On Sat, 17 Nov 2012 08:24:35 +0000 (GMT) Dan Hughes <danhughes146@xxxxxxxxxxx> wrote: > The question of swap files and hibernation raised by someone else is > pretty fundamental. It's pointless and misleading just talking > pedantically about disk cache as it doesn't matter to the user > exactly what blows the gaff. > > As far as I can tell: if you want to keep the computer clean, then > use Tails. If you want to be anonymous, best bet is latest TBB. If > you want both...then who knows ... > > Some of you guys need a bit more understanding for us noobs who don't > know what we're talking about. You asked a technical question and got several technical answers. But if you are asking to be patronised, here goes: Nobody on this list can give you any guarantees about software they have neither written nor audited. Nor can they give you any guarantees about a computer system they don't administer, including yours. This isn't a pedantic technicality, it's just fact. Having got that out of the way, here are some things to consider: Tor Browser doesn't write anything sensitive to permanent storage. What your OS does is not under the control of the Tor Browser. Tor Browser doesn't include Flash, so Flash concerns are irrelevant. What standard Firefox (or any other browser) does is not under the control of the Tor Browser. What your OS chooses to write to its swap file(s) is not under the control of the Tor Browser. If you don't want your OS to use swap, then turn off swap. Most modern systems have enough RAM to run perfectly well without it. How to achieve this depends on what OS you're running. This is not under the control of the Tor Browser. On some systems it is possible to use encrypted swap, which is generally a good idea. It does reduce performance under load, but if you're swapping heavily already that's probably not your first concern. If you don't want to write hibernation data, don't hibernate. This is not under the control of the Tor Browser. If you don't trust your proprietary OS (e.g. Windows, OS X), run a free/open source one such as GNU/Linux or FreeBSD. This is not under the control of the Tor Browser. It's not wise to trust proprietary software with your anonymity. Many of the âopen questionsâ about what is, or isn't, written to disk will be related to this point, and you should take it seriously. You should assume that, given sufficient incentive, Microsoft or Apple will implement any back door that Big Brother desires. Again, this is not under the control of the Tor Browser. If you feel you would be safer running in a VM and deleting the entire VM afterwards, you are free to do so. This is not under the control of the Tor Browser. Please note that in general deleting a file does not remove its contents from the underlying storage immediately. The standard technique to compensate for this is to overwrite the file in-place at least once before deleting (and many authorities will tell you that once is not enough). Note that if you're running a log structured or versioning file system (unlikely, but you haven't said that you're not) then this trick just won't work. Related to the above, secure deletion is near impossible to ensure on an SSD (flash based main storage, as found in some high end laptops but also in netbooks, tablets etc). If this bothers you (and if you're using the above technique, it probably does), don't use an SSD; use a traditional hard disk. This is not under the control of the Tor Browser. If after considering all of the above you are still feeling paranoid, remove all the writeable storage from your computer and run entirely from a live CD/DVD (*not* a USB key; if you don't trust TBB not to write to your main storage, you shouldn't trust it not to write to anything; similarly, you will want to use a write-once medium, i.e. not CD/DVDÂRW). This *does not have to be TAILS*. You can run many GNU/Linux based OSes straight from their install DVDs (I recommend Xubuntu for ease of use), install TBB into its ramdisk, and run from there. The one TAILS feature you may miss is the cold-boot attack mitigation. Therefore you'll want to remove the main memory chips from the computer after you finish and incinerate them. Ok, that's a bit extreme. You're probably fine if you just reboot and run something that uses a lot of memory. Unless you think a cold-boot attack is likely (i.e. you're actively being watched by a well prepared government agency sitting outside your front door) then you probably don't need to worry about that. In any case, this is not under the control of the Tor Browser. If your computer has been physically compromised, then even these precautions may not save you. Have you ever let it out of sight at airport security? Been arrested while carrying it? Found an intruder in your home/office? Then all bets are off. Big Brother could have discreetly installed some hardware which monitors what you're doing, regardless of what's written to disk. This is not under the control of the Tor Browser. If all this is still too technical, then you may be putting yourself at risk by using the Internet, ever. This really isn't something that the Tor Browser, or any other software, can help with. If you're concerned by your own lack of knowledge then book yourself into a computer science course at your local college or university and take modules related to operating systems, networks, security, cryptography and semantics. Unfortunately this is an advanced field and declaring yourself to be a ânoobâ doesn't change that. By all means if you have more questions then ask them, but some things need an understanding of more fundamental concepts before they make sense. Regards, Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) <pgp.2012@xxxxxx>
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk