5 Jul 2017

                    Securing Your Hard Drive 

Being able to browse anonymously is one thing. However, you may choose to download and save sensitive content or material to your computer which you wish to keep private. This may include reading sensitive documents, viewing pictures, or storing any kind of sensitive data.
 
If you save *anything* to your computer's harddrive, then it is possible for someone who has confiscated your computer to determine what it was you saved. This is often true even if you delete the content. For example, suppose I use the Tor Browser and I navigate to a website containing a sensitive document that I wish to read. If I saved that document somewhere on my harddrive, then it is possible for someone else to find it. If I *delete* that document, it may still be possible for someone to undelete it.
 
Further, even if I never save it to my harddrive but I simply look at it using my word processing software, it may still be saved in a number of ways including:
 
1. Often programs keep records of filenames. The filename alone is often enough to incriminate someone.
 
2. Often programs keep parts of the content viewed saved for various reasons, such as for searching. This can include random excerpts of text, thumbnails of images, and more. Often this "partial" data is more than enough to prove what the original data was. Often  the "partial" data is itself incriminating.
 
3. Sometimes, especially if you are running low on system memory, your operating system may choose to use your hard-disk as a temporary RAM. This is known as "SWAP". Normally, whenever you turn off your computer, whatever was in RAM is deleted. However, the data that goes to your SWAP may persist and it may be possible for someone to see what content you had open in your programs if that information is saved in RAM.
 
Generally speaking, you *must* have a plan to secure any content that is saved to your hard disk. Therefore, this guide would be incomplete if we did not thoroughly address this. First, there are two kinds of such content:
 
1. Deliberately saved content.
2. Inadvertently saved content.
 
Deliberately saved content refers to content that you have chosen to save on your harddisk so that you can access this content later. We will
address how to do this later in the guide.
 
Inadvertently saved content refers to content that is saved by programs you use, or your operating system. You have no way to even know what this content might be. Therefore, this is the most dangerous. You may browse and find a dozen sensitive documents, utterly delete them, and some program may have saved the file names and excerpts of the data. This will render your previous efforts futile.
 
Content that is inadvertently saved to your harddisk comes in two flavors:
 
1. Content that is saved to your SWAP space.
 
2. Content that is saved by applications running on your computer, including your operating system.
 
The surest way to prevent content from writing to your SWAP space is to disable your SWAP space altogether. This may result in your computer
running a bit slower than normal, and may mean that you cannot use ram intensive games and applications during the time your SWAP is disabled.
 
Therefore, if you use this method, simply turn back on the SWAP when you want to use those ram intensive applications. Also, you may choose not
to take this step.
 
 
1 - Here is how to disable your swap space if you are using Windows 7:
 
*** ADVANCED INSTRUCTIONS BELOW. SKIP THIS IF YOU ARE NOVICE OR UNCOMFORTABLE WITH THIS OPERATION ***
 
*This step is recommended for advanced users only. If you are not comfortable doing this, you may safely skip this step.*
 
Instructions are less verbose than usual, as these steps are intended for advanced users only. If you do not fully understand these instructions, skip this step.
 
1. From Control Panel, go to "System and Security".
 
2. Click on "System", and then choose "Advanced system settings" in the left-most menu.
 
3. Under the "Advanced" tab, under "Performance", click "Settings".
 
4. Under this "Advanced" tab, under "Virtual Memory", click "Change".
 
5. Uncheck "Automatically manage paging file sizes for all drives".
 
6. Select "No paging file".
 
7. Save, reboot, and follow these same first 5 steps to confirm that "No paging file" is still selected. This means that you have successfully disabled your swap. This means that *nothing* from RAM will be inadvertently saved to your harddrive.
 
To resume using SWAP again, simply click "Automatically manage paging file size for all drives." You can switch between these two modes as you desire.
 
Generally speaking, your computer will run fine without a swap file, provided you have enough RAM.

No comments: