CKA Forums :: Limits on FBI access to search histories fails by one Senate

And the US just got a little less free.

DrCaleb DrCaleb:

And the US just got a little less free.

It did. And some of us are using non-US encryption these days. So fuck the FBI.

BartSimpson BartSimpson:

DrCaleb DrCaleb:

And the US just got a little less free.

It did. And some of us are using non-US encryption these days. So fuck the FBI.

Sadly wouldn't help. Your browser history is stored on your system if you use encryption, incognito mode, or delete search history. It's recoverable, I learned how to do it in forensic training.

Only way to stop it from being discovered is to forensically wipe a drive. Part of why when anyone on my team goes to the U.S. (especially to hacking conferences) they use a forensically wiped machine with a bone stock image of whatever OS, set up what they need in the U.S., and then wipe and re-image before coming back over the border.

Now looks like we might to run with flash drives that will wipe drives on boot.

Laptops at my work are encrypted from boot up. No password, no boot.

Still recoverable?

I would never take an electronic device to the US. Even though it's been found to be illegal to copy devices, I'd bet they do it anyhow.

https://www.npr.org/2019/05/02/71933735 ... ic-devices

DrCaleb DrCaleb:

Laptops at my work are encrypted from boot up. No password, no boot.

Still recoverable?

At the border, yeah. They can force you to input your password and unlock it or deny you entrance into the country.

$1:

I would never take an electronic device to the US. Even though it's been found to be illegal to copy devices, I'd bet they do it anyhow.

https://www.npr.org/2019/05/02/71933735 ... ic-devices

We don't really have a choice when travelling to a hacking conference. It's kind of necessary to have a system there.

Which is why I'd never take a device there.

I'd also put my cache on a ramdrive or in /proc somewhere. Right now using a read-only virtual image is my go-to.

If you haven't tried Oracle Virtualbox, I recommend it. (even though its from Oracle)

I've often wondered if you could courier it to your hotel, or use Dropbox for the data that isn't standard image.

Because OS's are stupid, they don't properly over write deleted data, they just delete the links to it. So the hex values can be recovered an dumped back into full functional files. Read only image could work, but again, while doing stuff like CTF events, we're having to often install/grab software on the fly.

$1:

I've often wondered if you could courier it to your hotel, or use Dropbox for the data that isn't standard image.

I'd just have a vpn credential to a home server to grab software needed. Veracrypt a flash drive with a duress partition if forced to unlock it. Might be able to do that with a full system drive, I've never tried to run a full system veracrypt with a normal and duress partition, both running an OS. Might give that a shot now.

OS's always have done that. I remember writing ROM BIOS routines to find the 'deleted' file chains and restore them, back in the 80s. Trivial code. Much faster to delete the FAT entry and let it get overwritten naturally rather than scrub it.

I always have some sort of VPN back into my NAS at least, for when there is something I need when I'm not at home. It's saved me hours of time more than once.

That's also why I suggest a virtual image. Easy to store in free cloud storage (IBM offers the largest, 20GB IIRC) and you can use freely downloadable software to run the image from a standard build machine.

Oh thank you Bernie Sanders for defending the 4th Amendment privacy rights BY VOTING.....

oh wait.

Controlled Opposition, paid in full.

No refunds, bitches. :twisted:

Oh thank you Bernie Sanders for defending the 4th Amendment privacy rights BY VOTING.....

oh wait.

Controlled Opposition, paid in full.

No refunds, bitches. :twisted:

Author:	Newsbot [ Thu May 14, 2020 9:30 am ]
Post subject:	Limits on FBI access to search histories fails by one Senate
Title: Limits on FBI access to search histories fails by one Senate vote Category: Uncle Sam Posted By: DrCaleb Date: 2020-05-14 09:28:57

Author:	DrCaleb [ Thu May 14, 2020 9:30 am ]
Post subject:
And the US just got a little less free.

Author:	raydan [ Thu May 14, 2020 9:49 am ]
Post subject:	Re:
DrCaleb DrCaleb: And the US just got a little less free. Give them more guns and they won't even realize it.

Author:	BartSimpson [ Thu May 14, 2020 10:04 am ]
Post subject:	Re:
DrCaleb DrCaleb: And the US just got a little less free. It did. And some of us are using non-US encryption these days. So fuck the FBI.

