[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] German police keylogger analysis (and the effects on Tor are....?)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 13.10.2011 23:51, katmagic wrote:
> On Thu, 2011-10-13 at 17:05 +0200, Andreas Bader wrote:
> On 13.10.2011 14:02, Karsten N. wrote:
>>>> Am 13.10.2011 08:39, schrieb William Wrightman:
>>>>> Is moving to Linux one solution?
>>>>
>>>> I agree with Adrew, there is no 100% solution.
>>>>
>>>> But you can do as much as possible to increase your security.
>>>>
>>>> Moving to Linux (or OpenBSD ;-) ) is one step.
>>>>
>>>> Full disk encryption is possible. For Debian or Ubuntu you can enable
>>>> full disk encryption at installation time. It does not need any
>>>> additional software. (I am not sure about other distributions.)
>>>>
>>>> For WIN you may use Truecrypt or Diskcryptor or other software for full
>>>> disk encryption. Since version 6.1 Truecrypt can use hardware tokens
>>>> together with pass-phrases.
>>>>
>>>> Live-CDs are a possible solution too.
>>>>
>>>> You may apply many steps and it will be better than doing nothing
>>>> because you can not get 100% security.
>>>>
>>>> Best regards
>>>> Karsten N.
>>>> _______________________________________________
>>>> tor-talk mailing list
>>>> tor-talk@xxxxxxxxxxxxxxxxxxxx
>>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>>>
>>>>
> Hello,
> I read lots of articles and analysis about the ?Bundestrojaner? (that´s
> how the german keylogger is called here). It seems like you don´t have
> to worry. It is more a virus construction kit than a virus. In
> accordance with the Chaos Computer Club they´ll need about 10 experts
> working 5 months just to develop and adapt one keylogger. It makes also
> sense to install one Linux Distribution. I use Ubuntu 11.04 on my second
> notebook, fully encrypted (can be choosen while the installation, just
> choose the ?alternate disc? to download). It is much more faster, more
> secure and just better then Win7.
> If you have to use Windows 7, try the Truecrypt Preeboot encryption. It
> is open source software and pretty authentic. With Truecrypt, you can
> also encrypt external drives. The most important part of the whole
> encryption thing is the password, choose it as long as possible. The
> only possibility to crack such an encryption is bruteforce, and using a
> long password will destroy this chance.
> So far.

> Though always a good idea, encryption doesn't protect against trojans.
> It may have limited effectiveness against incompetent attackers
> physically tampering with your system.



> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Encryption is always important if police or someone wants to analyzse
your drives. As far as I know is the trojan windows-only software, so
you should be pretty sure with an encrypted Ubuntu. Some Investigators
install the trojan by breaking into your house while you are not at home
and installing it manually at your computer. In this scenario, the
encryption would be an extra protection.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJOl7hhAAoJEL7Y0QyTZ3lXIqoIAIZKhnOIb+dmuCu/eLrm1Bi6
iPNd2sfQxP1fAVTZFft6+lyMn2x1V1jMaEDL8Pj3CW2RpNXuh6o86KeRstfSiRM2
OYzAX1V5yspsfsQqPTDFZyw7QtZc9i7EvQfQp8/iQB+RntJKF93V4R3BAs6teN8k
Lqa1Nx3DxmEjSaz5VoqGNA3dDRDIuQ+7xx4EySMS5dKhFvJpUzhn/kQ0phmsA1MD
oWrBwj9Ctl0D6MR2JDgVdVvQ+0r6YFYkG7MUzWWO5TkDAnWxtHGSaLaJH5NpI5it
rfPe/c2J/pM1zkVzSkAksf+baihRDJoNb6CAFA+Vxp5nIkNp1W3Q1/5YDV/uYS4=
=MY6A
-----END PGP SIGNATURE-----
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk