LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   How to get rid of threatening file history? (http://www.linuxquestions.org/questions/linux-security-4/how-to-get-rid-of-threatening-file-history-4175474205/)

Timatekore 08-21-2013 07:13 PM

How to get rid of threatening file history?
 
Howdy folks,

I am using TrueCrupt 7.1a under Suse 12.3 and for added safety I specified a keyfile for my TC Volume.
That keyfile was carefully renamed by me and hidden among all kinds of other files, to obfuscate it.
And now imagine how grateful I am that, even so TC doesn't remember my last opened file (since I unchecked the "Remember History" option), the Linux operating system does it for me, and *always* displays the list of last used files to select from.

This of course makes utter waste of any obfuscation attempt of mine, when naming/placing the key file - I'd call that a brain damaged "feature" design, specially since I seem to be unable to erase that "used file history".

Anyone got any idea how to remove that file history altogether, and possibly prevent it from being created in the first place?

GlennsPref 08-21-2013 07:51 PM

1 Attachment(s)
I'm using sweeper, see screen shot...(kde4)

Timatekore 08-22-2013 02:10 AM

Quote:

Originally Posted by GlennsPref (Post 5013500)
I'm using sweeper, see screen shot...(kde4)

As do I, but that dreaded file list just keeps popping up, like a bad habit.
I tried almost every "KDE privacy cleanser" I could come up with, but that darn list won't go away.
Did the NSA design that "feature" or what?

pan64 08-22-2013 02:29 AM

I think it is your default file manager (or similar) application, and you can find a .<something> dir in your home containing that info.
Also you can try to rename that file again and check if it was still remembered.

Timatekore 08-22-2013 08:02 AM

Jeez Louis, I've got hundreds of File Managers, Editors and the like installed on my box.
I can't manually inspect each & every subdir they've ever created.
Isn't there a simpler way to figure out where this info is being stored?

pan64 08-22-2013 08:04 AM

probably grep -R will work in your home

GlennsPref 08-22-2013 04:54 PM

I'm thinking you may need to decrypt the fs or file before you can remove it.

TrueCrypt 7.1a, ...

I tried encryption with win7, when I first got it, and was repartitioning and formatting in no time, lol!


Good luck, Glenn

GlennsPref 08-22-2013 08:56 PM

Ahhh? That's not right, getting carried away.
 
Quote:

Originally Posted by GlennsPref (Post 5014064)
I'm thinking you may need to decrypt the fs or file before you can remove it.

TrueCrypt 7.1a, ...

I tried encryption with win7, when I first got it, and was repartitioning and formatting in no time, lol!

Good luck, Glenn

That's not right, getting a bit confused/carried away.

with kde4, all the rc files, or nearly all, have a recently used line/list.

look here...for the program name. substitute 'glenn' for your $USER

/home/glenn/.kde4/share/config/

and...

/home/glenn/.kde4/share/apps/RecentDocuments/

BlackRider 08-25-2013 03:48 AM

If you want security, you need to encrypt the system as a whole. Otherwise, leaks to /tmp, swap, various filesystems or several history registries are nearly unavoidable. Full encryption ensures they will have to crack the whole system or be able to access nothing at all. Even managing to delete the file list does not ensure it won't be recovered with forensic tools.

I agree that many applications make it very hard to delete or disable this kind of history registries. That sucks.


All times are GMT -5. The time now is 07:47 AM.