Author:	Tricks [ Thu May 14, 2020 10:30 am ]
Post subject:	Re: Re:
BartSimpson BartSimpson: DrCaleb DrCaleb: And the US just got a little less free. It did. And some of us are using non-US encryption these days. So fuck the FBI. Sadly wouldn't help. Your browser history is stored on your system if you use encryption, incognito mode, or delete search history. It's recoverable, I learned how to do it in forensic training. Only way to stop it from being discovered is to forensically wipe a drive. Part of why when anyone on my team goes to the U.S. (especially to hacking conferences) they use a forensically wiped machine with a bone stock image of whatever OS, set up what they need in the U.S., and then wipe and re-image before coming back over the border. Now looks like we might to run with flash drives that will wipe drives on boot.

CKA Forums http://www.canadaka.net/forums/

Limits on FBI access to search histories fails by one Senate http://www.canadaka.net/forums/current-events-f59/limits-on-fbi-access-to-search-histories-fails-by-one-senate-t124233.html	Page 1 of 1

Author:	DrCaleb [ Thu May 14, 2020 10:36 am ]
Post subject:	Re: Re:
Tricks Tricks: BartSimpson BartSimpson: DrCaleb DrCaleb: And the US just got a little less free. It did. And some of us are using non-US encryption these days. So fuck the FBI. Sadly wouldn't help. Your browser history is stored on your system if you use encryption, incognito mode, or delete search history. It's recoverable, I learned how to do it in forensic training. Laptops at my work are encrypted from boot up. No password, no boot. Still recoverable? Tricks Tricks: Only way to stop it from being discovered is to forensically wipe a drive. Part of why when anyone on my team goes to the U.S. (especially to hacking conferences) they use a forensically wiped machine with a bone stock image of whatever OS, set up what they need in the U.S., and then wipe and re-image before coming back over the border. Now looks like we might to run with flash drives that will wipe drives on boot. I would never take an electronic device to the US. Even though it's been found to be illegal to copy devices, I'd bet they do it anyhow. https://www.npr.org/2019/05/02/71933735 ... ic-devices

Author:	Tricks [ Thu May 14, 2020 10:41 am ]
Post subject:	Re: Re:
DrCaleb DrCaleb: Laptops at my work are encrypted from boot up. No password, no boot. Still recoverable? At the border, yeah. They can force you to input your password and unlock it or deny you entrance into the country. $1: I would never take an electronic device to the US. Even though it's been found to be illegal to copy devices, I'd bet they do it anyhow. https://www.npr.org/2019/05/02/71933735 ... ic-devices We don't really have a choice when travelling to a hacking conference. It's kind of necessary to have a system there.

Author:	DrCaleb [ Thu May 14, 2020 10:49 am ]
Post subject:	Re: Re:
Tricks Tricks: DrCaleb DrCaleb: Laptops at my work are encrypted from boot up. No password, no boot. Still recoverable? At the border, yeah. They can force you to input your password and unlock it or deny you entrance into the country. Which is why I'd never take a device there. I'd also put my cache on a ramdrive or in /proc somewhere. Right now using a read-only virtual image is my go-to. If you haven't tried Oracle Virtualbox, I recommend it. (even though its from Oracle) Tricks Tricks: $1: I would never take an electronic device to the US. Even though it's been found to be illegal to copy devices, I'd bet they do it anyhow. https://www.npr.org/2019/05/02/71933735 ... ic-devices We don't really have a choice when travelling to a hacking conference. It's kind of necessary to have a system there. I've often wondered if you could courier it to your hotel, or use Dropbox for the data that isn't standard image.

Author:	Tricks [ Thu May 14, 2020 10:58 am ]
Post subject:	Re: Re:
DrCaleb DrCaleb: Which is why I'd never take a device there. I'd also put my cache on a ramdrive or in /proc somewhere. Right now using a read-only virtual image is my go-to. If you haven't tried Oracle Virtualbox, I recommend it. (even though its from Oracle) ramdrive might help, putting it anywhere on long term storage won't. Because OS's are stupid, they don't properly over write deleted data, they just delete the links to it. So the hex values can be recovered an dumped back into full functional files. Read only image could work, but again, while doing stuff like CTF events, we're having to often install/grab software on the fly. $1: I've often wondered if you could courier it to your hotel, or use Dropbox for the data that isn't standard image. I'd just have a vpn credential to a home server to grab software needed. Veracrypt a flash drive with a duress partition if forced to unlock it. Might be able to do that with a full system drive, I've never tried to run a full system veracrypt with a normal and duress partition, both running an OS. Might give that a shot now.

