption keys, they can later bypass any full disk encryption you are using fairly trivially.

This means if your computer is "on" (and your hard drive is unencrypted), you will need to be warned long enough in advance for a) you to react to the warning to understand what is happening and start (and) b) either cutoff power or shutdown your computer (which may involve physically removing the battery if using a laptop) before an adversary will be in a position to physically separate you from your computer.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!