Guide To Computer Security (2022): Difference between revisions
Line 94: | Line 94: | ||
Volume encryption creates a file on your disk that functions as a virtual drive. These virtual drives have the same functionality as a physical drive. Using volume encryption allows you to encrypt only a portion of your disk, instead of encrypting the whole drive. | Volume encryption creates a file on your disk that functions as a virtual drive. These virtual drives have the same functionality as a physical drive. Using volume encryption allows you to encrypt only a portion of your disk, instead of encrypting the whole drive. | ||
A major benefit of volume encryption for activists is the ability to create hidden volumes. Hidden volumes are created within the free space of a standard volume. Due to the way they're created, they are | A major benefit of volume encryption for activists is the ability to create hidden volumes. Hidden volumes are created within the free space of a standard volume. Due to the way they're created, they are extremely difficult to detect. This provides excellent plausible deniability; you can hand over a key to the main volume and still nobody can prove that there is a second hidden volume containing the data that you really wish to keep private. | ||
VeraCrypt has a feature allowing users to run an operating system from within a hidden container, reducing the risk of data leakage from improper operating system configuration. | VeraCrypt has a feature allowing users to run an operating system from within a hidden container, reducing the risk of data leakage from improper operating system configuration. |
Revision as of 14:15, 11 December 2021
The original Guide to Computer Security was produced by the Newgon Support Team after consultation with the Newgon forum community in 2008. It explained how you could protect data stored on your hard drive and stay anonymous on the internet. The guide may be of interest to people who wish to protect their anonymity and data from adversaries. This page represents an updated version currently under development.
Operating Systems
Windows 10
As of December 2021, Windows 10 is the world's most popular operating system. Although extremely convenient, it is widely considered to be a very poor choice for data security and privacy.
Multiple guides exist online describing how to reduce the risk posed by using Windows 10. However, it is inherently insecure and best avoided for anyone who is concerned about the leakage of sensitive information.
Windows 7
Windows 7 is no longer supported by Microsoft; as such, known security issues are unlikely to be patched barring exceptional circumstances. Usage of the Internet Explorer browser is not recommended.
There are a number of settings that should be changed in order to improve user privacy.
Indexing Service
The indexing service provides a book-like index of all files stored on any drive for which it is enabled. It enables faster searches of drives and folders. However, names of all indexed files and some of their contents will be stored in plain-text on the drive on which Windows is installed, even if those files are encrypted.
To turn off the indexing service:
Control Panel -> Programs -> Turn Windows features on or off. Deselect 'Indexing Service'.
Recent Items
By default, Windows 7 stores a list of recently opened items. To disable this, right click on Start, select 'Properties', select the 'Start Menu' tab, then uncheck 'Store and display recently opened programs in the Start menu' and 'Store and display recently opened items in the Start menu and the taskbar'.
System Restore
Windows 7 is normally configured to automatically backup system files and personal documents. This can be disabled via Control Panel -> System -> System Protection. Make sure it is turned off for all disks.
Swap File
Windows 7 uses a swap file in which it temporarily stores data from RAM on the disk in order to conserve RAM usage. This is unnecessary for most modern computers, and it is a security issue because almost any data could theoretically be written to the disk, including encryption keys.
To disable, System -> Advanced System Settings -> under performance, click 'Settings' -> Advanced tab -> under Virtual Memory, click 'Change' -> set 'No paging file' for all drives.
Hibernation
The hibernation feature of Windows 7 stores data from your current session to your hard drive and puts your computer in a very low power state. This has similar security implications to the swap file.
To disable hibernation: Start -> Type 'run' -> Type 'cmd' -> type 'powercfg -h off'.
Thumbnail cache
Windows 7 stores thumbnails in a central cache on the drive on which Windows is installed. Thumbnails of encrypted images will also be stored in this central cache when the folder in which the images are located is accessed.
Built-in methods and softwarefor disabling the cache exist, but there are reports of these solutions not working perfectly. People living in particularly oppressive regimes should consider wiping their thumbnail cache regularly.
Telemetry
Windows 7 sends data about your computer usage to Microsoft. The relevant 'features', designed for Windows 10, were introduced to Windows 7 via Windows Updates.
The following updates should be uninstalled if present:
- KB3068708
- KB3022345
- KB3075249
- KB3080149
Linux
Live CDs
Data Protection
Encryption
Encrypting files renders the data within them unintelligible. While Microsoft, hard drive manufacturers and other companies offer free encryption tools, these cannot be trusted in the event of a highly motivated adversary.
Recommended Programs
The following programs can probably be trusted to protect against the vast majority of adversaries, assuming that their settings are configured correctly and the operating system has been appropriately secured.
VeraCrypt
VeraCrypt is a fork of TrueCrypt, a program whose development is alleged by many to have been shut down by the US government. VeraCrypt is widely considered to provide the highest level of security of any free program. Donations to the project would always be welcome.
BestCrypt
BestCrypt is a paid encryption product with similar functionality to VeraCrypt. It can be purchased along with highly effective data erasure software. Although expensive, it is a long established and very well trusted product.
Encryption Options
There are two main methods of encryption that are still relevant in 2022.
Whole Disk Encryption
Encrypting the entire disk renders all contents unreadable unless a password is provided. If you do not require plausible deniability and you do not care about giving the appearance of compliance, you can simply encrypt the entire disk and refuse to provide the password.
Volume Encryption
Volume encryption creates a file on your disk that functions as a virtual drive. These virtual drives have the same functionality as a physical drive. Using volume encryption allows you to encrypt only a portion of your disk, instead of encrypting the whole drive.
A major benefit of volume encryption for activists is the ability to create hidden volumes. Hidden volumes are created within the free space of a standard volume. Due to the way they're created, they are extremely difficult to detect. This provides excellent plausible deniability; you can hand over a key to the main volume and still nobody can prove that there is a second hidden volume containing the data that you really wish to keep private.
VeraCrypt has a feature allowing users to run an operating system from within a hidden container, reducing the risk of data leakage from improper operating system configuration.
Secure Erasure
Firewalls and Anti-Virus Protection
SSD Issues
Network Security
Proxies
Proxies are used to hide your true IP address from another server or client. Many proxies are insecure and not suitable for use by MAP activists. Use of a malicious or unfriendly proxy server can be more dangerous than a direct connection.
Web-based proxy servers
Web-based proxies are of very limited utility for the MAP activist community. They provide a minimal level of obfuscation suitable only for circumventing bans and geographic restrictions, and many will already be blocked from popular websites. The service operator has the ability to monitor users and may well comply with authorities wrongly targeting MAPs.
VPNs
Similar to web-based proxies, VPNs place users at risk of monitoring by the service provider and anyone to whom they choose to provide access. They have the same practical purpose as web-based proxies for the MAP community.