Worried? Try an encrypted bubble
p2p news / p2pnet: With as many PC-geeks like myself out there, we’re all caught up in what legal changes are happening in the world and wonder how we can protect ourselves.
What’s the biggest risk when someone gets raided by the MPAA/RIAA/etc? Their logs on their PCs and the files they downloaded. Even if they’re good and delete the files they downloaded, a lot of people forget to clear their logs, including the fact that when you search with various p2p clients, they cache your search results on your PC..
So, it seems like a simple concept but – what needs to be done is this:
Create an encrypted bubble you can work within and if, for any reason, your PC is turned off, the data you were accessing become locked down and hidden to anyone looking at your PC.
This is actually a lot easier than it sounds and an open source program I ran across the other day made it painfully simple. It’s called truecrypt.
With this program, create a volume with whichever form of encryption you feel you need. After creating the volume, you can mount it just like using a virtual drive and mounting a cd/dvd iso.
The great part here though – after you’ve mounted the drive you could install something like dc++ and set your download temp and completed folders as well as your share and logs all inside this nice protected area.
Heck, if you’re a hubowner, since this partition writes in real time and hasn’t shown any lag that I’ve noticed, I’d DEFINITELY run the hubware/mysql/etc from inside this bubble of protection too – then if your PC gets taken, all that’s going to be found is an unnamed chunk of heavily encrypted data. And if they’re going to try to use anything against you, they’re going to have to decrypt data that could take them hundreds/thousands of years to brute force into. By then, you’re dead. So who cares?
This would work well for a dozen other types of information you want to protect – but I’ll leave the ideas to you on where you see the limitations on this.
Please note, I do not condone any illegal use of this information, but I despise people’s rights being stepped on and thought I’d bring this suggestion to light.
Of course, a good data wipe utility can go a long way but for data you ‘have’ to keep, this might be the answer for you.
Just my 10 cents,
_-Jile-_
February 23rd, 2006 at 7:53 pm
Does the fact that Truecrypt is Open Source Software make it a little easier to crack the encryption once you’ve seen the engine. This is not a case of security by obscurity, I can tell. I guess I better give it my own shot.
February 24th, 2006 at 12:36 pm
Actually,the algorithm(details of inner working) of cryptography used today are all available on the internet.The “security” of cryptography nowaday comes from hinding the “key” used to seal the data,not from hinding algorithm from others(actually they are open to the world).In short,you(attackers) have algorithm,but you have no key,you get nothing.
However Truecrypt does not protect you from being sued by RIAA etc.Truecrypt only protect “content” of the data,it does not remove the “proof of existence” of the data.Even Truecrypt successfully hide the file you downloded,how about the swap file remain in C:?How about system registry?How about hidden Application data folder?
The main problem of Truecrypt is that it cannot boot drive,which most logs reside.
February 24th, 2006 at 1:51 pm
I do that for years with sensitive data. T r u e C r y p t is an amazing product and it is FreeWare!