Author:	DrCaleb [ Thu May 14, 2020 11:10 am ]
Post subject:	Re: Re:
Tricks Tricks: Because OS's are stupid, they don't properly over write deleted data, they just delete the links to it. So the hex values can be recovered an dumped back into full functional files. Read only image could work, but again, while doing stuff like CTF events, we're having to often install/grab software on the fly. OS's always have done that. I remember writing ROM BIOS routines to find the 'deleted' file chains and restore them, back in the 80s. Trivial code. Much faster to delete the FAT entry and let it get overwritten naturally rather than scrub it. Tricks Tricks: $1: I've often wondered if you could courier it to your hotel, or use Dropbox for the data that isn't standard image. I'd just have a vpn credential to a home server to grab software needed. Veracrypt a flash drive with a duress partition if forced to unlock it. Might be able to do that with a full system drive, I've never tried to run a full system veracrypt with a normal and duress partition, both running an OS. Might give that a shot now. I always have some sort of VPN back into my NAS at least, for when there is something I need when I'm not at home. It's saved me hours of time more than once. That's also why I suggest a virtual image. Easy to store in free cloud storage (IBM offers the largest, 20GB IIRC) and you can use freely downloadable software to run the image from a standard build machine.

Author:	xerxes [ Thu May 14, 2020 12:07 pm ]
Post subject:	Re: Limits on FBI access to search histories fails by one Senate
Now I’ll just wait for the Gadsden Flag, gun waving crowd to go protest this...

Author:	Tricks [ Thu May 14, 2020 1:29 pm ]
Post subject:	Re: Re:
DrCaleb DrCaleb: OS's always have done that. I remember writing ROM BIOS routines to find the 'deleted' file chains and restore them, back in the 80s. Trivial code. Much faster to delete the FAT entry and let it get overwritten naturally rather than scrub it. Right, the problem is with older drives, they were small, and it would get re-written relatively easily. For your average user, they may never write 1 tb worth of data to their drive, and the system won't re-write over deleted content until it reaches the end of the drive. Makes forensics easy. $1: I always have some sort of VPN back into my NAS at least, for when there is something I need when I'm not at home. It's saved me hours of time more than once. That's also why I suggest a virtual image. Easy to store in free cloud storage (IBM offers the largest, 20GB IIRC) and you can use freely downloadable software to run the image from a standard build machine. Except now you're trusting IBM. I'd rather just build one.

Author:	Martin15 [ Fri May 15, 2020 9:38 am ]
Post subject:	Re: Limits on FBI access to search histories fails by one Senate
Oh thank you Bernie Sanders for defending the 4th Amendment privacy rights BY VOTING..... oh wait. Controlled Opposition, paid in full. No refunds, bitches.

Author:	Tricks [ Fri May 15, 2020 10:06 am ]
Post subject:	Re: Limits on FBI access to search histories fails by one Senate
Martin15 Martin15: Oh thank you Bernie Sanders for defending the 4th Amendment privacy rights BY VOTING..... oh wait. Controlled Opposition, paid in full. No refunds, bitches. Ah yes, the majority of Republicans voted the wrong way, but it's Bernie's fault. One guy should be the one who is responsible for this failing, and not all the pieces of garbage who voted to not ban this.

Page 1 of 1	All times are UTC - 8 hours [ DST ]
Powered by phpBB ©

Author:	Scape [ Fri May 15, 2020 1:23 pm ]
Post subject:	Re: Limits on FBI access to search histories fails by one Senate
Martin15 Martin15: Oh thank you Bernie Sanders for defending the 4th Amendment privacy rights BY VOTING..... oh wait. Controlled Opposition, paid in full. No refunds, bitches. He was afk but has some 'splaining to do: Kyle makes a great point thou. The vote is called in advance and even if the 4 who didn't vote did there was a 100% chance that enough of people who did vote against would have flipped creating the same result. It's creepy, it's crazy and it is exactly the reason why so many people have unplugged from the whole process.