Securing Your Hard Drive
Being able to browse anonymously is one thing. However,
you may choose to download and save sensitive content or material to
your computer which you wish to keep private. This may include reading
sensitive documents, viewing pictures, or storing any kind of sensitive
data.
If you save *anything* to your computer's harddrive,
then it is possible for someone who has confiscated your computer to
determine what it was you saved. This is often true even if you delete
the content. For example, suppose I use the Tor Browser and I navigate
to a website containing a sensitive document that I wish to read. If I
saved that document somewhere on my harddrive, then it is possible for
someone else to find it. If I *delete* that document, it may still be
possible for someone to undelete it.
Further, even if I never save it to my harddrive but I
simply look at it using my word processing software, it may still be
saved in a number of ways including:
1. Often programs keep records of filenames. The filename alone is often enough to incriminate someone.
2. Often programs keep parts of the content viewed
saved for various reasons, such as for searching. This can include
random excerpts of text, thumbnails of images, and more. Often this
"partial" data is more than enough to prove what the original data was.
Often the "partial" data is itself incriminating.
3. Sometimes, especially if you are running low on
system memory, your operating system may choose to use your hard-disk as
a temporary RAM. This is known as "SWAP". Normally, whenever you turn
off your computer, whatever was in RAM is deleted. However, the data
that goes to your SWAP may persist and it may be possible for someone to
see what content you had open in your programs if that information is
saved in RAM.
Generally speaking, you *must* have a plan to secure
any content that is saved to your hard disk. Therefore, this guide would
be incomplete if we did not thoroughly address this. First, there are
two kinds of such content:
1. Deliberately saved content.
2. Inadvertently saved content.
Deliberately saved content refers to content that you
have chosen to save on your harddisk so that you can access this content
later. We will
address how to do this later in the guide.
Inadvertently saved content refers to content that is
saved by programs you use, or your operating system. You have no way to
even know what this content might be. Therefore, this is the most
dangerous. You may browse and find a dozen sensitive documents, utterly
delete them, and some program may have saved the file names and excerpts
of the data. This will render your previous efforts futile.
Content that is inadvertently saved to your harddisk comes in two flavors:
1. Content that is saved to your SWAP space.
2. Content that is saved by applications running on your computer, including your operating system.
The surest way to prevent content from writing to your
SWAP space is to disable your SWAP space altogether. This may result in
your computer
running a bit slower than normal, and may mean that you
cannot use ram intensive games and applications during the time your
SWAP is disabled.
Therefore, if you use this method, simply turn back on
the SWAP when you want to use those ram intensive applications. Also,
you may choose not
to take this step.
1 - Here is how to disable your swap space if you are using Windows 7:
*** ADVANCED INSTRUCTIONS BELOW. SKIP THIS IF YOU ARE NOVICE OR UNCOMFORTABLE WITH THIS OPERATION ***
*This step is recommended for advanced users only. If you are not comfortable doing this, you may safely skip this step.*
Instructions are less verbose than usual, as these
steps are intended for advanced users only. If you do not fully
understand these instructions, skip this step.
1. From Control Panel, go to "System and Security".
2. Click on "System", and then choose "Advanced system settings" in the left-most menu.
3. Under the "Advanced" tab, under "Performance", click "Settings".
4. Under this "Advanced" tab, under "Virtual Memory", click "Change".
5. Uncheck "Automatically manage paging file sizes for all drives".
6. Select "No paging file".
7. Save, reboot, and follow these same first 5 steps to
confirm that "No paging file" is still selected. This means that you
have successfully disabled your swap. This means that *nothing* from RAM
will be inadvertently saved to your harddrive.
To resume using SWAP again, simply click "Automatically
manage paging file size for all drives." You can switch between these
two modes as you desire.
No comments:
Post a Comment