Privacy of bookmarks with a live CD or other non-persistent system
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Privacy of bookmarks with a live CD or other non-persistent system
A non-persistent system such a live CD or non-persistent VM has many advantages such as leaving no traces of internet activity on hard disks. But one disadvantage is that it does not remember browser bookmarks added in a session. Unless you share bookmarks with Netscape Inc or whatever (bookmark sync), which is not very private. If maximum privacy is required, bookmarks can in theory be stored in a truecrypt container file that is held in cloud storage, so the remote server operator cannot see the bookmarks. In practise this runs into problems, you're either forced to put the entire browser profile in the truecrypt container and lose performance, or do what amounts to hacks with soft links that firefox is not happy with and at certain times deletes.
Any open-ended ideas what can be done to ensure privacy of the bookmarks when using a live CD or non-persistent VM so no trace is left of internet activity in the hard disk but new bookmarks are remembered?
If you are that interested in it, just save the links you need to a regular file and encrypt it, then place it in a persistent container (USB, for example).
You can always get the config folder of the browser you are using, tar it, encrypt it, and save it in the same fashion. For example, saving stuff in $HOME/.mozilla could do the trick. You would just have to copy it back to its intended place in the Live system after each reboot.
ftp ... # get truecrypt container file from a free ftp service like exavault.com
truecrypt ... # mount container
gunzip places.sqlite.gz ... # and put this in firefox's profile, it holds the bookmarks
gzip places.sqlite ... # put it back to the container
truecrypt ... # unmount container
ftp ... # put container back to ftp server
Would be nice if this kept the server up to date with every bookmark you add or modify while firefox is running. How can a script that runs in parallel with firefox be made to wait until firefox is exited (for one last update) and then exit?
You could mount a thumb drive as your ~/.mozilla folder or equivalent depending on browser. And your browser stuff including bookmarks goes there. Pros and cons as you'll need root access to mount the filesystem in some cases. And thumb drives are extremely slow. Although a lot of distros automount them these days. So a simple link "ln -s <existing> <new>" could do you. Which could be done as a user if your drive mounts automagically and you have write access to it (i.e. user id matches). Steps which you'd have to repeat everytime you boot the non-persistent distro.
Apart from performance, this also has the issue of traces left of internet activity on the thumb drive. Could link places.sqlite instead of the whole profile, and if firefox is happy with this, there is still the fact you are in physical possession of those private bookmarks. In a dictatorial regime you cannot deny they exist.
Whereas cloud storage can be accessed anonymously and it is on raid arrays too, not to mention backups. Could use 2 or 3 cloud storage providers too, simultaneously, in case one goes out of business.
If ftp is not wanted because it won't go through some anonymity services, is there a free storage service that can download and upload the tiny file of the bookmarks just as easily as ftp but by other means?
A local physical copy ensures that there's not 10k backups of your data, anywhere and everywhere, and in possession of everyone. There's only one physical copy that you can physically destroy or encrypt to some degree. Of course there's ISP packet logging and other tracking methods. So no matter what you do you're probably not as anonymous as you think.
Certainly, but do we mind that if they are encrypted?
computationally infeasible is the term used by the authors of encryption software. With enough computations, time is the only factor. And technology keeps advancing to make that time factor less infeasible.
Originally Posted by Ulysses_
Do you have a little more detail on this, as it is crucial? Isn't tor good enough? Intending to use tor to connect to a vpn service, so hostile exit nodes are not an issue. Can this be de-anonymized?
To use a stupid analogy. You go to your drug dealer in a disguise. Your pastor sees you leave your house in disguise. The pastors wife sees you enter the drug dealers house in disguise. Do you really think the disguise helped prevent them from knowing where you went?
If I'm dead of old age by the time they break my encryption I do not mind.
Regarding tor, are you suggesting that there is bound to be some collusion between all 3 tor servers and the vpn provider at some point in time, and only once is enough?
Computers get better. When I was a teen it took an hour to render 10 frames of 20 3D points in a 10px x 10px grid. 30-ish years later and video games render 1920x1080 pixels at 60fps while using 30% of a computers resources. You probably wont be "that" old when "they" catch up to you.
There doesn't have to be any collusion between tor, just someone watching at the source (your ISP) and some place "near" the destination. With enough technical prowess to know how to paint by number. TCP headers don't really change much, regardless of the packets contents. Or even if they do the packet content sans headers match, suspicion perked and link made. (if only in theory)
So TOR is probably like a big global honeypot by three-letter-agencies then. I can buy that. Maybe the Russians or other foreign nationals have found workarounds, maybe long chains of socks proxies that clean and obfsucate tcp packages are better than tor.