Function Securely off a USB Key (dated)July 6, 2007 at 8:11 pm | Posted in Uncategorized | Leave a comment
You can also find this article as a “Part 2” on Traveling Forever, here as this was written as a continuation of an article posted here . So most of the credit goes to this guy, I’ve just added a ton more to it to ensure that you are anonymous and secure. So don’t be suprised if some of the things here are directly copied and pasted. Descriptions for Firefox exntensions mentioned are copied from their linked locations as well.
So whether you’re just a paranoid guy looking to not be monitored, or a kid at school trying to browse Myspace.. I have some tips.
We’ll be working with running everything from a USB key so no trace (or very little) of use of the application will be on your computer. Firefox and OpenOffice will leave a small registry key but it doesn’t convey much.
This How To has gotten pretty long. So for a quick summary, these are the things that i will be covering:
1. What is a Portable Application
2. How to setup encryption and password protect your USB Key
3. Run and tweak TorPark (Firefox + Tor routing app)
4, Run and tweak a portable Firefox
5. The best extensions for Firefox and Torpark
6. Howto get and use Portable Thunderbird with GPG Encryption
7. Howto get and use Portable GAIM
8. How to setup encryption through GAIM
9. How to use GAIM through Tor
10. How to run & encrypt uTorrent from the USB key
11. How to run OpenOffice from your USB key and tweak it for speed
12. How to use RealVNC to connect to your home compute
13. Use PStart as a launcher for your USB programs
14. Encrypt Files and Folders within TrueCrypt with Challenger
15. Run Skype from your USB key
16. Other USB applications you might find useful
17. Installing Tor Onion Routing to a Hard-drive
18. Generic proxy sites
20. Test your privacy and anonymity
First off, what is a portable application? They are software programs that are not required to be “installed” onto a computer’s permanent storage device to be executed, and can be stored on a removable storage such as a USB flash drive and used on multiple computers. Ideally it can be configured to read its configuration from the same location as the software. Portable applications come in a zip file. Contained in the zip file is their folder. There is NO installation process. The program runs from the folder itself without requirements of a Windows registry, without the requirements of putting DLL files in C:/Windows/Sytem32, without the need to create folders in your hidden folder C:/Documents and Settings/Username/Application Data (among other areas) MOST of the time. Occassionally some programs will leave a small footprint on a hard-drive, but we’ll address that. Portable Apps simply run from the files on the USB key and it knows the location of supporting files that Windows already has (such as codecs, fonts, and such).
First thing’s first. What good is it to have your data stored, or portable applications running from, a removable disc if someone who connects remotely can access that disc? What if you lose that disc? Everything must be encrypted.
First you want to make sure that at minimum you have at least a 512MB USB Drive (aka thumb drive, jump drive, etc). You’ll need at least 1 GB USB drive if you wish to do every single thing listed here.
We’re going to be using TrueCrypt to do this. Which you can download here:
What we’re about to do is create a file, and create a hidden “volume” (it’ll show up as another drive) in that file and we’re going to password protect it. Encryption is automatic, real-time (on-the-fly) and transparent. It provides two levels of plausible deniability, in case an adversary forces you to reveal the password. The first is b/c it’s a hidden volume(steganography), the 2nd is that no TrueCrypt volume can be identified (volumes cannot be distinguished from random data). The encryption algorithms it uses are as follows: AES-256, Blowfish (448-bit key), CAST5, Serpent, Triple DES, and Twofish.
You want to download this application and run the installer. Do not install it to it’s default location.
Install it to your USB drive. The program will run on every computer from the USB drive. Once installed click the “Create Volume” button. This will guide you through the creation of two volumes, one viewable and one hidden. The hidden one is impossible to prove existing, and thus, the software you will install next won’t exist to someone who steals your key. During creation of the viewable volume, you want to make sure that you have a little breathing room so the drive can still be used without TrueCrypt..and enough so that TrueCrypt can still exist on the disc outside of the hidden volume. When you go to create the hidden volume the data path needs to be to your USB drive of course. 5-10 MB free will be enough. So if you’re running a 512MB USB stick, make you’re viewable volume 500MB (the hidden volume will the the same size).
