DBAN alternatives?

RemadERemadE Global Moderator
edited June 2011 in Tech & Games
So after the latest arrest of a mentally challenged child in the UK, I have got a twinge of paranoia. I don't partake in activities but like most on here, I have some sensitive files on my laptop (WIndows 7, I know. Hate away) but was wondering if, in the worst case scenario, there were any other alternatives to DBAN? I have blank CDs to burn to, so that's no issue. Not that I expected any to not be burnable to disk and boot. If anyone has any experience with DBAN or likewise, then please share.

Cheers.

Comments

  • edited June 2011
    Truecrypt your sensitive files, then when you need to delete it in a hurry you could do a Guttmann erase on it to zero all the data out. I realize that this doesn't nuke the whole HDD though.
  • AmieAmie Regular
    edited June 2011
    Many applications have the option of wiping files and free space. Ccleaner is one of them.

    Also, check the manufacturer of your harddrive's site, they often have a mid -level format utility somewhere.
  • LSA KingLSA King Regular
    edited June 2011
    trx100 wrote: »
    Truecrypt your sensitive files, then when you need to delete it in a hurry you could do a Guttmann erase on it to zero all the data out. I realize that this doesn't nuke the whole HDD though.



    This. To expand upon that I'd say don't even bother with DBAN. If you find yourself more likely to be in a situation where time and speed is of the essence than encryption REALLY is your best option. DBAN takes waaaaaaaay to long to zero out your entire hard drive. Hell, even with just normal Secure Wiping software for files/folders/free space it takes quite a bit of time.

    Don't waste your time with anything past the basic 1x overwrite (ie. overwritting existing data with just zero's). It is proven anything past is just a waste of time and either way whether you zero it out 1x or 35x it will require the same electromagnetic equipment to rebuild the data, and lots of time. Remember with ALL flash or SSD devices based on flash memory, the only way to securely delete files is to delete it like normal and then wipe the free space. Tests have shown anywhere from 1-6 wipes only are good up to roughly 13% secure deletion of the data and a max of 30% with Guttman. The only way to securely wipe those devices is to wipe the entire free-space.

    I started encrypting files, then it got troublesome and moved to folders, but really the best option is FreeOTFE if you ask me. You can run it off a USB drive, no admin privs needed. Do most of the basic virtual encrypted container stuff you can with TrueCrypt but with a far easier interface.

    I'd encrypt and drop all sensitive files in there, always dismount with not in use. Keep the key to open it on a flash drive hidden separately and use a software like O&O SafeErase for the simple purpose of deleting free space on your drive maybe once a month along with the habit of deleting EVERY file with the secure delete option. Also it can auto delete all sensitive browser shit if the feds were at your door, securely. My theory is if you get into the habit of deleting every single piece of data securely and then doing a free space wipe once a month if the feds DID try and do a recovery by some magic they'd see what I see, a shit load of securely wiped files. It would be a guessing game as to which they want to waste their time TRYING to rebuild.

    Same goes with encryption. I've heard stories where people would just randomly encrypt dummy files of all sizes and types throughout their PC to throw the Feds off from the real important encrypted file. Of course the keys to all those dummy files are destroyed but the one you have hidden for the real file that's important. Feds DO have software that can scan for folders/files that are suspected of being encrypted regardless of its name based off the encryption block size. So if you can't really hide something encrypted you might as well make a dummy trail :).
  • RemadERemadE Global Moderator
    edited June 2011
    Cheers for the input :) I have got DBAN on disk but yes, the reason I asked was because of speed. I was imagining if I had maybe 5 minutes maximum to erase a hard drive securely then what would be the best option.
    I do use TrueCrypt and have 3 encrypted files, one of which is a hidden volume on a USB drive and the other is on my other partition. I was thinking of just deleting them if need be, but they contain mostly ebooks or guides such as ones I've put here or from friends who have been arrested for reasons linked to said ebooks. Mostly to do with my "How to Riot" guide. CCleaner gets run at least once every few days and wipes free space with the Guttmann method which takes forever, but it gives me peace of mind. The worst times were when I browsed /b/ back in the days and there would be some bastard that posts CP and I would shit a brick that a thumbnail was on my hard drive somewhere :facepalm:
    Looks like I know what to do now. When you talk about dummy files, do you literally mean a few smaller, but viably sized TrueCrypt or equivalent files/volumes scattered on a hard drive to waste time? Sounds pretty good actually.
  • LSA KingLSA King Regular
    edited June 2011
    RemadE wrote: »
    When you talk about dummy files, do you literally mean a few smaller, but viably sized TrueCrypt or equivalent files/volumes scattered on a hard drive to waste time? Sounds pretty good actually.


    Yeah, it depends on which encryption style you're using. Some programs only do folders, some do files, some do containers (FreeOTFE/TrueCrypt/etc.). Whichever method you decide to make your encryption de facto standard that's the best method to obscure anyone hunting down encrypted files/folders/volumes. So if you chose to just encrypt each individual file, having 5-10 variable sized files placed randomly throughout the computer would work. If it was folders same applies, and if it was volumes I'd do the same (if disk space permits). So for my "Questionable" volume I have a set size limit of 30GB. I might consider having a 500MB, 5GB, and 10GB volumes that are encrypted with no actual use while the 30GB is the one I would actually be using. With TB sized hard drives for pennies on the dollar space shouldn't be a huge problem as long as you're not encrypted all your warez which would be easier to just securely zero out than waste hundreds of GB on a drive. It's all about your personal security plan you feel most comfortable and how paranoid you are. Really, its all about freedom vs prison when it comes down to it regardless of whether its secret government files, child porn, or warez. All are criminal and prosecutable if caught.
  • RemadERemadE Global Moderator
    edited June 2011
    Cheers for the pointers, LSA. +10 for you :thumbsup:
  • SpiffSpiff Regular
    edited June 2011
    Why not just set a thermite pot with a switch fuse on the sucker? That way, flick a switch and you won't have to worry about them restoring your data. It'll probably burn your house down also.
  • LSA KingLSA King Regular
    edited June 2011
    Spiff wrote: »
    Why not just set a thermite pot with a switch fuse on the sucker? That way, flick a switch and you won't have to worry about them restoring your data. It'll probably burn your house down also.


    Probably for the same reason not giving the feds your encryption key. You'll go to prison either which way. However, last I checked the law is currently set to a max of 1 year in jail/prison for not giving the government your encryption key. It's like denying law enforcement into your home when they have a warrant, you'll get arrested and prosecuted under the law, similar statues apply. Now, if you physical destroy evidence on-site during a law enforcement operation you'll be tried and most likely convicted for "attempting to or destroying evidence" which carries a higher penalty than anything prior.

    Most people using encryption are hiding sensitive information that carries a worse penalty and higher prison sentence if given, hence you'd best to suck up the penalty for not giving them the key. You can also use deniability when it comes to knowing the passkey, however, under those pretenses you have to not have opened or accessed the file for a unknown time frame to be used in court.

    tl;dr - Not giving the Feds your password/encryption key carries a lower sentence and a clean record of any possible crime that the file may or may not contain, while destroying evidence on-site would be far more noticeable and carries a significantly higher penalty for destroying evidence. This is why I recommend getting in the habit of securely wiping every file you delete in case all you have the ability to do is overwrite with zero's once on the file before feds kick in door.
  • edited June 2011
    I really need to set myself up with a secure deletion plan or something. I keep some stuff encrypted but probably not nearly as much as I should do, probably just down to laziness really. Then again, I'm not sure what the cops would think if they were to seize my computer. I don't really have anything particularly sketchy on there other than E-Books, backups of my Totse guides and stuff. Permanent private browsing, I use TOR all the time and there's nothing exactly logged/saved to my computer.

    I dunno, I'll probably set up another Truecrypt container in a little while :)
Sign In or Register to comment.