[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] observation: Browser bundle & secure files deletion



On 10/4/2011 9:22 AM, Julian Yon wrote:
On 04/10/11 15:00, Advrk Aplmrkt wrote:
I had the exact same question about secure delete. Also, securing
wiping the computer's memory is important, as sensitive data could be
recovered from RAM even *after* power off...
TAILS handles this: http://tails.boum.org/

Using TAILS may involve a compromise, as it seems to still be on FF 3.5,
whereas TBB has moved on. Like any security issue you would have to make
a decision based on your own threat model.
Thanks to both.
Advrk - Good point. I'm no pure expert, but seems I've read if computer is POWERED off for ? several minutes, most RAM will be cleared. Even if true, it's a bit inconvenient. IMO, the RAM issue doesn't have as much widespread potential impact as things like cache & other files not being securely deleted. ** I see that default Cache Space in Aurora is set = 0. What about people w/ slower machines that REALLY need cache? Of those needing it, I'd guess a good number * need * to securely delete it, whether they're aware or not.

Julian - TAILS handles what? Clearing RAM or securely deleting files in FF containing personal data? TAILS may be GREAT, but TBB users probably shouldn't have to rely on 3rd party apps to be secure (esp. in countries where using TBB, that the whole point of using it is (close to) complete anonymity & therefore security. They probably shouldn't have to use a 3rd party wiping prgm. Leaving files behind w/ incriminating info (from a repressive gov'ts view) isn't secure or anonymous.

Regarding deciding on your threat model - one of my points is, even many Tor / TBB users don't KNOW anything about secure / insecure deletion of certain files when TBB is closed. This could also involve Vidalia / Tor files in TBB. Some don't know what a threat model is. If we're assuming only advanced users should be using Tor / TBB, then everything's fine. I'm almost positive that's NOT the developers' assumption / position.

I haven't investigated far enough yet to know what TBB / Aurora will do if under Options > Privacy, you check the box: "Clear history when Aurora closes," then UNcheck most of the items under the settings. Then after closing TBB, use a wiping prgm w/ pre configured task to wipe the files / folders you want. Again, avg users would have to be instructed - in plain language - not computer speak. A lot of users would * need help * knowing which files to delete that might contain personal / private data.

Perhaps a list of all files potentially containing personal / private / browsing data could be listed - VERY PROMINENTLY - where all users would see it & some instructions on how to securely delete them. Firefox no longer shows the "Delete Private Data" box at shutdown, but an addon "Ask For Sanitize" brings back that box, so one can see / change what's being (insecurely) deleted at shutdown. Or choose not to delete anything, then use a wiping prgm to del files.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk