[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] What's written to HD?



On Sat, 17 Nov 2012 08:24:35 +0000 (GMT)
Dan Hughes <danhughes146@xxxxxxxxxxx> wrote:

> The question of swap files and hibernation raised by someone else is
> pretty fundamental. It's pointless and misleading just talking
> pedantically about disk cache as it doesn't matter to the user
> exactly what blows the gaff.
> 
> As far as I can tell: if you want to keep the computer clean, then
> use Tails. If you want to be anonymous, best bet is latest TBB. If
> you want both...then who knows ...
> 
> Some of you guys need a bit more understanding for us noobs who don't
> know what we're talking about.

You asked a technical question and got several technical answers. But if
you are asking to be patronised, here goes: Nobody on this list can
give you any guarantees about software they have neither written nor
audited. Nor can they give you any guarantees about a computer system
they don't administer, including yours. This isn't a pedantic
technicality, it's just fact. Having got that out of the way, here are
some things to consider:

Tor Browser doesn't write anything sensitive to permanent storage. What
your OS does is not under the control of the Tor Browser.

Tor Browser doesn't include Flash, so Flash concerns are irrelevant.
What standard Firefox (or any other browser) does is not under the
control of the Tor Browser.

What your OS chooses to write to its swap file(s) is not under the
control of the Tor Browser.

If you don't want your OS to use swap, then turn off swap. Most modern
systems have enough RAM to run perfectly well without it. How to
achieve this depends on what OS you're running. This is not under the
control of the Tor Browser. On some systems it is possible to use
encrypted swap, which is generally a good idea. It does reduce
performance under load, but if you're swapping heavily already that's
probably not your first concern.

If you don't want to write hibernation data, don't hibernate. This is
not under the control of the Tor Browser.

If you don't trust your proprietary OS (e.g. Windows, OS X), run
a free/open source one such as GNU/Linux or FreeBSD. This is not under
the control of the Tor Browser. It's not wise to trust proprietary
software with your anonymity. Many of the âopen questionsâ about what
is, or isn't, written to disk will be related to this point, and you
should take it seriously. You should assume that, given sufficient
incentive, Microsoft or Apple will implement any back door that Big
Brother desires. Again, this is not under the control of the Tor
Browser.

If you feel you would be safer running in a VM and deleting the entire
VM afterwards, you are free to do so. This is not under the control of
the Tor Browser. Please note that in general deleting a file does not
remove its contents from the underlying storage immediately. The
standard technique to compensate for this is to overwrite the file
in-place at least once before deleting (and many authorities will tell
you that once is not enough). Note that if you're running a log
structured or versioning file system (unlikely, but you haven't said
that you're not) then this trick just won't work.

Related to the above, secure deletion is near impossible to ensure on
an SSD (flash based main storage, as found in some high end laptops
but also in netbooks, tablets etc). If this bothers you (and if you're
using the above technique, it probably does), don't use an SSD; use a
traditional hard disk. This is not under the control of the Tor Browser.

If after considering all of the above you are still feeling paranoid,
remove all the writeable storage from your computer and run entirely
from a live CD/DVD (*not* a USB key; if you don't trust TBB not to
write to your main storage, you shouldn't trust it not to write to
anything; similarly, you will want to use a write-once medium, i.e. not
CD/DVDÂRW). This *does not have to be TAILS*. You can run many
GNU/Linux based OSes straight from their install DVDs (I recommend
Xubuntu for ease of use), install TBB into its ramdisk, and run from
there. The one TAILS feature you may miss is the cold-boot attack
mitigation. Therefore you'll want to remove the main memory chips from
the computer after you finish and incinerate them. Ok, that's a bit
extreme. You're probably fine if you just reboot and run something that
uses a lot of memory. Unless you think a cold-boot attack is likely
(i.e. you're actively being watched by a well prepared government
agency sitting outside your front door) then you probably don't need to
worry about that. In any case, this is not under the control of the Tor
Browser.

If your computer has been physically compromised, then even these
precautions may not save you. Have you ever let it out of sight at
airport security? Been arrested while carrying it? Found an intruder in
your home/office? Then all bets are off. Big Brother could have
discreetly installed some hardware which monitors what you're doing,
regardless of what's written to disk. This is not under the control of
the Tor Browser.

If all this is still too technical, then you may be putting yourself at
risk by using the Internet, ever. This really isn't something that the
Tor Browser, or any other software, can help with. If you're concerned
by your own lack of knowledge then book yourself into a computer
science course at your local college or university and take modules
related to operating systems, networks, security, cryptography and
semantics. Unfortunately this is an advanced field and declaring
yourself to be a ânoobâ doesn't change that. By all means if you have
more questions then ask them, but some things need an understanding of
more fundamental concepts before they make sense.


Regards,
Julian

-- 
3072D/F3A66B3A Julian Yon (2012 General Use) <pgp.2012@xxxxxx>

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk