Which Encryption software and cloud service do you use?

[travelling_man]

... Most countries could care less about porn or naked girls as long as they are over 18.  

 

Yes, and that is my point.  All asian girls look over 18 don't they.

 

"Personal" porn indicates you traveled for sex.  It will be entered in the computer.  You will be stopped every trip from that point on.

 

If you read my post, you will see that I am all for encryption and upload in encrypted form to another server ... that way encrypted files are NOT on your computer.

 

A good reference article dated April, 2015:  http://motherboard.vice.com/read/us-customs-is-required-to-seize-your-dick-pics-when-you-cross-the-border

[manarak]

Yes, and that is my point.  All asian girls look over 18 don't they.

 

"Personal" porn indicates you traveled for sex.  It will be entered in the computer.  You will be stopped every trip from that point on.

 

If you read my post, you will see that I am all for encryption and upload in encrypted form to another server ... that way encrypted files are NOT on your computer.

 

A good reference article dated April, 2015:  http://motherboard.vice.com/read/us-customs-is-required-to-seize-your-dick-pics-when-you-cross-the-border

 

the article is certainly an eye opener.

why do US citizens consent to being treated this way?

[travelling_man]

the article is certainly an eye opener.

why do US citizens consent to being treated this way?

 

It is worse for the UK citizens and some other countries .... as it is AGAINST THE LAW to refuse to give up your encryption password.

 

Unfortunately for us in the US, repeated cases challenging border-searches have failed.

[zerocool]

If it's photos you are worried about just get TrueCrypt and then make a container that will hold all of your files. It will create an encrypted container that you can then upload to a cloud server such as mega or something like that. Then use a program like eraser to wipe the original files and encrypted files from your computer.

 

This is a pretty safe way until you can retrieve back home.

[CyberPro]

the article is certainly an eye opener.

why do US citizens consent to being treated this way?

 

1. If one does not cooperate one may be obliged to spend time in a way not to one's liking: Interrogation, incarceration, etc. 

2. I've read about polls indicating that Americans would rather give up some rights if that makes them safer from terrorism. Some disagree with some of the rights that citizens are being asked to give up. 

 

If it's photos you are worried about just get TrueCrypt and then make a container that will hold all of your files. It will create an encrypted container that you can then upload to a cloud server such as mega or something like that. Then use a program like eraser to wipe the original files and encrypted files from your computer.

 

This is a pretty safe way until you can retrieve back home.

 

Excellent advice in my opinion. Just spent a little time researching what free/open source method to use for whole disk encryption on a laptop I'm about to send to a virtual assistant. I'm going to try VeraCrypt, a supported offshoot of TrueCrypt although TrueCrypt should also be a good choice. There's also a free version of PGP (Pretty Good Privacy) plus numerous paid solutions. 

[goodgambler]

1) For drive encryption Veracypt replaces TrueCrypt

 

http://lifehacker.com/five-best-file-encryption-tools-5677725/1685273934

 

Can create a hidden "dummy" drive which you can hand over to any spies, mafia, authorities

that ask to see your hidden drive (assuming they know you have one).

 

One password is for your real hidden drive the 2nd password is for the dummy hidden drive.

There is no way for them to know that they "dummy" drive is not in fact your "real" hidden drive

if done properly.

 

2) Mega give you free 50GB of storage with full encryption

 

3) For VPN I like www.NordVPN.com

 

4) If you are super paranoid you could also go with Tails instead of Windows and Tor

 

5) For offshore email Runbox or Neomailbox

 

6) For offshore domain hosting AnonymousDomain

 

Good luck!

[Touchagrey]

Not really understanding why using a VPN needs to be involved. A VPN hides the location of your computer (which is a hotel or condo in Thailand.) The other end of the connection (the cloud provider or your home computer) knows who is connecting because you have to login, although you can obfuscate a bit by signing up with a throwaway email address.

 

VPN also provides end to end encryption, but so do non VPN transfers, like SFTP or any cloud upload service (Google Drive, DropBox, etc.)

 

In the end all a VPN buys you is hiding the fact that you're on a Thailand connection. Probably not a big issue. Millions of other innocent uploaders using the same path every day.

 

If I was mega paranoid (Mr. Robot style) and wanted to transfer sexy photos back home, I would:

 

1. Boot my laptop to a live USB operating system, so that my computer hard drive is untouched.

 

2. Encrypt with any decent private/public key app. Leave the private key at home (that's what you use to decrypt.) Encrypt with the public key, which you travel with.

 

3. Encrypt directly from your camera USB card to the live USB OS drive. That way, nothing touches your hard disk.

 

3. Upload your encrypted files to your favorite cloud service or directly to your home computer... Doesn't much matter. Nor does a non-VPN internet connection matter. The files are encrypted. The connection is encrypted with SSL. The only trace is that you moved some data from Thailand into the cloud, but since you don't have the private encryption key in your possession, not even you can decrypt them until you get home and retrieve the private decryption key.

 

4. When you're finished, put the USB camera card and the Live USB OS stick into the microwave for a couple of minutes. Then throw the charred remains into Pattaya Bay. We're talking about $10-$20 worth of USB storage...small price. Pay your respects to a nearby Buddha image.