Make sure the passwords you create for the viewable and hidden volumes are different. The hidden volume password should be alpha-numeric, not contain any common words or names, and at minimum 12 character long. (Also make sure you remember them b/c if you forget them you’re screwed).
Back at the Truecrypt main menu. We are going to need to mount the hidden volume. So what you do is press the Select File Button, and select the file you used to create the volume. Click mount volume, put in your password for the hidden volume and be sure to check the protect hidden volume option if you plan on writing to the volume everyone can see. This prevents us from accidentally corrupting our hidden programs or files. TrueCrypt will mount your hidden volume as a drive letter.
If all of this wasn’t quite clear, I did post a “HowTo” install and setup TrueCrypt over at TalkingForever’s Forums. This HowTo will walk you through screenshots, step by step on how to create an encryption hidden volume on a USB key.
Starting with Portable Applications
And here’s where the fun begins.
Torpark is Firefox and the Tor Onion Routing Software Combined. To explain Onion routing, Tor helps to reduce the risks of both simple and sophisticated traffic analysis by distributing your transactions over several places on the Internet, so no single point can link you to your destination. The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you—and then periodically erasing your footprints. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several servers that cover your tracks so no observer at any single point can tell where the data came from or where it’s going.
Tor in itself requires a computer install, but not with Torpark. Note: the tor aspects of Torpark only work for this browser. For more info on how Tor works see:
Download TorPark here:
Extract the zip file to your newly created Hidden Volume. The hidden volume will show up as a 2nd local disc on your My Computer. Chances are the drive letter is Z: (but not always by anymeans). And that’s it. It’s installed.
Browsing through TorPark is signifigantly slower than a regular connection. Here you will have to decide what’s more important, speed, or staying anonymous. Unless you build and host a Tor server yourself, you can’t complain.
But alas there are hacks/tweaks to make TorPark run faster. (This can also be used on Portable Firefox as well).
First we’ll Kill the amount of RAM Firefox uses for it’s cache feature
Here’s how to fix it:
1. type “about:config” (no quotes) in the browser address bar
2. Find browser.sessionhistory.max_total_viewer
2. set it’s value to “0”
Increase the Speed in Which Firefox loads pages
1. stay in about:config
2. Alter the entries as follows:
Set “network.http.pipelining” to “true”
Set “network.http.proxy.pipelining” to “true”
Set “network.http.pipelining.maxrequests” to some number like 30 (this might piss off some website owners as it will request the page 30 times)
3. Lastly right-click anywhere and select New-> Integer. Name it “nglayout.initialpaint.delay” and set its value to “0”.
This value is the amount of time the browser waits before it acts on information it receives.
Kill RAM usage to 10mb when FF is minimized
This little about:config hack will drop Firefox’s/Torpark’s RAM usage down to 10 Mb when minimized
1. Open Firefox and go to the Address Bar. Type in about:config and then press Enter.
2. Right Click in the page and select New -> Boolean.
3. In the box that pops up enter config.trim_on_minimize. Press Enter.
4. Now select True and then press Enter.
5. Restart Firefox or Torpark.
Torpark Switch Proxy Extension
You may decide you don’t want 2 browsers on your USB key, but you don’t always want to use the Tor network to do your browsing due to speed. If this is the case install the Switch Proxy Extension and configure it.
(Note, this will undue Torpark’s default settings)
1. To Configure, install the extension, then restart TorPark.
2. A new toolbar has appeared.
3. Torpark already has a proxy configured.
4. Make sure the selected proxy says “None” and Hit Apply Now Torpark is no longer using Tor.
To set the option to turn Tor on:
1. So we’ll press Add
2.. Select “Standard” and “Next”
3.. Name it Tor and select “Manual Proxy Configuration”
4. Add the values 127.0.0.1 to the SOCKS Host and Port 81 (note, port 81 is just for Torpark. With a hard-drive install of Tor Firefox and Thunderbird will run through 8118.)
