Adventures in Antiforensics
WIP
Platform Independant Methods
Data Destruction
Shredding
- HDD vs SSD
- Overwrite settings
- SSD lifespan
- HDD difficulty
- Zeroing
- Free space shredding
- Limitations
- File tips
- Vendor-specific data destruction
- bad sector remnants
- File tips
- Overwrite settings
Encrypted Data Nuking
- Encrypt data and to destory, shred the encryption headers and shutdown
Encryption
- Unencrypted data leaks
- Out of band data leaks
- Backup leaks
- Cloud leaks
- Out of band data leaks
Key Management
- Key creation
- Passphrases
- Password managers
- Where they are ok
- Where they are not
- Creating a passphrase manually
- physical paper
- +mind
- physical paper
- Weaknesses
- Third Party
- KDF or Hashing algo
- Breached passwords
- Guessable passwords
- Password managers
- Passphrases
- Key defence
- Key Durability
- Key protection
- Key leaks
Whole disk
- Robustness of crypto
- Investigate
- window
- linux
- Investigate
- virtual machines
- NO BITLOCKER
- NO BITLOCKER UPLOAD TO M$ JESUS FUCK
- Tooling
- shred encryption headers of disk and force shutdown
- force fork to background, clear, and exit
- linux
- something like
alias FORCEMETHEFUCKOFF='(setsid sudo bash /bin/KILLITWITHFIRE.sh && sudo shutdown now &); clear; exit'- where KILLITWITHFIRE.sh shreds the disks encryption headers with shred
- something like
- linux
- force fork to background, clear, and exit
- shred encryption headers of disk and force shutdown
Specific Data
- Unencrypted data leaks
- Unencrypted remnants
Symmetric
Assymetric
Internet Anonymity
Tor
- Settings
- Relays
- Tor browser
- Hardware identifiers
- Other leaks
- Internal to the os (bad)
- physical external to device (much better) for per-request tor hopping on a specific command/operation
- openwrt?
- kill switch
- sanity checks
- openwrt?