 

5. Travel home knowing that there's absolutely nothing on your computer for anyone to find. If customs discovers that you have a cloud drive account (you memorized the login and password, and never wrote it down...right?), they can torture you using sharks with lasers on their frickin' heads, but you still won't have the ability to decrypt the files. Only the 2048 bit private key, which is hidden at home can decrypt them, but you're still in the holding pen in customs, not at home (where you carefully hid the private decryption key in your neighbor's sewer pipe.)

 

This is the beauty of public/private key encryption. The key that locks (encrypts) is not the same as the key that unlocks (decrypts.) if you're not traveling with the unlock key (private), nothing on earth will enable you to decrypt.

 

But all this is overkill if you're not a customs target (terrorist, convicted pedophile, known smuggler, or felon.) Customs has bigger fish to fry than your sexy Thailand photos. A simple encryption and upload to any cloud service (they all use encrypted HTTPS connections) will be fine.

[Silver22]

Truecrypt and Veracrypt are good choices and are very secure. Truecrypt can only be used if you have an older version. I believe if you received the last update, it's pretty much shot. As for cloud backup, it's convenient but not secure. 

 

The securest way is to use encryption software that is open source and is "Trust No One". Open source means the code is available for people to examine. This ensures that the software has no "back doors" which means a way for someone to get in if they need to. Similar to how the hotel has a master key to your combination hotel safe. They don't need your password to get in. "Trust No One" means if you forget your password, there is no way to access your data. You can't call, give your secret phrase and have the company reset your password. They don't know it. Here is an example of a problem with non-"Trust No One" options: If you use Apples' iCloud, a rogue employee could access your files because Apple stores your password. 

 

I never put my private files online. I have an encrypted folder on my laptop for that. For back up, I have 2 fully encrypted USB external drives which I keep in different locations. That way, if someone steals my laptop or my external drives, they still have to break the encryption to gain access. I do use a password that is over 60 characters long that uses punctuations, numbers, and upper and lower case letters. Encryption is all about math.

 

Don't use passwords that can be derived through social engineering. Don't use words or numbers associated with your name, children's name, pet's name, birthdates, etc. Safest way is to make it random. There are ways to remember random passwords. For example, take a couple of sentences and use the first letter of each word in the sentence. Also capitalize the first letter in each sentence and add a period at the end of each sentence. Looks random but to you, it's not. If you think about it a little, there are tons of ways to come up with random passwords that you can remember. It's good practice. 

 

If you do choose to encrypt your files, I'd suggest encrypting only sensitive data. Or at least make a separate encrypted folder for non-sensitive data with a shorter password. The reason is that you don't want to be typing in a 60+ character password every time you turn on your computer. Use it just for the sensitive stuff. 

 

Another piece of interesting info. A criminal attorney friend told me that if you do send encrypted emails using GPG, for example, it's a red flag to the government. You won't get in trouble but it's noted. 

[Scumbag]

Not really understanding why using a VPN needs to be involved. A VPN hides the location of your computer (which is a hotel or condo in Thailand.) The other end of the connection (the cloud provider or your home computer) knows who is connecting because you have to login, although you can obfuscate a bit by signing up with a throwaway email address.

 

VPN also provides end to end encryption, but so do non VPN transfers, like SFTP or any cloud upload service (Google Drive, DropBox, etc.)

 

In the end all a VPN buys you is hiding the fact that you're on a Thailand connection. Probably not a big issue. Millions of other innocent uploaders using the same path every day.

 

It helps to understand what a VPN is. I know that many companies use it so that customers can hide behind an IP address. VPN is a way of connecting a remote computer to a LAN. This allows you to access resources on you home network. If your router is capable of it you can set up your own VPN and save your naughty photos to a hard-drive in your house from anywhere in the world.

[happy888]

It helps to understand what a VPN is. I know that many companies use it so that customers can hide behind an IP address. VPN is a way of connecting a remote computer to a LAN. This allows you to access resources on you home network. If your router is capable of it you can set up your own VPN and save your naughty photos to a hard-drive in your house from anywhere in the world.

Doesn't that mean that your Internet and computer is running at home while you're overseas?

 

Edit: typo change meet to mean

[Scumbag]

Doesn't that mean that your Internet and computer is running at home while you're overseas?

 

Edit: typo change meet to mean

Yes it does, but mine is always on anyway...

 

If you are concerned about that you can devise ways of having it turned on during certain hours.

[happy888]

Yes it does, but mine is always on anyway...

 

If you are concerned about that you can devise ways of having it turned on during certain hours.

Thanks for the tip.

[bhdsn]

For a cloud host, you want one that can guarantee "zero-knowlege" encryption, meaning they don't know your encryption key and they can't access your data.

A (relatively) popular one is SpiderOak https://spideroak.com/features/zero-knowledge

 

The thing about zero knowledge is if you ever forget your password, they can't send it to you because they don't know it. Your files would be lost forever

 

If you're keeping a local copy, I bet it would be enough to put it in an encrypted zip/rar/7z file and rename it to system_data123.data or something... No?