5. Socksv5 should be Selected
6. Hit Apply. Now Torpark is using Tor and you have the ability to switch back and forth.
(If you use Tor off the hard-drive and not just TorPark, the Switch Proxy extension can be used in Thunderbird to send e-mail as well. To download, you right click the install file and “Save As”, then in Thunderbird go to File –> Open. You’d configure it the same as the above.)
There’s a multitude of reasons you may not wish to use TorPark. And below is some reasons why:
1) Too slow and you value speed more than anonymous traffic
2) If you’re running applications through a hard-disk installed version of Tor (which you might decide to do with GAIM) you cannot run 2 Tor circuits simultaneously. You’d either have to run TorPark, or GAIM through Tor, but not both at the same time.
Download from here:
and do the same thing we did with TorPark. Unzip it to your hidden volume.
All firefox plugins work with both TorPark and Portable Firefox. You will have to install an instance of each, to use them on both. Or just install them on the browser you chose to use most often. I do recommend these extensions for ALL versions of Firefox (portable, tor, or not).
NoScript – (already included in TorPark) Disables all website Java script by default and allows you to whitelist the sites you chose.
Customize Google– This will allow you to block Google ads, anonymize your Google cookie ID, and it’ll stop you from sending traffic to google analytics.
AdBlock-(already included in TorPark) Websites call ads that are actually just hot link scripts, flash files, images from other sites. These have the potential to install spyware. Best to block them. Ad block allows you to right click and ad and get rid of it for good.
Adblock Filterset G.Update– This loads a filterlist of most internet ad sites out there. This saves alot of time compared to manually blocking ads. It also updates itself automatically.
CookieSafe– This extension will allow you to easily control cookie permissions. It will appear on your statusbar. Just click on the icon to allow, block, or temporarily allow the site to set cookies.
SafeHistory– Restricts the marking of visited links on the basis of the originating document, defending against web privacy attacks that remote sites can use to determine your browser history at other sites. A link on a.com pointing at b.com will only be marked visited if you previously visited the b.com page with a referrer in the domain of a.com. On-site links work normally. Checks cookie settings (allow, originating site only, deny) to determine your desired privacy level (segmented by origin, don’t mark links visited in offsite frames, or never mark links visited).
SafeCache– Segments the cache on the basis of the originating document, defending against web privacy attacks that remote sites can use to determine your browser history at other sites. For example, a b.com image appearing on an a.com page would have a separate cache entry from the same image appearing on a b.com page, so a.com cannot use timing techniques to determine if you have visited b.com before. Checks cookie settings (allow, originating site only, deny) to determine your desired privacy level (segmented cache, cache originating site only, or never cache).
ClamGlue (will only work if WinClam is installed on the hard-drive.) This plugin uses WinClam anti-virus to scan every file Firefox downloads for viruses.
Same process. Download, unzip, setup to connect to your mail server. When you want to send an email, use Portable Thunderbird w/ Enigmail & GPG. Secure and anonymous e-mail has been addressed much earlier than secure and anonymous web browsing. This means the technology for e-mail is more mature, and has been tested a whole lot longer. We know GPG encryption can be relied upon to make sure all of our email transmissions are at least as secure as sealed mail. It works by creating a public key and a private key. You give your public key to anyone you want to write to. They give you their public key, and you encrypt your email with the public key of the person you’re talking to. Your email is then only readable by the person you send it to. With plenty of anonymous emailers around to send our email through, we can also be reassured our communication is anonymous. In other words, we can say it’s technically impossible to prove an email was sent by us. This is a good thing.
First, place the PortableGaim directory on your hidden share. We must also install GAIM on the hard-drive first (the full version) in order to install GAIM encryption. Currently the GAIM encryption will not let you change the install location so we’ll have to move the plugin manually. ( FYI: Gaim-Encryption uses NSS to provide transparent RSA encryption as a Gaim plugin.)
