Locking your information down

Well here in about a week or two the rig I am on will be leaving Dubai and headed back over to Saudi Arabia. It has been about three years since I have been in there. It was a little more easing going but with the protesting and stuff right next door they have got where they dig a little more into your stuff and personal info. And I have seen the go as far to fine a guy for bring "p00rn" into the country and it was a picture of him and his wife in bathing suit on the beach.

Any ways, I am thinking about locking all my stuff down before I leave. I know my CF-19 has the TPM chip but I have never used it on any toughbook.

Also I have cryptainer blowfish protected vault program(not installed) and the one I use a lot is neocrypt portable. I have heard a recommendation for a black armor portable hard drive as they can be set up to delete everything after 3 incorrect passwords.

What would guys recommend?

I use to use the neocrypt and since it was portable if you click on a picture or anything else it just says the file is corrupt. Then I dropped that into a 448 bit blowfish encrypted vault.

 

Are you familiar with the Ironkey USB memory key? This is the only one the government has approved for carrying classified info around. You might want to investigate their "Personal" line of 1-16GB capacity. All are encrypted, self destruct after 10 incorrect password attempts or any attempt to penetrate its metal case. As a bonus, they have secure web surfing through their own TORR network, an excellent password manager, built in Firefox browser and other special features. More expensive than most USB keys but definitely the best. Throw it in your luggage and let the security people at the airport do anything they want with your totally clean laptop:
www.ironkey.com

 

I will have to look it over. Thanks for the link. I don't really have that much on there, but I still don't like the idea of them digging. They have some kind of "rock" chip they use too. I have messed them up before by taking a few pictures and then just changing the jpg to txt.

As far as the browser goes I am close to that. I am using firefox portable, with ultra surf integrated into it.

 

I just started importing this product, basically an external hard drive enclosure with PIN pad, about size of iPhone, USB 3.0, 256 bit level encryption, just pop in a 2.5" SATA drive, enter your pin on the touchpad to unlock your data. This thing rocks, I have yet to see anything like it. There is no noticeable difference in performance like many software encryption solutions...

External Hard drive Enclosure Security Encryption DATA PROTECTION MAC PC USB 3.0 | eBay

Peace

 

Ok,you could use cryptography and passwords,but they will know that you "hide" something and they may force you to reveal the password or to talk about the data in case of "self-nuked" hds/usb keys..
Steganography may be of help,it's detectable but I don't think they deploy IT experts or they use anti-steganographic tools in standard control procedures..
You could also try to encrypt with truecrypt etc the single files (not the entire o.s.) and move them in the belly of the file system among other non-sensitive files,hoping that they will be too lazy to check every file...

 

can they make you open an encrypted file???? I mean, unless you are suspected of being a spy or terrorist, would they put you through such stringent checks/

Maybe I"m just too used to the Constitution.....

and Techtuff: that's hot!

 

techstuff, the enclosure you import seems to be the Satechi Lockdown. But seems to me like your eBay one has no brand at all. And Amazon has it for $75 only..

 

Yep, they can do pretty much what they want over here. I do like the policy on drugs though. You sign a paper before you can get in stating you understand if you are caught smuggling or having drugs you are put to death, no trial.

They don't look very often but they do, do spot checks from time to time. That is why I liked to use the portable app to encrypt first then put it into my vault. The portable program leaves no traces. open the file and it says it's corrupt. I have used truecrypt before but liked the cryptainer program better.

 

Yeah they are hardcore we used to do mail runs in Qatar. Someone tried to sneak Pr0nZ in a innocent movie case and they caught it.


Sent from my iPhone using Tapatalk

 

In all UAE contries it is even forbidden to take a christian cross or bible with you when you enter their countries.

 

Ador, isnt it much easier to just upload your "Sensitive" data to the internets, and when you are home simply download it ? Or is it a huge lump of data and lack of time that prevents you to upload it ?

 

Well I don't have a ton of data. Just have stuff I like to keep with me and hate people poking around in it. I keep a few things in my email like ultra surf if I need it and all the site to download it are blocked. Bandwidth is our problem out here. We have the speed of a low to mid dsl connection and it is shared by about 8 office computers and about 40 personal laptops, ipod touchs, android tablets and phones.