[singlemanstravel]

TrueCrypt is not one to use as the governments have backdoors into it, if you really want no one to find the data. That's why the devs abandoned it

 

can always use the free MEGA account and they give 50gb which is nice, create multiple email addresses and multiple mega accounts basically for unlimited storage space

[Scumbag]

TrueCrypt is not one to use as the governments have backdoors into it, if you really want no one to find the data. That's why the devs abandoned it

I don't thing that is correct. They stopped development of it as they decided it was time to move on. The reason why it is not recommended to use it is because any discovered weaknesses will not be patched. Veracrypt is built on Truecrypt.

[drifterrider]

I just carry about 10 128GB micro SD, cards,encrypt them with my laptop, and carry them in my money belt. Tucked in the money belt and you can't see or feel them...

[drifterrider]

TrueCrypt is not one to use as the governments have backdoors into it, if you really want no one to find the data. That's why the devs abandoned it

 

can always use the free MEGA account and they give 50gb which is nice, create multiple email addresses and multiple mega accounts basically for unlimited storage space

I use  PGP, older version, 256bit encryption .............

[drifterrider]

I also use TOR for all my internet connections so no trails.......................

[Woofiee]

I also use TOR for all my internet connections so no trails.......................

 

Um...hate to tell you this but...

 

Judge Confirms Carnegie Mellon Hacked Tor and Provided Info to FBI

 

 

[singlemanstravel]

I don't thing that is correct. They stopped development of it as they decided it was time to move on. The reason why it is not recommended to use it is because any discovered weaknesses will not be patched. Veracrypt is built on Truecrypt.

 

it is correct. look into their goodbye message, after years of being beacons of encryption they left saying "we quit now" and then go on to recommend Microsofts encryption that everyone knows to be horrible and the FBI, etc have direct access to.

 

there's more info in the goodbye message than most seem to understand. You have some teams that have forked off TrueCrypt, but using truecrypt is not safe anymore.

 

I would almost say with certainty that the TrueCrypt devs were chased down to who they were in real life and they were served with National Security Letters so they cant tell anyone they received these letters or they go to jail, but they can say its unsafe because X (in this case it was windows xp support) and they recommend everyone go and use BitLocker which is not safe at all. two and two together and you get an idea of what is going on without them actually speaking about it

[Scumbag]

I would almost say with certainty that the TrueCrypt devs were chased down to who they were in real life and they were served with National Security Letters so they cant tell anyone they received these letters or they go to jail...

Yes, conspiracy theories are more exiting than the mundane but the simple conclusions are often the correct ones (al la Occam's razor).

[Oukiva]

And beware any SSD or flash drives because you can't truly "delete" data.

"Erasing SSDs: Security is an issue"

http://www.techrepublic.com/article/erasing-ssds-security-is-an-issue/

No special Security issue on SSDs . You just don't "Erase" a SSD, but you "Reset" it. All constructors (that I know) provide a software to do so.

 

Exemple with explantations: https://www.kingston.com/en/community/articledetail/articleid/29539?Title=SSD%20Data%20Wiping%3A%20Sanitize%20or%20Secure%20Erase%20SSDs%3F

 

or again:

Fortunately it is possible to erase most SSDs, though this is closer to a “reset” than a wipe. The “ATA Secure Erase” command instructs the drive to flush all stored electrons, forcing the drive to “forget” all stored data. This command essentially resets all available blocks to the “erase” state, which is what TRIM uses for garbage collection purposes.

 

This command does not actually write anything to the drive. Instead it causes the SSD to apply a voltage spike to all available NAND in unison, resetting every available block of space in one operation. By doing this, you will use one whole program-erase cycle for your drive – a small dent in drive life, but still unnecessary unless you’re troubleshooting.

from http://www.makeuseof.com/tag/securely-erase-ssd-without-destroying/

[singlemanstravel]

Yes, conspiracy theories are more exiting than the mundane but the simple conclusions are often the correct ones (al la Occam's razor).

 

it's not a conspiracy theory when you look at what they recommended everyone change to. it's a blatant warning infact that most people understood and took notice of.

 

https://threatpost.com/of-truecrypt-and-warrant-canaries/106355/

 

the sudden closure is most definitely because signing keys were handed over to "someone" under duress 

 

https://yro.slashdot.org/story/14/06/01/1922248/the-sudden-policy-change-in-truecrypt-explained

[Woofiee]

Frankly, I'm not sure why people use cloud services...third-parties will always fuck you over.

Just get a cheap cloud-based NAS and leave it in your home safely. WD, La Cie and Segate have them, or grab an empty Synology DS216j, stick a hard disk in it and plug it into your network. If you can run Windows or Mac, you can set this thing up, and you can then connect directly to your own server and stash/retrieve your photos/videos/documents without any middlemen. If you worry about people peeking into your stuff, fork out a little change and make your own cloud. 

[oldtrees]

Um...hate to tell you this but...

 

Judge Confirms Carnegie Mellon Hacked Tor and Provided Info to FBI

 

 

 

Seems like scare tactics to put people off using TOR.

 

Afaik, in all cases when someone has been tracked down via TOR it's down to user error not the TOR system.