1. Uncompress Portable Gaim into your hidden volume.(you may have already)
2. Download GAIM (the full version for Windows) and install it.
3. Download GAIM Encryption
4. Install Gaim Encryption on your hard-drive
5. Now it gets complex. We need to copy a series of files (about 20) from one location to another. Below is a list of the files that need to be copied from the install folder on your hard-drive, to the corresponding folder on your hidden volume. (If the folder isn’t there on the hidden volume, it needs to be created)
What a pain in the ass you say!?! Well i wrote a batch file to automate this. You’re welcome.
You MUST have your hidden volume mounted at Z:\ for this to work. and your Gaimportable directory needs to be directly in that volume. So.. Z:\Gaimportable should exist. Then right click and save this zip file, then extract it and run it.
If that file doesn’t work..Download it here, Right Click and Save As Once downloaded, right click and change the name. Change the extension from txt to bat. Double click to run it. and voila.
It copies these files and directories:
6. Load Gaim and go to Tools –> Plugins and you should have the option to set encryption (Don’t click it yet)
7. Uninstall Gaim and Gaim Encryption from your computer in Add/Remove programs. Delete any residual folders in Program Files. and now test to see if the encryption plugin loads and creates a key.
This ONLY works if you’re chatting with someone else using encryption. Good to note, that most simple packet sniffers that capture and translate AIM/Yahoo/MSN/Jabber traffic tend to read person to person conversations, not chat rooms. More sophisticated ones read both without a hitch. Encryption is meaningless in chatroom for AIM, MSN, and Yahoo. It simply does nothing.
If you want to have a secure connection that’s encrypted for a chat room, (this is great of business conferences across the web), GAIM can connect you to another client. SILC. It will automatically assign you a name and password and prompt you to accept or deny encryption keys. Of course the people you chat with, will to use SILC as well.
You’ll need to install Tor Bundle for Windows (on the hard-drive.. it’s not a portable application) and change the proxy for each account you’re chatting on to a SOCKS4 proxy.
1.Go to Create a new or Modify an existing account.
2.Select “Show More Options”. Here you can input proxy data.
3.Select Socksv4. You’ll want to use the term “localhost” (no quotes) as the proxy (this will access the tor circuit). The port you’d chat on would be 9050.
Download the standalone application here
uTorrent is the most lightweight bit torrent application i can find. Weighing in at 154kb (smaller than this tutorial). Beware though, you can route this through Tor if you have a hard-drive install, but otherwise it’s unencrypted. I also don’t recommend doing bit torrent through the Tor network. Tor’s network is slow enough as it is without people hogging it with bit torrent traffic. There’s also no SafePeer-like plugin like there is for Azureus. I’m currently working to find an alternative that will allow you to load blocklists of IP addresses to ensure the RIAA or MPAA isn’t tracking what files you’re leeching/seeding. (among other issues). So use at your own risk. You know, if you’re using it for illegal purposes. But you know, none of us would dare do that, would we?
If you could care less about if it’s a portable app, i’d say go with Azureus and get the Safepeer plugin.
Taken from here
More and more ISP’s are limiting throttling BitTorrent traffic on their networks. By throttling BitTorrent traffic the speed of BitTorrent downloads decrease, and high speed downloads are out of the question.
The list of ISP’s that limit BitTorrent traffic, or plan to do so is growing every day, and according to the BBC, the ‘bandwidth war’ has begun. Are you not sure if your traffic is being throttled Check the list of bad ISP’s.
But there is a solution. Encrypting your torrents will prevent throttling ISP’s from shaping your traffic. I will explain how to enable encryption in µtorrent.
1. Go to: Options > Preferences > Network
2. Go to ‘Protocol encryption’, you can choose between ‘enabled’ and ‘forced’. ‘Enabled’ will give you more connections but offers less protection against traffic shapers. I would recommend to try ‘enabled’ first, if that doesn’t increase your speeds you need to swich to ‘forced’.
3. Ticking ‘Allow legacy incoming connections’ allows non ecrypted clients to connect to you. This improves compatibility between clients but makes you more vulnerable to traffic shapers.
That’s it, your Bittorrent traffic is encrypted now.
I would recommend to tick this box, but if that doesn’t increase your speeds, untick it!