 

You might want to check on the rules over here. If you go through an airport in the US entering from overseas, or cross the border in any way, Customs and Homeland Security have the right to force you to open up your computer and can demand any passwords. As a minimum they can confiscate your computer if you refuse. This has already cleared the courts, we needed to nullify the 4th Amendment to keep us safe! This madness has now been extended to include indefinite incarceration and rendition for US citizens.
CAP

 

Cap, I hadn't realized that....
Did you see the NADA 2012? it gives authority to the military to treat anyone, ANYONE, in the US as a terrorist for any reason at all. The military can seize you without due process and hold you indefinitely.Not just on fed property; anywhere.

God bless all of you doing the thankless jobs of police, fire, rescue, and military. They are dangerous jobs and I thank you for doing them.
That been said,
people should not fear their government, a government should fear its people...

anyone willing to trade a little bit of freedom for a little bit of protection deserves none of either.

 

The most recent Defense Authorization Act is the exact document I was referring to. I have a niece who is a counter-terrorism expert working at the Pentagon. Her response to my discussion of the new law was "I know things you don't know". My response to her was "you don't know anything that justifies the nullification of the 4th Amendment".
CAP

 

Another good reason for a small USB key like the Ironkey -- they can't force you to open what they don't know you have. It's so small -- and frankly, they are used to seeing its user being a US govt. type, so they usually overlook it.

 

Cap:
any written law (or code) in conflict with the constitution is null and void, as though it never existed.

However, one of the first things taught in law school is not right vs wrong. it's if you have the time and resources to prove who's right and who's wrong.

I love my country.I just hate the a55 wholes running it.

 

FWIW, here's what I do to protect the sensitive information I carry. (I used to travel quite a bit - thought not to the Middle East, and carry sensitive material.)

I use an Ironkey as a backup of my user data. I think it is a great product. If you search the Internet you probably can find the case a couple of years ago of a bunch of other, so-called secure USB sticks that were exposed as providing no security at all.

For my laptop, I installed a self-encrypting drive. They're made by both Seagate and HGST, I believe. (I use a Seagate model; it has been around the longest.) I believe Samsung has announced a self-encrypting SSD, if you're so inclined. In addition to the drive, you need to get a software package to manage it. Wave Systems, WinMagic and others offer products to do this. This is probably a bit more than you're interested in, but if you want a system that is infeasible to crack, the SEDs are the best choice. Nobody is going to get data off that drive unless you give them the password - or you use such a weak password that it can be guessed.

If I have to share data on a non-secure USB device, I use 7-Zip to encrypt it, being careful to select the encrypt file names option. That's pretty secure against most threats, though an NSA-IAD person once told me that all software encryption products "have issues" - but would not explain what that meant, exactly.

Good luck,
Dave

 

That's likely for closed source encryption programs (aka backdoors) and methods,but do open source programs have these "issues" too? What about AES 256bit algoritm?

 

The Ironkey uses Automatic AES 256 CBC-mode encryption. Here's a link that describes its' features in more detail:

https://www.ironkey.com/compare-features

You probably want the "Personal" model as opposed to the "Basic" (less features and can't be updated) or "Enterprise" models (designed for a large number of users with an IT dept. to manage them). They also make them with two types of memory - the D200 and S200. D200 is cheaper and slower while the S200 is faster, longer life expectancy but more expenive. They will be introducing the 300 series sometime this year but haven't leaked a feature list yet. None of them work with Mac's. Seldom discounted - Amazon is about as good a source as any. Sometimes you can find a used one on eBay but be sure it is really the model you want and includes the unlocking key. Hope this helps.
Brian

 

It's not the algorithm that makes the difference, usually. It's the method for protecting the secrets, the pass phrases and keys. AES-256 should be good to mid-century.

Dave

 

Ironkey is use is really nice. Physically strong, good encoding, afaik good protection for the key etc. it's not cheap, but it seems to me one of the safest options.