Just how safe are our computers and how effective is some of the various computer software available at protecting us from law enforcement ? I have recently been using the free encryption software truecript I encrypted my complete hard drive and was wondering gust how secure my system was .I also have the switchproxy firefox add on that I occasionally use .I get my proxy lists from proxy checker http://www.ip-adress.com/Proxy_Checker/ and have it set to change between 3 different elite proxys every 90 seconds . I was told this was the best way to cover my tracks if I was ever up to anything that may interest local law enforcement.

I strongly suspect that the various initialed agencies would not allow any software that they themselves can not defeat to become available to us citizens wanting our privacy though I feel I am safe from the local pigs .I am shore I am not the only one concerned with online privacy and would be interested to here from anyone that has experience in such matters.

The ISP can monitor any plaintext coming from or going to your computer..... That being said, proxies will only protect you if the website is the only organization watching you. Odds are, if they want to get you, they have a tap on your connection at the nearest ISP distribution center.

This can be more or less defeated by using an encrypted tunnel to a proxy server. However, you have to trust the proxy server owner, because they too can be monitoring you.

Regarding disc encryption: only use programs that are open source and use established encryption algorithms (such as PGP, TrueCrypt, and GPG).

From people I have talked with about this sort of thing and what I have read from all four corners of the known universe, the general consensus seems to be that Bruce Schneier is THE man to learn from about security issue of all kinds, including computer security.

You might find much useful information on his website (www.schneier.com) or from some of his books and blog.

Thanks FG exactly what I was looking for.
There is a lot of misinformation on this subject this seems to be the most up to date and accurate source .


Bruce Schneier aplied cryptography - e book torrent
http://thepiratebay.org/torrent/3530141/(eBook)_Bruce_Schneier_-_Applied_Cryptography__Second_Edition_-

Steganography is my favorite firm of encryption. http://www.google.com/search?q=steganography&ie=utf-8&oe=utf-8&aq=t&rls=com.ubuntu:en-US:official&client=firefox-a

Steganography only really helps you if it remains undetected, then it is just regular encryption. The fedgov developed tools to identify steganographically encrypted files on the Internet just after 9-11. There is, or was at one time, a tool you could download to analyze your computer to detect stego files. The scientists who published the tool and the research already developed the tool, but it became news after 9-11 because they said the terrorists were using it.

They actually scanned popular websites of the time, that being places like free website hosts, hotmail, ebay, and the tool found some stego files. Apparently there is a very limited amount of data that can be steganographically encrypted into a file before it becomes easily detectable.

I used steganography at the time to turn image files into the equivalent of zip files so I could store stuff on free webhosts. By 2000, just before the dot com bust, there were a ton of sites offering 1GB of space, but they all limited you to just jpgs and html files. This was the time of Napster's legal battles and the rise of the pirated mp3, and of course pirates had been using these freebie accounts for years, which is why the only thing you could stick online were basic websites.

Indeed the safest way to access the Internet is to piggyback on some wireless connection and surf anonymously. You will also need a clean machine just in case there is some evil software that likes to call home and talk about you, and let's face it, a lot of software does this nowadays (anyone use the latest Nero? All it does is scan your drives and call home. What in god's name is it doing?)

I see there are now special versions of Firefox that can be run in a "sanboxed" mode. These browsers have no cache, no usage data, and basically leave no trail once closed. Combine such a browser with the very cheap and very large capacity USB drives and you coud have a secure, encrypted, portable (disposable) computer.

You can run some operating systems from a USB drive, which might let you boot up even on a public computer (assuming you can set an external drive as a boot device in the BIOS). As a handy bonus a USB drive could be quickly destroyed, or hidden, if you feel a terrorist/fedgov attack is iminent.

I can store 16GB on a drive on my keychain, and connect this to a Palm pilot that fits in my pocket, that in turn can log into a wireless connection. Decent data storage, Internet connectivity, and pocket sized portability, and all this for only a few hundred bucks. If there is something you don't want "them" to know, you have to be proactive and take active countermeasures. They can't be everywhere, watch everything, and know all. They state is not god, as much as it wishes otherwise.

I can store 16GB on a drive on my keychain, and connect this to a Palm pilot that fits in my pocket, that in turn can log into a wireless connection.
Sir,
Connecting via wireless is not totally bulletproof. Wireless card of your computer, just as any ethernet device, has a MAC number embedded into it.

So if someone is after your ass (sorry for this expression), they may sniff the packages you are sending and get your network adaptor's MAC number. And if they get you and the device you are connecting through, they may compare and match the MAC numbers they have with those of yours.

What I suggest is learning how to use linux distributions. I must warn everybody, it's really a pain in the heinie to set up a (secure) linux computer.

For example, I'm using debian etch, with all drives encrypted with AES, and TOR provoxy duo for internet connectivity, to conceal my hobby activities, which may get me into trouble here.

I even have some computers with dual boot capabilities, one OS is regular M$ product (licensed) and other one is Debian on encrypted partitions. Encrypted partitions (including swap partition) cannot be accessed from regular and licensed M$ OS too, because they are well hidden and strongly encrypted.

In addition, despite the strong encryption speed and performance of linux OS is really impressive except for a few glitches. I even managed to get my embedded wireless adaptor working :)

Regards.

If ones wireless card has its MAC and serial in its firmware, some custom drivers kan allow you to change them.
Think about a script that generates a new MAC and every time you connect to a network.

Groovey little program I found a while back. It won't change the MAC address on your firmware, but will change what other computers see it as. Has a long list of random mac addresses, so there is no shortage to choose from.

TMAC (http://tmac.technitium.com/tmac/index.html)

Think about a script that generates a new MAC and every time you connect to a network.

In linux distros, there is a command line utility that changes MAC number of your network adaptor.

Name of this utility is called MACChanger (how a creative name isn't it :D). However it works like a charm.

Before connecting to the websites of questionable content, I'm changing MAC number of my wireless card and use it over TOR + Privoxy duo.

BTW, for those who hates (i.e. could not manage to install) linux distros, There are Win32 implementations of TOR and Privoxy too.

But the advantage a linux distro, if you create encrypted partitions (including swap), you almost create a black box, entrance of which, only you know.

With swap encrypted with a random key, you do not worry about the fragments of memory which may be analyzed by forensic scientists. If you bother to assign separate partitions for each functional folders (i.e. /var, /home, /tmp, etc.), you may even complicate the issue of forensic analysis much more.

Only non-encrypted partition is boot partition, which must remain non-encrypted for boot functions.

Regards.

Hmm, I suppose on could stick a copy of a virtual computer program (qemu, bochs, virtualpc, vmware etc) on a USB stick and then have multiple virtual HDD images on there as well. for changing the mac of my wired Ethernet under Linux I would just use ifconfig (it shipped with most Linux distributions). The default MAC (at least for wired) is IIRC a formatted number, and as long as proper data is set in the right fields it doesn't care about about the rest, and your MAC should not leave the Ethernet segment nor your not publicly route-able IP address (ie 192.168.x.x, 10.x.x.x etc) pass the local NAT box