Portable Open Office and Abi Word
People tend to define their office software by the quality of the word processor more than anything. OpenOffice’s Writer just doesn’t add up, but the rest of the suite is more than suitable IMO. You can choose to go with or without Abi Word as Open Office does come with Writer, their word processor. I just prefer Abi Word over Writer myself.
I pick these apps, not only because they’re portable, but unlike MS Office (which isn’t portable) they don’t leave behind data showing who made the file, edits and changes that were done to the file over time, etc. MS Office has the ability to turn those features off, but it’s a pain in the ass.
Download and unzip just like all the rest.
OpenOffice tends to open up a bit slow. Once extracted to the hidden volume you can improve this by doing the following. Open any of OpenOffice’s apps (Writer, Calc, Impress, Draw, Base, Math) and do the following:
1. Go to Tools
2. Go to Options
3. Go to Memory
4. Change number of steps to 10.
5. Change “Use for Open Office” to 30.
6. Change “Memory per Object” to 7.
7. Change “Remove After Memory” to 0:00:05
8. Change Number of Objects to 10
9. Close the app.
VNC can allow us to do some nifty tricks as well, or you may just need it to aid in technical problems of another, but we’ll focus on hiding our network activity here.
- Download it here http://www.realvnc.com
- Install it (make sure to get the zip file, not the exe)
- And run vncviewer.exe
Now how to browse the web, chat, and e-mail from anywhere on your home computer:
1. You can install this on your home computer (this time install both the server and the viewer).
2. Password protect the server.
3. Make sure port 5900 is open on your firewall.
4. If you have a router, make sure your router forwards port 5900 to the private IP address of the machine you installed the VNC server on. (More than likely 192.168.x.x or 10.0.x.x)
5. Now mount your hidden volume on a computer at your place of business, education, a library, or a from friend/family’s house. Open VNCViewer, type the IPaddress and password to your home computer. Now you should be able to view the desktop of your home machine.. and use that to browse, chat, send e-mail. All traffic analyzing would see is that you’re passing ARP packets and bmp files on port 5900. You’re web activity on your home computer is untracable to the LAN you’re connected to.
So lets say you do something really stupid and you have extra senstive files you absolutely cannot have anyone have access to. Bank records, credit card records, files in regards to your business, etc.. and you leave your hidden volume mounted and walk away from your machine? These files are now exposed to a threat. Now, we wouldn’t ever want this situation happening. But it happens, and interested parties could take advantage of it.
This is where Challenger comes in. Download the app here.
1. Use 7-zip to extract the folders.
2. Place these folders in a folder on your hidden volume
3. The app is in the device folder and is named cha.exe
4. Type Berlin for the first word pass
5. Click Activate Phrase
6. Select A “Masterphrase” and click new. Then input your password. Do not forget it.
7. Then go to File > Settings.
8. Make sure all 3 on security are checked, and the drop downs are all 7-vsitr (NSA 7 Pass)
9. Hit Encrypt File or hit Folder-or-Drive
10. Select the folder or file(s) that you need protected.
What this will do is encrypt the files. The file extension will change to a *.cha file, and the original file will be deleted with 7 passes (garbage re-writes). When you go to unencypt the file, the encrypted file will also be deleted with 7 passes. Leave the files you need to absolutely protect as encrypted until you need to access them. If these files are that important, it’s a good idea to have a secure and encrypted backup of them somewhere as well.
The encryption behind Skype’s VoIP is amazing. So it’s rather great the folks over at U3P to make a portable version of the software. You can obtain the U3P file here
Download it, use a program like 7-Zip to extract it your to hidden volume and in the Skype/host directory is the Skype.exe.
These Portable Apps you may or may not need.
VLC Media Player
GIMP Image Editor
NVU HTML Editor
Notepad2 (open source Notepad with more functionality than MS’s notepad
Cyber Shredder (has NSA 7 Pass deletion method)
Angry IP Scanner
XAMPP: portable Apache, mySQL, PHP and phpMyAdmin
Microburner (CD burning app)
Locknote: create an encrypted note to yourself on the fly
I’ve created a zip file for download via rapid share, a torrent will be coming soon. The zip contains these portable applications.
