Contributed by: /usr/share/bong Submitted: 04-19-2003
[Editor’s note: this faq is not the ultimate guide to computer security; it is merely a primer. Members should consult security websites and computer documentation for full information. There are shareware programs available that clean your computer automatically]
Occasionally, you may have to take your machine into a service technician. The problems could be software or hardware related. In either case, you probably have valuable and sensitive information on your hard drives, (and potentially incriminating evidence), and you may not be able to extract this info by yourself. So it is best to take precautions before leaving your computer with a savvy technician. There are many methods to hide or remove sensitive data; the following faq is merely a suggested set of procedures. Wiping your hard drive is the final (and ultimate) solution.
Things to try before taking your machine in:
- Run an anti-virus scan on it first (Make sure you have updated the virus definitions first). 9 times out of 10, you have a virus. Malicious virus code can attack critical files on your machine, rendering it useless. You should take precautions, like periodic backups, firewalls, and updating your virus program frequently.
- You may want to try re-installing the OS, and peripheral driver disks. Missing drivers are a common source of problems.
- If your machines OS is corrupted and wont load on Safe Mode, you may have to enter DOS and hunt down and your critical files the hard way.
Daily maintenance:
*Remember to backup weekly critical personal files (like passwords, PGP keys, and email addresses).
Wipe our browsing habits
We need to first clear out any incriminating caches that are on our system. Most of you probably run Internet Explorer, so you’d go to Tools and to Internet Options. Clear your history and especially your temporary Internet files.
- Clear our documents list Start> Settings > Taskbar & Start Menu > [Start menu Programs] tab > Documents menu > Clear > Ok
- Clear our temp files and History:
(IE): Tools ->Internet Options>Temporary Internet files>Delete files (Clear history button too)
Other browsers should have options in some sort of drop-down box about clearing your Internet history, Internet files (cache) and cookies.
Preparing the machine for service:Step 1: Wipe your browsing files (re: above)
This is just in case the technician decides to access the Internet with your machine (ex. to search for new drivers/patches, etc). You should also backup and remove questionable Favorites links.Step 1a: Hide your Links
Explorer does a poor job of backing up its Favorites (Stored browsing links) , so you have to go in manually.
C: >Windows>Favorites> (Cut & Paste to floppy). Check your Favorites list to make sure this was done correctly, and your favorites list is removed.Step 2: Locate all of your questionable stuff
Find all your pictures (.jpg, .gif, etc), files (.htm, .html, .DOC, .txt, etc). (**Note: try to hide everything of illegal value from computer technicians. Warez, movies, mp3s, pictures, porn, etc.). You probably have these files stored in specific folders, but a few may be floating around, so I suggest doing a drive-wide search:
- Start>find>Files or Folders>Named: *.jpg (or *.mp3, etc) Use wildcard file extensions to run your comprehensive search.
or
>Start>find>Files or Folders>Containing text: (etc)
Remember to find/store and remove any sensitive stored email messages (Outlook, etc) on the hard disk.
(Optional)
Step 3a: (optional) Put everything into one folder.
You could also zip these files to reduce their size.Step 3b: (optional) Encrypt this super file
The recommend “bcrypt”. You can download it from http://bcrypt.sourceforge.net - it’s absolutely free! It uses Blowfish 448-bit encryption and has a pass phrase length of 8 to 56 characters.
The Windows version should be similar to the Linux version. It is controlled via the command line.
>bcrypt -s100 pictures.zip e-mails.zip movies.zip warez.zip porn.zip stash.bfe
(The command merges our 5 zip files into one file, stash.bfe. the -s100 means the input files are overwritten by random data 100 times.)>type your passphrase
>retype it (That’s it! Encrypted to 448-bits!)to decrypt it, you would type:
>bcrypt stash.bfe>type your passphrase
Step 4: Burn your files to CD (or other removable media)
An encrypted backup of your files on removable media is a good idea. Keep it stashed and unlabelled. Keep the password in your head.Step 5: Remove your browsing tracks
>Clear your recycle Bin (This does not remove the files. It merely allows the hard drive to overwrite them later on).
Technicians can easily find Last Modified Files/Folders to check previous disk activity:>Start>Find Files or Folders>[Advanced tab]>of type> folders (All files, Folders, Internet Shortcuts, JPEG, WinZip file, Microsoft HTML Document 5.0,Microsoft Word Document, etc). Click on Modified to sort the list into the most recently modified.
The ultimate solution: Wipe your hard drive
If you are unable to locate, copy or remove sensitive files, it might be best to simply wipe the drive to be safe. At this point, you might want o re-install the OS and try to fix the problem yourself.
Read my FAQ on wiping your drive http://www.overgrow.com/growfaq/1482
Or, you could shred your sensitive info. File shredders are free on the Internet. PGP’s FREE suite comes with a file shredder
Note: WinZip 9.0 has AES encryption, one of the most hardest to crack encryption out there. However, WinZip is shareware, and also closed-source, which means only the company has access to the source code of WinZip and their AES encryption. On the other hand, if it was open source, the source would be available to anyone to review and to audit how secure WinZip’s code is. WinZip is not free.
WinCrypt 2.0 has 256-bit AES encryption, a drag-and-drop interface, self-decryption option.