Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You have to enter a password, and now your file is encrypted.
-------------------------------------------------------------------------------------
A few days later, you want to watch again your performance as an actor and director.
your guide should also have a quick and dirty explanation on how to have an encrypted filesystem and/or partition, as relying solely on the method you have provided so far would leave one vulnerable to forensic recovery of the original non-encrypted file...
by using an encrypted filesystem, there would have never been an un-encrypted original file in the first place...
if your guide is exclusively for use on non-encrypted filesystems, then IMHO you should at least provide a note on how to make sure the original file is completely destroyed...
also, IMHO using a filename such as secrets.tar.gz in your guide might be more appropriate than the explicit scenario you are currently using...
You're right, TruckStuff.
What i had in mind was a mini-guide to encrypt a file in order to send it over internet.
I was suprised when i searched around and didn't find any quick answer about it.
So i wrote this thread and named it "quick and dirty".
I put some humor in it because i think it's a serious subject.
If someone can answer your questions later on this thread, win32sux, then i'll be happy to read it.
Last edited by Linux.tar.gz; 03-24-2005 at 07:20 PM.
Of course the question of the 'paper trail' to and from the hidden treasure is paramount in maintaining secrecy, or at least legal immunity from prosecution. (Although I think you can make and own all the porn you want in France! as in the example...)
In a Windows environment there are some simple and practical things people can do:
(after offloading your naughty pics onto a CD or DVD which can be hidden in your boss's/landlord's/worst enemy's garage for safekeeping, once your prints are wiped off)
(1) Copy lots of crap onto your hard drive.
(2) Delete all copies of naughty files from your hard drive.
(3) Defragment the hard drive.
(4) Copy back a huge directory of boring photos of your grandparents back onto the drive.
(5) delete grandma's teddy-bear catalog and repeat cycle as necessary.
(6) Prevent low-level recovery of file-traces with a program like GRC.COM's Hard Drive repair kit.
Note: Since simple solutions like this are only practical for DATA drives/partitions, Don't download or store sensitive material on your OS partition or drive. This is trickier than it seems, since many programs store temporary files by default in your system areas.....
(a) Notice its more important to store your 'private garbage' off-site and off of your computer than worry about encryption, for legal purposes. Possession of illegal goods is nine-tenths of a conviction.
(b) In your aquisition/transport/storage cycle, it is more important to keep any vulnerable time-window as short as possible, and have all systems 'clean' while in stand-by between operations, and post a lookout, than worry about encryption of data.
(c) In your aquisition and transport process, it is more important to not leave an obvious trail to you, whether you keep your 'porn' at home, on your computer, or encrypted or not. That is, up/download it on someone else's machine, and make sure the activity is not traceable back to you via money receipts or security cameras.
Three final points:
(1) In the post-911 era, the authorities are a lot less worried about your personal rights re: search & seizure and the question of *how* the evidence was acquired. It would be awfully foolish for the average porn addict to rely on the noble concept of respect of personal rights in the real world.
(2) Most courts in most countries give barely more than lip-service to the concept (already a cute rarity) of "innocent until proven guilty". Anyone with real court experience knows that nine-tenths of a conviction in the real world is being charged, and plea-bargaining with a guilty plea, to make lawyers money, save the authorities face, and wreck your life in the process cause no one gives a damn. Only rich aholes can afford to dream about 'trials'.
(3) If it isn't the authorities you're hiding the file from, keep in mind that there is no secret a short ride to a warehouse and a blowtorch can't reveal...Is it all worth it?
I don't know what you would do for the home drive in a Linux Environment, perhaps someone could explain what you can do to address these issues in a Linux file system etc.
Last edited by penguinlnx; 03-25-2005 at 02:45 PM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
Quick and dirty cryptography guide.