- Crap Cleaner (you must run the RunCCleaner.bat to run the application)
- Foobar2000 Media Player
- GiveMeToo Packet Sniffer (easier than Ethereal, leaves a folder C:\GrabbedStuff for logs)
- Portable Ad-Aware
- Portable Spybot
- Portable Spyware Blaster (comes with VB and Java lib install files in case the app doesn’t work)
- Restoration (Restores files deleted by a normal Windows delete)
- utool (uninstalls apps, sees apps Add/Remove programs do not, light weight and speedy)
- Avast Antivirus (scaled down version, only finds about 50 major viruses)
- HiJackThis (advanced spyware removal)
- Process Monitor
- Putty (telnet and ssh client)
- SafeXP (make it easy to shut off system broadcasts and services)
- McAfee Stinger (scaled down version to remove viruses)
- Killbox (deletes files that windows won’t allow you to)
- Winpooch (monitors system folders for spyware)
and… we’re done for the Portable stuff. Now you have a USB key you can take around with you and open your TrueCrypt volumes anywhere and run this software anywhere with a heightened sense of security. Whether at school, a library, work, a family’s house.. your private business, stays private. Just don’t be cocky. There’s no such thing as being 100% secure, and 100% anonymous.
Common Sense Tips
1. Make sure you’re firewall is on, and make sure it’s configured well. Allowing through only the programs you need to allow through.
2. Get a registry or spyware monitor. Regmon is a good registry monitor. Winpooch is an excellent Registry and system file monitor and can prevent system changes (it can also hook WinClam anti-virus, and gives it real time active scanning ability.. which it doesn’t have).
3. If it’s a computer you use often, get some anti-spyware apps and some anti-virus apps if allowed and installed them on the hard-drive, run them at the very least weekly.
4. Try using the latest software and keeping up to date with security updates on a machine.
I’ve mentioned several times throughout the article, that there are advantages to having Tor run locally on the machine. You can download and install the application here:
You can also go this route of going through a proxy site. There’s hundreds of them. But be warned. Alot of websites also block these proxies. So don’t be suprised if you can’t post on your favorite message board with them. Also, it’s generally a bad idea to input a password into a site while browsing through one of these. As your cookies for the site are stored on their servers and all information you input can be extracted from their servers. Also, these should be used to get around web filters more than anything. Don’t expect them to keep you anonymous on your LAN, or on the servers of the pages you’re accessing. There are packet sniffers that can see where you’re going even through a web proxy
It should also be noted, that a proxy that will never go away is simply.. Google’s translate function. Take your favorite website and get Google to translate it to English. Google will then automatically act as a proxy for your activity on the site.
For the truly dedicated, this is also a route to take. To do anonymous web activity (i wouldn’t suggest this in a work place or a school..) Download this Live CD, burn the ISO as a bootable disc, boot your computer on it, and use this to access someone else’s WiFi network. All your Windows Portable apps will not work with this as this is a version of Linux with applications installed for you. You merely boot your computer off the cd and the operating system loads. When you’re done, eject the cd, boot your computer back up, and you’ll be back to normal with Windows and all. From their homepage:
kaos.theory’s Anonym.OS LiveCD is a bootable live cd based on OpenBSD that provides a hardened operating environment whereby all ingress traffic is denied and all egress traffic is automatically and transparently encrypted and/or anonymized.
It would be good to note that if you use a LiveCD such as this one coupled with your USB key for permanent storage of files you download, it ensures a much higher level of security. Since absolutely nothing gets written to the harddrive. AnonymOS isn’t by far the only LiveCD out there (you got Knoppix, Damn Small Linux, etc), but it’s by far the best in terms of security so far.
The easiest thing you can do to test your anonymity is to go to WhatismyIP.com and see if the IP showing up is yours or not.
After that you can check out services like:
AuditmyPC Privacy & Spyware Check
Here you can see if your machine is leaking any info.